Verify Person Identification Data (PID) as mDoc
Person Identification Data (PID) is the foundational identity credential of the EU Digital Identity Wallet: a digital equivalent of a national ID card holding a person’s core identity attributes such as name, date of birth, and nationality. It is defined by the European Commission’s PID Rulebook within the Architecture Reference Framework (ARF), and verified here as an mdoc using the doctype eu.europa.ec.eudi.pid.1.
This page provides a presentation template payload for verifying PID credentials.
The EU Digital Identity based on eIDAS 2.0 is still in development and will be launched at the end of 2026. We are continuously monitoring the advancements of the European Architecture Reference Framework (ARF) and try to align our infrastructure as the specifications evolve.
Creating verifier root X509 certificate
Before you can create the presentation template for PID verification, you need to set up a verifier root x509 certificate with a P-256 key.
The certificates guide contains detailed guidance on creating a certificate. We recommend creating your initial certificate through the dashboard.
Alternatively, if your verifier certificate needs to be signed by an external certificate authority, you can create a certificate signing request and import the externally signed certificate into Paradym.
Setting up a trusted entity
To control which issuers you accept PID credentials from, you need to create one or multiple trusted entities configured with the trusted root X.509 certificates used for issuance of the credential. Without a trusted entity linked, the presentation template will accept any issuer.
- If you issued the credential yourself, you can find the issuer root certificate (
issuerRoot) in the Paradym dashboard, under the My Certificates section of the “Trust” tab. If you don’t have one yet, see Creating a Root Certificate. - If the issuer is external, you must obtain the root certificate used for issuance from the issuer, and add it to the trusted entity. If you’re unsure where to find it, ask the issuer of the credential.
Once you have the root certificate, create a trusted entity with it. Note the id of the created trusted entity, as you’ll need it to link the trusted entity to the presentation template below.
Creating the presentation template
We recommend creating this template through the API, as it allows you to exactly copy the payload as defined below. You can also select this as a pre-made template in the dashboard. See the API reference for Create presentation template for more information.
The trustedIssuers array below links the trusted entity you created to this credential, so that only credentials issued by that trusted entity are accepted. Replace <TRUSTED_ENTITY_ID> with the id of the trusted entity you created.
{
"name": "Verify Person Identification Data",
"description": "This information is requested to verify your identity",
"verifier": {
"signer": "certificate",
"keyType": "P-256"
},
"credentials": [
{
"name": "Person Identification Data",
"description": "PID compliant with EU Digital Identity Wallet framework",
"format": "mdoc",
"type": "eu.europa.ec.eudi.pid.1",
"trustedIssuers": [
"<TRUSTED_ENTITY_ID>"
],
"attributes": {
"eu.europa.ec.eudi.pid.1": {
"properties": {
"family_name": {},
"given_name": {},
"birth_date": {},
"place_of_birth": {},
"nationality": {},
"resident_address": {},
"resident_country": {},
"resident_state": {},
"resident_city": {},
"resident_postal_code": {},
"resident_street": {},
"resident_house_number": {},
"personal_administrative_number": {},
"portrait": {},
"family_name_birth": {},
"given_name_birth": {},
"sex": {},
"email_address": {},
"mobile_phone_number": {},
"expiry_date": {},
"issuing_authority": {},
"issuing_country": {},
"document_number": {},
"issuing_jurisdiction": {},
"issuance_date": {},
"trust_anchor": {},
"attestation_legal_category": {}
}
}
}
}
]
}Credential template
If you want to issue PID credentials before verifying them, refer to the PID mDoc credential template for the credential template setup.