Test Summary

Test Results

Expand All Collapse All
All times are UTC
2026-07-19 01:52:28 INFO
TEST-RUNNER
Test instance l53Rh1DSc5FepuR created
baseUrl
https://www.certification.openid.net/test/a/codeb-oid4vp-haip-v2
variant
{
  "credential_format": "sd_jwt_vc",
  "request_method": "request_uri_signed",
  "vp_profile": "haip",
  "client_id_prefix": "x509_hash",
  "response_mode": "direct_post.jwt"
}
alias
codeb-oid4vp-haip-v2
description
CodeB OID4VP HAIP verifier - 2026-07-19 v2
planId
Wa46KCPHMZ5EV
config
{
  "alias": "codeb-oid4vp-haip-v2",
  "description": "CodeB OID4VP HAIP verifier - 2026-07-19 v2",
  "server": {
    "discoveryUrl": "https://phone.codeb.io/.well-known/openid-configuration",
    "login_hint": "claude"
  },
  "client": {
    "client_id": "oidf-conf-basic",
    "client_secret": "W6Oag_SfF8T9CKjyQlBz3fSyRCPN60bpa6vL4456yro",
    "request_object_trust_anchor_pem": "-----BEGIN CERTIFICATE-----\nMIICizCCAhGgAwIBAgIQXd1w3TH4AchcGGp6BLgK/jAKBggqhkjOPQQDAzAuMQsw\nCQYDVQQGEwJVUzENMAsGA1UEChMESVNSRzEQMA4GA1UEAxMHUm9vdCBZRTAeFw0y\nNTA5MDMwMDAwMDBaFw0yODA5MDIyMzU5NTlaMDMxCzAJBgNVBAYTAlVTMRYwFAYD\nVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQDEwNZRTEwdjAQBgcqhkjOPQIBBgUr\ngQQAIgNiAAQHZVB1/mimla2hfSurylScjPMZaOJXLz/NnAc2sylm8WDyhU9Ccp+z\nASQi5vSwGGJjSGklkD9fdPR8GpyDIOIjCEfrnbt/v+ZSEPLLEGbaM6EccDbN7p9x\nteIm2Avf+ryjge4wgeswDgYDVR0PAQH/BAQDAgGGMBMGA1UdJQQMMAoGCCsGAQUF\nBwMBMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFLsgykcL/tflnPmPCSqj\njDdFsbzYMB8GA1UdIwQYMBaAFKPIJlqOoUzQNWP8myPIOq5W809WMDIGCCsGAQUF\nBwEBBCYwJDAiBggrBgEFBQcwAoYWaHR0cDovL3llLmkubGVuY3Iub3JnLzATBgNV\nHSAEDDAKMAgGBmeBDAECATAnBgNVHR8EIDAeMBygGqAYhhZodHRwOi8veWUuYy5s\nZW5jci5vcmcvMAoGCCqGSM49BAMDA2gAMGUCMQDgjUEahFT/h3DRakqiPZpLvPgf\nZwkt6K2EOMmh1nvEzl83eMLYcod4GCl3b0J1Nn0CMBNYmEQJb4CEG5WoOe7aRn/L\nVKu6saHmHEynI7ysIPd8zQsK1HdmhlHKlw9Z5GpGvA\u003d\u003d\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIICpjCCAiugAwIBAgIRAIchZfw0tuX7qK3Vs3BftTowCgYIKoZIzj0EAwMwTzEL\nMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2VhcmNo\nIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDIwHhcNMjYwNTEzMDAwMDAwWhcN\nMzIwOTAyMjM1OTU5WjAuMQswCQYDVQQGEwJVUzENMAsGA1UEChMESVNSRzEQMA4G\nA1UEAxMHUm9vdCBZRTB2MBAGByqGSM49AgEGBSuBBAAiA2IABDwS/6vhrcVqcbBo\n+wgdI