requestMobileCredentials

suspend fun requestMobileCredentials(activity: Activity, request: List<MobileCredentialRequest>, applicationId: String, walletProviderId: String? = null, challenge: String? = null): OnlinePresentationSessionResult

Starts a remote app-to-app verification flow using either an OpenID4VP Redirect or Digital Credentials API (DC API) session. Depending on the MATTR VII configured Android Verifier application and request the most appropriate session flow will be initiated.

Creates a DC API session when all of the following conditions are met:

  1. dcApiConfiguration is enabled in the MATTR VII Verifier application configuration

  2. End-Users device supports the Android API level >= android.os.Build.VERSION_CODES.P (API 28)

  3. walletProviderId == null

  4. request.size == 1

When any of the conditions are not met, the SDK automatically falls back to create an OpenID4VP session. If no openid4vpConfiguration is defined for the Verifier application, the session would fail.

NOTE: Verifier applications planning to support OpenID4VP must declare a global.mattr.mobilecredential.verifier.a2apresentation.callback.Openid4VpCallbackActivity to receive the final result.

NOTE: DC API support in the Holder SDK is currently offered as a tech preview. This feature is experimental and relies on Google’s Digital Credentials Manager (DCM) API, which is also in an early stage. As such, functionality may be limited, may not work in all scenarios, and could change or break without prior notice.

Known issues in the DCM cross-device flow (compatibility with third party wallets):

Credential Verification

  • Same-device: The wallet uses the app’s signing certificate thumbprint as its origin. This aligns with the platform expectations and enables successful verification.

  • Cross-device: The wallet overrides certain fields (e.g., origin, clientId) with the app’s package name instead of the expected signing certificate thumbprint, resulting in verification failure.

Credential presentation

  • Same-device: Google Wallet returns the credential in the expected format and structure, and the credential is delivered successfully.

  • Cross-device: Google Wallet returns an invalid payload for the credential type com.google.wallet.idcard.1. As a result, DCM rejects the request with a GetCredentialCancellationException. Logs will show "Unexpected credential type" and "UNEXPECTED_EOF" errors.

  • Cross-device flow still works for ISO mDL (org.iso.18013.5.1.mDL) and other credentials over OpenID4VP.

  • Same-device retrieval of com.google.wallet.idcard.1 remains valid.

  • No SDK-side workaround; requires a Google Play Services / Wallet fix.

Return

OnlinePresentationSessionResult containing the verified presentation outcome.

Parameters

activity

Host Activity initiating the request.

request

A list of credential queries used to filter and match credentials stored in the wallet.

applicationId

The Android verifier application ID that has been registered with the MATTR VII Platform and configured for use with this integration.

walletProviderId

Optional wallet provider ID registered with the MATTR VII Platform, used to target a specific wallet that supports OpenID4VP. When set, forces using an OpenID4VP session.

challenge

Optional challenge string to bind the request to this session. If not provided, a random challenge will be generated automatically.

Throws

If the SDK is not initialized.

If there is a network connectivity issue.

If the platform configuration and/or required parameters are incorrectly configured.

When the session expires due to user or application inactivity.

If an error occurs during the credential request flow that does not match any of the above conditions, see the stack trace for more details.