Setting Up the Verification Flow

What We Are Doing:

Configuring the Verifier in our Express app.
Defining a verification flow named "kyc" that checks:
- The credential type is "KYC Verifiable Credential".
- The subject`s age is at least 18.

Why: We want only users who hold a valid KYC credential proving they are over 18 to access a protected resource.

Steps: In src/index.ts, before app.use("/", router):

import { VerifiablePresentation } from '@empe/identity';
import { VerifierConfiguration, VerifierClient } from "@empe/verifier-client";
import jwt from "jsonwebtoken";

const VERIFIER_SERVICE_URL = process.env.VERIFIER_SERVICE_URL!;
const VERIFIER_CLIENT_SECRET = process.env.VERIFIER_CLIENT_SECRET!;
const JWT_SECRET = "your-jwt-secret";

const verifierConfiguration: VerifierConfiguration = {
  baseUrl: BASE_URL,
  verifierServiceUrl: VERIFIER_SERVICE_URL,
  clientSecret: VERIFIER_CLIENT_SECRET,
  verificationFlows: [
    {
      name: "kyc",
      vpQuery: [
        {
          fields: [
            {
              path: ["$.type"],
              filter: {
                type: "array",
                contains: { const: "KYC Verifiable Credential" }
              }
            },
            {
              path: ["$.credentialSubject.age"],
              filter: {
                type: "number",
                minimum: 18
              }
            }
          ]
        }
      ],
      handleVerificationResult: (data) => {
        if (data.verification_status === 'verified') {
          const { vp } = data;
          const vpJSON = VerifiablePresentation.fromJSON(vp);
          const holder = vpJSON.holder().toString();

          // Generate a JWT token granting access
          const accessToken = jwt.sign({ sub: holder, vp: data.vp }, JWT_SECRET);
          return {
            access_token: accessToken,
            verification_status: data.verification_status,
            redirect_url: "/dashboard"
          };
        }
        return data;
      }
    }
  ]
};

const verifierClient = new VerifierClient(app, verifierConfiguration);
verifierClient.initialize();

Now our app can request a verification QR code and handle verification results.

PreviousDeploying the Verifier NextCreating a Verification Endpoint

Last updated 3 months ago

import { VerifiablePresentation } from '@empe/identity'; import { VerifierConfiguration, VerifierClient } from "@empe/verifier-client"; import jwt from "jsonwebtoken"; const VERIFIER_SERVICE_URL = process.env.VERIFIER_SERVICE_URL!; const VERIFIER_CLIENT_SECRET = process.env.VERIFIER_CLIENT_SECRET!; const JWT_SECRET = "your-jwt-secret"; const verifierConfiguration: VerifierConfiguration = { baseUrl: BASE_URL, verifierServiceUrl: VERIFIER_SERVICE_URL, clientSecret: VERIFIER_CLIENT_SECRET, verificationFlows: [ { name: "kyc", vpQuery: [ { fields: [ { path: ["$.type"], filter: { type: "array", contains: { const: "KYC Verifiable Credential" } } }, { path: ["$.credentialSubject.age"], filter: { type: "number", minimum: 18 } } ] } ], handleVerificationResult: (data) => { if (data.verification_status === 'verified') { const { vp } = data; const vpJSON = VerifiablePresentation.fromJSON(vp); const holder = vpJSON.holder().toString(); // Generate a JWT token granting access const accessToken = jwt.sign({ sub: holder, vp: data.vp }, JWT_SECRET); return { access_token: accessToken, verification_status: data.verification_status, redirect_url: "/dashboard" }; } return data; } } ] }; const verifierClient = new VerifierClient(app, verifierConfiguration); verifierClient.initialize();