> For the complete documentation index, see [llms.txt](https://dev.ishare.eu/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://dev.ishare.eu/all-roles-common-endpoints/h2m-verifiable-credential-endpoints/openid4vp-endpoints/presentation-endpoint-openid4vp.md).

# Presentation Endpoint (OpenID4VP)

{% hint style="info" %}
Specifications and best practice implementations for Verifiable Credentials are currently being developed. This page is expected to be updated, closely following these developments.
{% endhint %}

The `POST` request to the presentation endpoint is where verifiable presentations are submitted by holders. This endpoint is part of the OpenID for Verifiable Presentations (OpenID4VP) protocol.

{% hint style="info" %}
The `POST` request to the presentation endpoint is an **OPTIONAL** endpoint and is part of the iSHARE Framework's Verifiable Credentials support in line with **OpenID for Verifiable Presentations (OpenID4VP)**.
{% endhint %}

### Endpoint

```
POST /presentation
```

The URL for this endpoint is provided in the Verifier Metadata (see [Verifier Metadata](/all-roles-common-endpoints/h2m-verifiable-credential-endpoints/openid4vp-endpoints/verifier-metadata-openid4vp.md)).

### Request model

#### Headers

* `Content-Type`\
  **String**.\
  MUST be equal to `application/x-www-form-urlencoded` or `application/json`.

#### Parameters

The request body MUST contain the following parameters (when using `application/x-www-form-urlencoded`):

* `vp_token`\
  **String**.\
  A verifiable presentation token containing the verifiable presentation.
* `presentation_submission`\
  **String (JSON)**.\
  A [Presentation Submission](https://identity.foundation/presentation-exchange/spec/v2.1.1/#presentation-submission) object when using presentation definitions.
* `state`\
  **String**.\
  The state parameter value from the authorization request.

When using `application/json`, the request body is a JSON object containing the same parameters.

### Example request

```
POST /presentation
Host: verifier.ishare.eu
Content-Type: application/x-www-form-urlencoded

vp_token=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...&presentation_submission={"id":"submission123","definition_id":"participant-credential","descriptor_map":[...]}&state=xyz789
```

### Response model

#### Success Response

The response is a JSON object or redirect containing:

* `vp_token`\
  **String**.\
  The verifiable presentation token (if not already provided in request).
* `presentation_submission`\
  **Object**.\
  The presentation submission object (if using presentation definitions).
* `state`\
  **String**.\
  The state parameter value from the request.

#### Error Response

Error responses follow standard HTTP status codes and OAuth 2.0 error format:

* `error`\
  **String**. <mark style="color:red;">(Required)</mark>\
  Error code (e.g., `invalid_request`, `invalid_vp_token`, `presentation_rejected`).
* `error_description`\
  **String**.\
  Human-readable description of the error.
* `error_uri`\
  **String**.\
  URI pointing to a document describing the error.

### Example response

```json
{
  "vp_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...",
  "presentation_submission": {
    "id": "submission123",
    "definition_id": "participant-credential",
    "descriptor_map": [
      {
        "id": "participant-credential-descriptor",
        "format": "vc+sd-jwt",
        "path": "$.vp.verifiableCredential[0]"
      }
    ]
  },
  "state": "xyz789"
}
```

### iSHARE-Specific Requirements

Within iSHARE, the following requirements apply:

* The verifier MUST validate the verifiable presentation:
  * Verify the presentation signature
  * Verify all included credential signatures
  * Check credential expiration and status
  * Verify issuer trust status
* The verifier MUST verify that the credentials in the presentation match the requested presentation definition or scope.
* The verifier MUST verify that the holder is authorized to present the credentials.
* All verifiable presentations MUST conform to the [W3C Verifiable Credentials Data Model 2.0](https://www.w3.org/TR/vc-data-model-2.0/).
* Credentials in presentations MUST use schemas published at [schemas.ishare.eu](https://schemas.ishare.eu).


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://dev.ishare.eu/all-roles-common-endpoints/h2m-verifiable-credential-endpoints/openid4vp-endpoints/presentation-endpoint-openid4vp.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.