Skip to main content

OpenID4VP

OpenID for Verifiable Presentations (OID4VP)

Credential Verification · Interoperability · Privacy-Preserving · Secure by Design

OpenID4VP is an OpenID Foundation standard enabling wallets to present Verifiable Credentials (VCs) to Relying Parties (RPs). It standardizes request/response flows, holder binding, selective disclosure, and proof-of-possession, supporting formats like SD-JWT-VC, W3C VCs, and ISO mdoc.

It complements OpenID4VCI by covering verification instead of issuance, including presentation submission and nonce mechanisms.

How VX Uses OID4VP

The VX API acts as a verifier. When an RP initiates a credential request, VX generates a signed authorization request and delivers it to the wallet. The wallet responds via direct_post, submitting a VP token directly back to the VX API.

Flow Overview

The verification flow spans three phases, combining standard OpenID Connect with an embedded OID4VP exchange:

  1. Authorization Request — The RP initiates the flow by sending a Pushed Authorization Request (PAR) to VX. VX returns a page displaying the credential request as a QR code or deep link.
  2. Wallet Presentation — The user opens their wallet, which receives the signed OID4VP authorization request and responds with a Verifiable Presentation via direct_post.
  3. Token Exchange — Once VX has verified the presentation, the RP polls for completion and exchanges the authorization code for an ID token using PKCE.

The RP receives only an ID Token — no access token is issued.