Verify Supplier Credentials
The Story
SecureStaff BV has collected all five business credentials in their business wallet: a KVK registration extract, a tax compliance statement, a VAT registration, bank account details, and an insurance certificate. Today they are ready to register as a supplier on FlexProcure's procurement portal.
In the past, SecureStaff BV would email five separate PDF files to the broker. FlexProcure's compliance team would then spend days manually checking each document — calling institutions to verify authenticity, cross-referencing company names and registration numbers, and flagging inconsistencies. SecureStaff BV would wait anxiously, only to receive follow-up requests for missing or expired documents.
But FlexProcure has integrated verifiable credential verification into their supplier portal, powered by the Credenco Business Wallet. When SecureStaff BV starts their registration, the portal requests all required credentials. The browser redirects to SecureStaff BV's business wallet, which shows exactly what FlexProcure is requesting — all five business documents. SecureStaff BV reviews the request, clicks "Share", and within seconds FlexProcure has cryptographically verified every document.
The portal shows: "All required documents received and verified" — and SecureStaff BV is approved as a supplier.
This guide shows you how to build that verification experience.
How It Works
When verifying supplier credentials from a business wallet, the flow involves three parties: the broker's portal (where the verification is initiated), the broker's backend (which orchestrates the process), and the broker's Credenco Business Wallet (which creates the verification request and validates the credentials).
The key difference from single-credential verification: the verifier template requests multiple credential types at once. The supplier shares all required documents in a single interaction.
Unlike personal wallet verification (which uses QR codes), business wallet verification works entirely in the browser. The broker's portal redirects the supplier's browser to the authorization request URL, where the business wallet displays the request for approval.
Key Concepts
| Concept | Description |
|---|---|
| Verifier Template | A configuration in the Credenco Business Wallet that defines which credentials you want to request — for supplier onboarding, this includes all five document types |
| Authorization Request | An OID4VP request that initiates the credential verification flow |
| Authorization Request URL | The URL the supplier navigates to in their browser to review and approve the credential sharing request |
| OpenID4VP | The open standard protocol used for credential presentation and verification |
| Correlation ID | A business key to track the verification session and retrieve results |
Sequence Diagram
The diagram below shows the complete interaction — from the moment FlexProcure requests SecureStaff BV's supplier documents to the moment all credentials are verified.
Step-by-Step Integration
Prerequisites
Before you begin, make sure you have:
- A Credenco Business Wallet account (sign up here)
- A Verifier Template configured that requests all five supplier credential types — Create Verifier Template
- API access enabled — Set up API authentication
Step 1: Create a Verification Request
When a supplier clicks "Provide required documents", the broker's backend calls the Create authorization request API.
Request:
curl -X POST https://your-wallet.credenco.com/api/v1/oid4vp/backend/auth/requests \
-H "Content-Type: application/json" \
-H "x-api-key: YOUR_API_KEY" \
-d '{
"correlation_id": "onboarding-securestaff-2026",
"query_id": "verify_supplier_documents"
}'
Note: There is no qr_code parameter in the request. When qr_code is omitted, the response returns an auth_request_uri — a URL that the supplier navigates to in their browser. This is the standard flow for business wallets.
Tip: The query_id must match the Verifier template key configured in the Credenco Business Wallet. This template defines all five credential types and the specific attributes you want to verify for each.
Response:
{
"correlation_id": "onboarding-securestaff-2026",
"auth_request_uri": "openid4vp://authorize?request_uri=https://your-wallet.credenco.com/oid4vp/auth/request/xyz789",
"status_uri": "https://your-wallet.credenco.com/api/v1/oid4vp/backend/auth/requests/onboarding-securestaff-2026"
}
| Field | Description |
|---|---|
correlation_id | Your business key to track this verification session |
auth_request_uri | The authorization request URL — redirect the supplier's browser to this URL |
status_uri | Endpoint to poll for verification status |
Step 2: Redirect the Supplier to the Verification Request
The auth_request_uri in the response is a URL that opens the verification request in the supplier's business wallet. Redirect the supplier's browser to this URL:
// In your frontend, after receiving the response from your backend:
window.location.href = response.auth_request_uri;
Or render it as a link:
<a href="openid4vp://authorize?request_uri=...">
Open in your Business Wallet to share documents
</a>
Step 3: The Supplier Reviews and Shares
From SecureStaff BV's perspective:
- The browser navigates to their business wallet
- The wallet shows which credentials FlexProcure is requesting — all five supplier documents
- SecureStaff BV reviews the request and clicks "Share"
- The wallet sends all five credentials to the broker's Credenco Business Wallet using the OpenID4VP protocol
- The broker's Business Wallet cryptographically verifies the signatures and checks each credential's validity
SecureStaff BV stays in full control — they see exactly what is being requested and can decline the request at any time.
