Skip to Content
API and DashboardExample TemplatesVerificationVerify Proof of Age as mDoc

Verify Proof of Age as mDoc

This page provides a presentation template payload for verifying Proof of Age credentials, the attestation defined by the EU Digital Identity Wallet Age Verification specification .

The EU Digital Identity based on eIDAS 2.0 is still in development and will be launched at the end of 2026. We are continuously monitoring the advancements of the European Architecture Reference Framework (ARF) and try to align our infrastructure as the specifications evolve.

Creating verifier root X509 certificate

Before you can create the presentation template for Proof of Age verification, you need to set up a verifier root x509 certificate with a P-256 key.

The certificates guide contains detailed guidance on creating a certificate. We recommend creating your initial certificate through the dashboard.

Alternatively, if your verifier certificate needs to be signed by an external certificate authority, you can create a certificate signing request and import the externally signed certificate into Paradym.

Setting up a trusted entity

To control which issuers you accept Proof of Age credentials from, you need to create one or multiple trusted entities configured with the trusted root X.509 certificates used for issuance of the credential. Without a trusted entity linked, the presentation template will accept any issuer.

  • If you issued the credential yourself, you can find the issuer root certificate (issuerRoot) in the Paradym dashboard, under the My Certificates  section of the “Trust” tab. If you don’t have one yet, see Creating a Root Certificate.
  • If the issuer is external, you must obtain the root certificate used for issuance from the issuer, and add it to the trusted entity. If you’re unsure where to find it, ask the issuer of the credential.

Once you have the root certificate, create a trusted entity with it. Note the id of the created trusted entity, as you’ll need it to link the trusted entity to the presentation template below.

Creating the presentation template

We recommend creating this template through the API, as it allows you to exactly copy the payload as defined below. You can also select this as a pre-made template in the dashboard. See the API reference for Create presentation template  for more information.

The template below requests only age_over_18, which is the intended minimal-disclosure use of this credential. Add age_over_21, age_in_years, or other elements only when your use case strictly requires them.

The trustedIssuers array below links the trusted entity you created to this credential, so that only credentials issued by that trusted entity are accepted. Replace <TRUSTED_ENTITY_ID> with the id of the trusted entity you created.

POST/v1/projects/{projectId}/templates/presentationsOpen in Reference
{
  "name": "Verify Age",
  "description": "This information is requested to verify that you meet the required age",
  "verifier": {
    "signer": "certificate",
    "keyType": "P-256"
  },
  "credentials": [
    {
      "name": "Proof of Age",
      "description": "Proof of Age attestation compliant with the EU Digital Identity Wallet framework",
      "format": "mdoc",
      "type": "eu.europa.ec.av.1",
      "trustedIssuers": [
        "<TRUSTED_ENTITY_ID>"
      ],
      "attributes": {
        "eu.europa.ec.av.1": {
          "properties": {
            "age_over_18": {}
          }
        }
      }
    }
  ]
}

Credential template

If you want to issue Proof of Age credentials before verifying them, refer to the Proof of Age mDoc credential template for the credential template setup.

Last updated on
Issue Person Identification Data (PID) as SD-JWT VCVerify ISO 18013-5 Mobile Driving License as mDoc