request
Starts a remote app-to-app verification flow using either an OpenID4VP Redirect or Digital Credentials API (DC API) session. Depending on the MATTR VII configured Android Verifier application and request the most appropriate session flow will be initiated.
Creates a DC API session when all of the following conditions are met:
dcApiConfigurationis enabled in the MATTR VII Verifier application configurationEnd-Users device supports the Android API level >= android.os.Build.VERSION_CODES.P (API 28)
walletProviderId == null
request.size == 1
When any of the conditions are not met, the SDK automatically falls back to create an OpenID4VP session. If no openid4vpConfiguration is defined for the Verifier application, the session would fail.
NOTE: To receive OpenID4VP results you must declare the SDK callback activity in your app AndroidManifest.xml.
<activity
android:name="global.mattr.mobilecredential.verifier.a2apresentation.callback.Openid4VpCallbackActivity"
android:exported="true">
<intent-filter>
<action android:name="android.intent.action.VIEW" />
<category android:name="android.intent.category.DEFAULT" />
<category android:name="android.intent.category.BROWSABLE" />
<!-- Match the openid4vpConfiguration you configured in the MATTR VII Verifier application -->
<data
android:scheme="com.example.verifier"
android:host="openid4vp" />
</intent-filter>
</activity>NOTE: DC API support in the Holder SDK is currently offered as a tech preview. This feature is experimental and relies on Google’s Digital Credentials Manager (DCM) API, which is also in an early stage. As such, functionality may be limited, may not work in all scenarios, and could change or break without prior notice.
Known issues in the DCM cross-device flow (compatibility with third party wallets):
Credential Verification
Same-device: The wallet uses the app’s signing certificate thumbprint as its origin. This aligns with the platform expectations and enables successful verification.
Cross-device: The wallet overrides certain fields (e.g., origin, clientId) with the app’s package name instead of the expected signing certificate thumbprint, resulting in verification failure.
Credential presentation
Same-device: Google Wallet returns the credential in the expected format and structure, and the credential is delivered successfully.
Cross-device: Google Wallet returns an invalid payload for the credential type
com.google.wallet.idcard.1. As a result, DCM rejects the request with a GetCredentialCancellationException. Logs will show "Unexpected credential type" and "UNEXPECTED_EOF" errors.Cross-device flow still works for ISO mDL (
org.iso.18013.5.1.mDL) and other credentials over OpenID4VP.Same-device retrieval of
com.google.wallet.idcard.1remains valid.No SDK-side workaround; requires a Google Play Services / Wallet fix.
Return
OnlinePresentationSessionResult containing the verified presentation outcome.
Parameters
Host Activity initiating the request.
A list of credential queries used to filter and match credentials stored in the wallet.
The Android verifier application ID that has been registered with the MATTR VII Platform and configured for use with this integration.
Optional wallet provider ID registered with the MATTR VII Platform, used to target a specific wallet that supports OpenID4VP. When set, forces using an OpenID4VP session.
Optional challenge string to bind the request to this session. If not provided, a random challenge will be generated automatically.
Throws
If the SDK is not initialized.
If there is a network connectivity issue.
If the platform configuration and/or required parameters are incorrectly configured.
When the session expires due to user or application inactivity.
If the flow is canceled.
If the DC API flow fails to retrieve a credential.
If the user cancels the DC API flow.
If an error occurs during the credential request flow that does not match any of the above conditions, see the stack trace for more details.