Microsoft Entra Verified ID network API
The Microsoft Entra Verified ID Network API enables you to search for published credentials in the Microsoft Entra Verified ID Network.
Note
The API is intended for developers comfortable with RESTful APIs.
The Microsoft Entra ID Verified Network API is served over HTTPS. All URLs referenced in the documentation have the following base: https://verifiedid.did.msidentity.com
.
The API is protected through Microsoft Entra ID and uses OAuth2 bearer tokens. The app registration needs to have the API Permission for Verifiable Credentials Service Admin
and then when acquiring the access token the app should use scope 6a8b4b39-c021-437c-b060-5a14a3fd65f3/full_access
.
This API is used to search for issuers available in the Microsoft Entra Verified ID Network. You can search for issuers by their linked domain name. The value supplied for the filter
parameter will be used to find issuers that have onboarded to Microsoft Entra Verified ID and have a verified linked domain. Currently you can only filter by linkeddomainurls
and with operator like
. There will be a maximum of 15 issuers in the response.
GET /v1.0/verifiableCredentialsNetwork/authorities?filter=linkeddomainurls%20like%20Woodgrove
Header | Value |
---|---|
Authorization | Bearer (token). Required |
Content-Type | application/json |
Parameter | value |
---|---|
filter | linkeddomainurls like Woodgrove |
HTTP/1.1 200 OK
Content-type: application/json
[
{
"id": "00aa00aa-bb11-cc22-dd33-44ee44ee44ee",
"tenantId": "aaaabbbb-0000-cccc-1111-dddd2222eeee",
"did": "did:web:bank.woodgrove.com...<SNIP>...",
"name": "WoodgroveBank",
"linkedDomainUrls": [
"https://bank.woodgrove.com/"
]
},
{
"id": "00aa00aa-bb11-cc22-dd33-44ee44ee44ee",
"tenantId": "bbbbcccc-1111-dddd-2222-eeee3333ffff",
"did": "did:web:woodgrove.com...<SNIP>...",
"name": "Woodgrove",
"linkedDomainUrls": [
"https://woodgrove.com/"
]
}
]
This API is used search for published credential types for a specific issuer. You need to know the issuers tenantId
and issuerId
. The return message is a collection of published credential types and their respective claims. There will be a maximum of 100 credential types in the response.
GET /v1.0/tenants/:tenantId/verifiableCredentialsNetwork/authorities/:issuerId/contracts/
Header | Value |
---|---|
Authorization | Bearer (token). Required |
Content-Type | application/json |
Parameter | value |
---|---|
tenantId | TenantId obtained from the search by linked domain name |
issuerId | IssuerId obtained from the search by linked domain name |
HTTP/1.1 200 OK
Content-type: application/json
[
{
"name": "Verified employee 1",
"types": [
"VerifiedEmployee"
],
"claims": [
"displayName",
"givenName",
"jobTitle",
"preferredLanguage",
"surname",
"mail",
"revocationId",
"photo"
]
}
]
Learn more about Microsoft Entra Verified ID Network.