HomeOpenID4VP

OpenID for Verifiable Presentations

The protocol for presenting verifiable credentials to verifiers, enabling privacy-preserving disclosure and cross-device verification flows.

What is OID4VP?

OpenID for Verifiable Presentations (OID4VP) is an extension of OAuth 2.0 that enables wallets to present verifiable credentials to verifiers. It complements OID4VCI (issuance) to form a complete credential ecosystem.

Loading diagram...

Presentation Definition

Verifiers specify exactly what credentials and claims they need using DIF Presentation Exchange.

VP Token

Wallet responds with a verifiable presentation containing the requested credentials.

Selective Disclosure

Holders reveal only the specific claims requested, not entire credentials.

Format Agnostic

Supports JWT VCs, SD-JWT VCs, mDOCs, and Data Integrity credentials.

Key Concepts

VerifierRelying Party

The entity requesting credential presentation. Creates the authorization request with a presentation definition specifying required credentials. Must be registered with client metadata for wallet to verify.

WalletAuthorization Server

The user's credential wallet acts as an OAuth Authorization Server. Processes presentation requests, obtains user consent, and creates VP tokens with selected credentials.

HolderResource Owner

The end user who owns the credentials and decides whether to present them. Has full control over which credentials and claims to share with each verifier.

Presentation Flows

OID4VP supports both same-device and cross-device presentation scenarios.

Loading diagram...

Same-Device

Verifier app and wallet on same device. Uses custom URL schemes or universal links for redirect-based flow.

Mobile app to wallet
Browser to wallet extension

Cross-Device

Verifier on one device (web browser), wallet on another (mobile phone). QR code contains authorization request.

Desktop browser to mobile wallet
Kiosk to mobile wallet

Response Modes

How the wallet delivers the VP token back to the verifier.

Mode	Description	Use Case
fragment	VP Token in URL fragment (default for implicit flow)	Same-device, browser-based verification
direct_post	VP Token POSTed directly to verifier endpoint	Cross-device flows, backend verification
direct_post.jwt	VP Token POSTed as encrypted JWT (JARM)	Enhanced privacy, encrypted responses

Direct POST Recommended

For cross-device flows, direct_post is required since URL redirects don't work across devices. The wallet POSTs the response directly to the verifier's response_uri.

Credential Formats

OID4VP is format-agnostic and supports multiple credential types.

Format	Description	Specification
jwt_vp_json	JWT-encoded VP containing JWT VCs	W3C VCDM + JWT
ldp_vp	JSON-LD VP with Data Integrity proof	W3C VCDM + Data Integrity
mso_mdoc	ISO mDOC presentation	ISO 18013-5/7
dc+sd-jwt	SD-JWT Verifiable Credential	SD-JWT VC

The OID4VC Ecosystem

OID4VP is part of a family of protocols for verifiable credentials.

OID4VCI

Credential issuance from issuer to wallet.

Learn more

OID4VP

Credential presentation from wallet to verifier.

You are here

SIOPv2

Self-issued identity tokens without external IdP.

Learn more

Continue Learning

Request & Response Presentation Flows