Credential Verification using QR code
Step by step guide on how to add verification functionality to your web-based business application to enable users to submit their credentials
Last updated
Step by step guide on how to add verification functionality to your web-based business application to enable users to submit their credentials
Last updated
DICE ID platform provide ability to issue and verify credentials. Once the credentials have been issued to an individual that represents their identity or capability then the user will need a way to present that credential as a proof.
This tutorial is for organizations who want to enable verification functionality in their business app so that the proof provided by the end user can be validated against blockchain and the user's verified data embedded in the proof can be extracted and used further.
The steps required to add verification functionality can be summarized as:
Sign up to the DICE ID portal (https://console-uat.diceid.com)
Create a Schema from DICE ID portal and issue a credential for testing
Get the test credentials in DICE ID app
Create a verification template based on that schema from DICE ID portal
Download the sample HTML and JavaScript files and replace values in index.html
Deploy on web server and open index.html to render the QR code
Explore different ways of rendering the QR code based on your application's UI design
Scan the QR code using credentials in DICE ID app (from step 2 and 3)
Given below is the detailed step-by-step guide.
Open https://console-uat.diceid.com/ in your browser and complete the signup and sign-in steps as described in Platform Console
After signing up and signing in to DICE ID platform console UI, you can navigate to the Schema screen from the left hand menu.
Click on "Add Schema" and specify the name, version and attributes of the Schema
On clicking "Create Schema" you will get a confirmation and schema will be visible on the next screen.
Navigate to Credentials screen from the left menu and click on "Onboard Customers".
In Onboard Customer screen specify your name and select the Auto Issue credentials option. You will get a screen that requires selection of the Schema based on which credentials need to be created and sent.
Select the Schema created in previous step from the drop down and enter valid values for Name, Email and Phone.
Click OK to save these values and go back to previous screen and specify the email on which the credential invitation should be sent.
On clicking Onboard an email will be sent to the specified email id. To get your sample credentials:
Download DICE ID app from google play store or apple app store
Open the app, accept terms and conditions and change the Network in Settings page to DICE ID Testnet
Scan the QR code received in the email from no-reply@diceid.com and wait for processing to complete to obtain the credentials in DICE ID app
Navigate to the "Verifications Templates" page via the left hand menu
Click on "Add Verification Templates" to open the screen for creating new template in which you need to specify the following:
Name of the verification template
Version of the verification template
Notification Email, which should be your organization's email id on which the verification result needs to be sent.
Redirect URIs - Enter the fully qualified and valid URLs which needs to be whitelisted so that the verification flow can be redirected and results be rendered. E.g. http://localhost:3000/verification-callback.html
CORS List - one or more URLs which point to the server and port on which the callback html is hosted e.g. http://localhost:3000
Select a schema from the drop-down in which either global schemas created by other organizations can be selected or your organization's schema can be selected. The schema attributes get pre-selected for the verification template. On clicking "Create Verification Template" button at the end of the page the template gets created.
The name of the attributes in Schema and Verification Template should match always. The Verification template can contain a subset of the attributes in Schema.
If data type of any of the schema attributes is "number" then you can use a predicate so that the actual attribute value does not get revealed. For e.g. if you have Age as an attribute then a condition of Age > 18 can be used as per the use case.
Navigate to the detailed screen of the Verification template you created and copy VCAuth Endpoint, Client ID and Config ID as shown in example below.
Verification Link is a ready-to-user URL which provide the verification QR code corresponding to this verification template. This link can be shared on your website as-is so that your users / customers can scan and submit matching credentials as proof. The verification result will be emailed to your "Notification Email" setup for this template.
Use git clone https://github.com/diceid/qrcode-verification.git or download the two HTML files and one Javascript file available in the repository.
Modify index.html to replace the Client ID and Config ID values copied in previous step as specified below
WEBAPP_URL will be the url on which you are hosting your webserver and will deploy index.html and verification-callback.html on. If you are testing on a web server running on your machine then https://localhost:<port-number> can be used, with your port number
The values in WEBAPP_URL should match the value specified in CORS list of the verification template. And index.html and verification-callback.html should be hosted on the same web server. For actual implementation the name of the callback file can be changed as per need.
REDIRECT_URI will be the url on which you can view the QR code generated. This QR code can be used for scanning and verifying the presented credentials. The value of the url can be tweaked as per requirements. Segments can be added to the url. You can add segments to it e.g. http://localhost:3000/{segment1}/{segment2}/verification-callback.html
Ensure that index.html, verification-callback.html and DiceIdVerification.js are all in the same directory when deploying on the web server.
After the web server is running, open index.html in browser and QR code should get displayed
Instead of QR code if you see the following message then it means that the Redirect URL provided in step 5 is not correct.
And if you see the message "Forbidden" that means that your server and port are not specified in the CORS list in step 5.
QR code can be launched in different ways and this can be adjusted. A user needs to copy the below mentioned line of code in the index.html file to get the QR code displayed in preferred way.
Below are the three ways to display QR code:
a) Same page
For displaying QR code on the same page, user need to
b) Pop-up
For displaying QR code in a pop-up
c) Another tab
For displaying QR code in another tab
Open your DICE ID app and scan the QR code for which you will be prompted to submit the proof.
Once submitted the proof will be validated against blockchain and confirmation message will be displayed on the web page. This message is based on the data extracted from JWT token that is generated after the proof is verified and contains the credential data.
Please refer to this code snippet in index.html which extracts the data from JWT token. You can use the same technique and use this data for storing in database or passing it as input to your backend APIs for further processing.
Please note that once you are done with development and testing then you should use DICE ID Production environment (https://console.diceid.com) and use those details to go-live and provide verification functionality to your end users
