What you'll learn
- Parse and process mDL credential offer URLs in OID4VCI format
- Accept mDL credential offers via the Wallet API endpoint
- Decode CBOR-encoded mDL credentials for user display
- Handle offers from QR codes, links, or manual input
How to Accept a Mobile Driver's Licenses (ISO/IEC 18013-5 mDL) in a Wallet with walt.id
TL;DR
Learn how to accept ISO/IEC 18013-5 mobile driver's licenses (mDL) in a wallet using walt.id's Wallet API and OID4VCI, including parsing credential offer URLs and displaying credentials to users.
Relevant concepts
- Mobile Driver's License (mDL) – ISO/IEC 18013-5/7 standard for mobile driver's licenses
- OpenID4VCI – Protocol for verifiable credential issuance
There are several methods by which a user can receive a mDL into their wallet, and all are supported by the wallet API:
- User may receive a direct link, which opens the wallet and prompts credential acceptance.
- A website may display a QR code for the user to scan and accept the credential.
- The user may manually input an offer URL string into a text field.
Irrespective of the chosen method, these are just different ways of receiving, parsing and fulfilling a request URL.
Credential Offer URL
A credential offer URL is a standardized method, as per the OID4VCI specification, to communicate the issuance of
credentials between issuer and wallet. This URL can take various forms, such as a QR code or a link, and generally
begins with openid-credential-offer:// or haip://.
Example Offer URL
openid-credential-offer://issuer.portal.walt.id/?credential_offer=<credential_offer>
Within the URL, a query parameter credential_offer provides the actual offer.
Example of a Credential Offer Object
{
"credential_issuer": "http://localhost:7002",
// This is the URL of the issuer of the credential(s)
"credential_configuration_ids": [
// This array contains details about the types of credentials being offered
"org.iso.18013.5.1.mDL"
],
"grants": {
// Specifies how the credentials can be obtained
"authorization_code": {
"issuer_state": "7a76d97f-aa99-45ee-a130-fb6674f699a4"
// Contains an issuer_state, a unique identifier for the grant
},
"urn:ietf:params:oauth:grant-type:pre-authorized_code": {
// Provides details for a pre-authorized code grant type,
//including the actual pre-authorized_code
"pre-authorized_code": "eyJhbGciOiJFZERTQSJ9.eyJzdWIiOiI3YTc2ZDk3Zi1hYTk5LTQ1ZWUtYTEzMC1mYjY2NzRmNjk5YTQiLCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjcwMDIiLCJhdWQiOiJUT0tFTiJ9.MTcBjskpqvzH_rcxrU3G1N-PiK7UvHgZ75cQfYiZsQJBBqgKROAlgxoVaD91oZF3TO00HHersxgZVDwTzXxuAg"
}
}
}
Accepting Credential Offers
To accept a credential via the credential offer URL:
- Parse the credential offer URL so that the contained offer can be processed.
- Provide the offer URL to the Wallet API so it can manage parsing and fulfilling the offer.
- (Optional) Present the credentials to the user before finally accepting the credential offer.
See an example below.
Accepting the offer
To accept the offer via the Wallet API:
- Make a POST call to the
/wallet-api/wallet/{wallet}/exchange/useOfferRequestendpoint. - Pass a user's
didand thewalletIdas request parameters. - Include the credential offer URL in the request body.
- Let the API parse the request, receive the credentials from the issuer, and store them in the user's wallet.
When receiving an mDL, the key for the selected DID must use the secp256r1 algorithm.
Example Call | Api Reference
curl -X 'POST' \
'http://0.0.0.0:7001/wallet-api/wallet/{wallet}/exchange/useOfferRequest?did=did%3Akey%3Az6MknMppUdsg34t6oPevGDijgB9w9862Ai6Xu5iexjNU2Uoh' \
-H 'accept: */*' \
-H 'Content-Type: text/plain' \
-d 'openid-credential-offer://issuer.portal.walt.id/?credential_offer=<credential_offer>'
You can receive the needed wallet id parameter via the /wallet-api/wallet/accounts/wallets endpoint.
Display The Credential To The User
To improve readability, use the /wallet-api/util/parseMDoc endpoint to decode the CBOR-encoded mDL into a simple JSON
structure.
Last updated on November 18, 2025