Skip to main content

Introduction

VCVerifier is configured via YAML configuration files. The configuration covers server settings, verifier behavior, logging, and credential trust configuration.

Configuration File Location

The configuration file is loaded from one of the following locations:
1

Default Location

By default, VCVerifier looks for ./server.yaml in the working directory
2

Custom Location

Set the CONFIG_FILE environment variable to specify a custom configuration file path
export CONFIG_FILE=/path/to/config.yaml

Configuration Structure

The configuration file is organized into the following main sections:

Server

HTTP server configuration including port, templates, and static files

Verifier

Core verifier functionality: DID, keys, validation modes, and session settings

Credentials Config

Trust anchors, scopes, and credential type configuration

Templating

Customize the login page and QR code presentation

Minimal Configuration Example

Here’s a minimal configuration to get started: 
server:
  port: 8080

logging:
  level: "INFO"
  jsonLogging: true

verifier:
  did: did:key:myverifier
  generateKey: true
  sessionExpiry: 30

configRepo:
  services:
    - id: myService
      defaultOidcScope: "default"
      oidcScopes:
        default:
          credentials:
            - type: VerifiableCredential
              trustedParticipantsLists:
                - type: ebsi
                  url: https://tir-pdc.ebsi.fiware.dev

Environment Variables

CONFIG_FILE
string
Path to the configuration YAML file. Defaults to ./server.yaml

Configuration Validation

The configuration is validated at startup. If any required fields are missing or invalid, VCVerifier will fail to start with a descriptive error message.

Dynamic vs Static Configuration

VCVerifier supports two modes of configuration:
All service and credential configurations are defined directly in the YAML file under configRepo.services. This is suitable for simple deployments with fixed trust relationships.
Configure configRepo.configEndpoint to point to a Credentials Config Service. The verifier will periodically fetch updated configurations, allowing runtime changes without restart.
configRepo:
  configEndpoint: http://config-service:8080
  updateInterval: 30  # seconds

Next Steps

Server Configuration

Configure HTTP server, templates, and logging

Verifier Configuration

Set up DIDs, keys, and validation modes

Build docs developers (and LLMs) love

Get started for freeTalk to us