Overview
After presenting the request to the youth, retrieve the verification result. The recommended approach is to use webhooks to be notified when the youth responds. As a fallback, you can poll this endpoint.
Endpoint
GET https://test.didxtech.com/me-creds/api/presentations/{id}
Request
curl -X GET "https://test.didxtech.com/me-creds/api/presentations/cmbhsgi6c00cls60120oyb8tl" \
-H "Authorization: Bearer <access_token>"
id returned in Step 2.
Response
HTTP 200 OK
{
"data": {
"id": "cmbhsgi6c00cls60120oyb8tl",
"createdAt": "2025-06-04T10:12:20.101Z",
"updatedAt": "2025-06-04T12:45:33.221Z",
"status": "verified",
"error": null,
"presentationTemplateId": "cm2ytsdid009u4ke3t30aiuvc",
"credentials": [
{
"isValid": true,
"name": "Web Development Completion",
"type": "https://didx.co.za/vct/didx/web-dev-completion-v1",
"attributes": {
"programmeName": "Umuzi Web Development Programme",
"completionDate": "2025-03-15",
"fullName": "Amara Okafor"
},
"issues": []
}
],
"expiresAt": "2025-07-04T10:12:20.088Z",
"authorizationRequestUri": "https://didx.co.za/invitation?request_uri=...",
"authorizationRequestQrUri": "https://didx.co.za/invitation?request_uri=...&qr=true"
}
}
programmeName, completionDate, and fullName. Her assessmentScore and skillsCovered are not present because she withheld them. This is selective disclosure in action.
Status Values
| Status | Description |
|---|
requested | Waiting for the youth to respond |
verified | Youth has successfully presented their credential |
rejected | Youth declined the request |
expired | Request expired before the youth responded (30-day expiry) |
Credential Validation Fields
| Field | Description |
|---|
isValid | true if the credential has been cryptographically verified — proving it was issued by the claimed issuer and hasn’t been tampered with |
attributes | The verified data the youth chose to share |
issues | Array of validation issues (empty if credential is valid) |
Checking Validity
Always check both conditions before trusting the presented data:
status === "verified" — the youth respondedcredentials[].isValid === true — the credential is cryptographically authentic
The isValid field confirms that:
- The credential hasn’t been tampered with
- The issuer’s decentralized identifier (DID) is legitimate
- The credential is cryptographically signed and authentic
- The credential has not been revoked
Webhooks (Recommended)
For production integrations, use webhooks instead of polling. Register a webhook endpoint once, and your application is notified automatically when:
- The youth presents their credentials (
openid4vc.presentation.verified)
- The youth declines the request (
openid4vc.presentation.failed)
- The request expires (
openid4vc.presentation.expired)
This is the recommended pattern for the YOMA ecosystem, where verification requests may take minutes (the youth needs to open their wallet) or days (they haven’t seen the request yet).
Polling (Fallback)
If webhooks aren’t feasible, poll this endpoint every 2–3 seconds until the status changes from requested. This approach works for testing but creates unnecessary load at scale.
The verification workflow is complete. Use the attributes from the response to process the verified youth data in your application — for job placement, scholarship eligibility, or any other decision that previously required manual document verification.