Step 4: Check the Verification Status
After the redirect, your backend polls the Get authorization session status API to track progress and retrieve results:
curl "https://your-wallet.credenco.com/api/v1/oid4vp/backend/auth/requests/onboarding-securestaff-2026?includeData=true" \
-H "x-api-key: YOUR_API_KEY"
Response (after all credentials are verified):
{
"status": "verified",
"correlation_id": "onboarding-securestaff-2026",
"last_updated": 1751155200000,
"data": {
"kvk_registration_extract": {
"kvk_number": "12345678",
"legal_name": "SecureStaff BV",
"legal_form": "Besloten Vennootschap",
"registration_date": "2018-04-15",
"address": "Herengracht 100, 1015 BS Amsterdam",
"authorized_signatory": "Jan van der Berg"
},
"tax_compliance_statement": {
"rsin": "987654321",
"company_name": "SecureStaff BV",
"compliance_status": "compliant",
"valid_from": "2026-01-01",
"valid_until": "2026-12-31"
},
"vat_registration": {
"vat_number": "NL123456789B01",
"company_name": "SecureStaff BV",
"registration_date": "2018-04-20"
},
"bank_account_details": {
"bank_name": "ABN AMRO",
"iban": "NL91ABNA0417164300",
"account_holder": "SecureStaff BV",
"bic": "ABNANL2A"
},
"insurance_certificate": {
"insurer": "Allianz",
"policy_number": "AVB-2026-00412",
"coverage_type": "Professional Liability",
"insured_party": "SecureStaff BV",
"valid_from": "2026-01-01",
"valid_until": "2027-01-01",
"coverage_amount": "2.500.000"
}
}
}
| Status | Meaning |
|---|---|
created | The authorization request has been created, waiting for the wallet to respond |
request_retrieved | The business wallet has retrieved the authorization request |
verified | All credentials have been successfully presented and verified |
error | Something went wrong during the verification process |
Tip: Use the includeData=true query parameter to include the actual credential data in the response. Without it, you only get the status.
Step 5: Show the Result
Once all five credentials are verified, show the supplier a success message:
<div style="text-align: center; padding: 2rem;">
<h2>All required documents received and verified</h2>
<p>5 of 5 credentials verified successfully.</p>
<button>Continue registration</button>
</div>
Optional: Use Callbacks Instead of Polling
Instead of polling, provide a callback URL in the verification request:
{
"correlation_id": "onboarding-securestaff-2026",
"query_id": "verify_supplier_documents",
"callback": {
"url": "https://your-backend.com/webhooks/verification-status",
"status": ["verified", "error"]
}
}
Your callback endpoint will receive a POST request when the verification completes or fails.
What the Broker Can Do After Verification
Once all five credentials are verified, the broker's backend has cryptographically confirmed data from five independent sources. This enables automated checks:
| Check | Description |
|---|---|
| KVK validity | Confirm the supplier has an active registration at the Chamber of Commerce |
| Tax compliance | Verify the supplier's fiscal standing with the Tax Authority |
| VAT registration | Confirm the supplier is registered for VAT and the number is valid |
| Bank account ownership | Verify that the bank account belongs to the registered company |
| Insurance coverage | Confirm adequate professional liability coverage and validity period |
| Cross-reference | Match company names and registration numbers across all five credentials for consistency |
All of this is automated and based on cryptographically verified data — no manual document review needed.
Complete Flow at a Glance
Calls the Verification API requesting all 5 credential types
The portal redirects the supplier's browser to the authorization request URL
SecureStaff BV reviews and shares all 5 credentials at once
The broker's Business Wallet verifies all credentials — supplier is approved
API Reference
| API | Method | Endpoint | Description |
|---|---|---|---|
| Create authorization request | POST | /api/v1/oid4vp/backend/auth/requests | Create a verification request and get an authorization request URL |
| Get authorization session status | GET | /api/v1/oid4vp/backend/auth/requests/{correlationId} | Check verification status and retrieve credential data |
What's Next?
Now that you understand how to verify supplier credentials from a business wallet, you might want to explore:
- Issue Supplier Credentials — See how each authority issues credentials to the supplier's business wallet
- Create Verifier Templates — Define which credentials your organization wants to verify
- API Authentication — Set up OAuth2 or API key authentication
- Issue Credentials — Issue your own credentials to users