Validation Policies Reference

This reference documents the validation policies supported by the validator service. These policies are the rules and checks that the validator applies to your credentials and presentations during validation.

Available Validation Policies

The validator service implements the following policies for credential and presentation validation:

PolicyDescriptionKey Function
Credential QueryValidates credential queries and presentation submissionsEnsures presentations satisfy their credential query requirements
Trusted IssuerValidates issuer trust through certificate chainsVerifies credentials are issued by trusted entities

Configuration

Each policy can be individually configured through the validator configuration. For detailed configuration options for all policies, see the Configuration Reference.

TIP

Start with the default configuration and adjust only the options you need to change. This ensures you maintain security while customizing for your specific requirements.

Policy Execution Order

The validator executes policies in a specific order to ensure efficient validation:

  1. Credential Format Policy - First validates that credentials can be parsed and are well-formed
  2. Secondary Policies - Only executed if credential format validation succeeds:
    • Credential Query Policy - Validates query satisfaction
    • Trusted Issuer Policy - Validates issuer trust

If the credential format policy fails, secondary policies are skipped to avoid processing invalid credentials.

Validation Results

Policy validation results include:

  • Success - The policy check passed
  • Warning - The policy found minor issues that don't necessarily invalidate the credential
  • Error - The policy check failed, indicating the credential is invalid

Error Handling

Each policy defines how to handle different error scenarios, with configurable actions:

ActionDescriptionEffect on Validation
validTreat the scenario as validAllows validation to continue
warningGenerate a warningValidation continues with warning in result
errorGenerate an errorValidation fails with error in result

Policy Types

The validator policies can be categorized into different types:

Query Validation

  • Credential Query - Validates that presentations satisfy credential query requirements

Trust Validation

  • Trusted Issuer - Validates issuer trust through certificate chain verification

Supported Standards

The validator policies support validation across multiple standards:

StandardOrganizationCredential Format PolicyCredential Query PolicyTrusted Issuer Policy
W3C Verifiable CredentialsW3C
IETF Digital CredentialsIETF
ISO 18013-5 (mDL)ISO
DIF Presentation ExchangeDIF
DCQLDIF