3fwn9x7DNJJOY/lTOti0vkwuRN87RhEhTH17E7XyFjWsPYhIPt/wzOqxTd2\nb+4ZJNy9ID04YywF9U5zasDVyGSNErVNtz8uSGh5izW87j77GaOB6zCB6DAOBgNV\nHQ8BAf8EBAMCAQYwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0TAQH/BAUwAwEB\n/zAdBgNVHQ4EFgQUo8gmWo6hTNA1Y/ybI8g6rlbzT1YwHwYDVR0jBBgwFoAUfEKW\nrt5LSDv6kviejM9ti6lyN5UwMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzAChhZo\ndHRwOi8veDIuaS5sZW5jci5vcmcvMBMGA1UdIAQMMAowCAYGZ4EMAQIBMCcGA1Ud\nHwQgMB4wHKAaoBiGFmh0dHA6Ly94Mi5jLmxlbmNyLm9yZy8wCgYIKoZIzj0EAwMD\naQAwZgIxAMU19WCtmxVND8UHBZRoma49Z7jPs64Dma0eTu1OChVbB/2J7GV3nvYK\nAx54uk1G9QIxAO0miLVJu8PLNiXXXkiE/gsK3CTRTF/aeo4bMX42Zw40csRU6AC2\n6hSW1/IWaas6dg\u003d\u003d\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIIEcDCCAligAwIBAgIQbI8dxyfHEX97r4U6yYD5zTANBgkqhkiG9w0BAQsFADBP\nMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFy\nY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMTAeFw0yNjA1MTMwMDAwMDBa\nFw0zMjA5MDIyMzU5NTlaME8xCzAJBgNVBAYTAlVTMSkwJwYDVQQKEyBJbnRlcm5l\ndCBTZWN1cml0eSBSZXNlYXJjaCBHcm91cDEVMBMGA1UEAxMMSVNSRyBSb290IFgy\nMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEzZvVn4CDCuwJSvMWSj5cz3es3mcFDR0H\nttwW+1qLFNvicWDEukWVEYmO6gbf9yoWHKS5xcUy4APgHoIYOIvXRdgKam7mAHf7\nAlF9ItgKbppbd9/w+kHsOdx1ymgHDB/qo4H1MIHyMA4GA1UdDwEB/wQEAwIBBjAd\nBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDwYDVR0TAQH/BAUwAwEB/zAd\nBgNVHQ4EFgQUfEKWrt5LSDv6kviejM9ti6lyN5UwHwYDVR0jBBgwFoAUebRZ5nu2\n5eQBc4AIiMgaWPbpm24wMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzAChhZodHRw\nOi8veDEuaS5sZW5jci5vcmcvMBMGA1UdIAQMMAowCAYGZ4EMAQIBMCcGA1UdHwQg\nMB4wHKAaoBiGFmh0dHA6Ly94MS5jLmxlbmNyLm9yZy8wDQYJKoZIhvcNAQELBQAD\nggIBAD2/e9frmMxNpCV03qUHegg+MV2wz9644YoXdqtH8RyWYcBO7xfjjGEXdU1e\n/o0OkEFiynUCOSIk/vLLo7ttz6CPAeNlWfC0XNkoGeWgK6jjXvozBaGuGH5n0Ufo\nshMeWTuURqNN5G00sSXDTBrpp2+mgvdZQjb8K11TYMA25QA+YHNfbIEL0BniAhKS\n2gsnJjSzrdZLI+EZ7SEyqdR2rkjd1KutLDU+n3TFyxjniZVGur4YlhMP3mY/dV95\nIruAkkjOZier6hGBdEgZXXvaCz9u9iVEadsIE75pAGL8oHV5vxdARDiotRpul1IN\n/UZwzAbrfUFcw1HkAcYD/mlZfnQ2ieCF2MS7j3Vhv7JPDKp45fmykmzYNSrumRW0\nupFFKDBOoF7hsOb7oLyHS+Uft6jOUfOrogj8YUx38hKb2K20r42OgsSdDdxdeYWc\nMS3Sb6mwJeSZEYxJ2gaXnDSPaKhhrNkYwljyVQyr4Nq+MEJytXNTnHqaAcrNwZlV\npcJL1KBnMrMjP7eanvUwL3FYj3cF17jtboLt7gLoi4+2rWZFvn+w54jmd/FIuhhZ\ncEaU/wvU6BUNMtcVquVGHp7itQeDth5j+XL3j4WJ2SABwzUl6OeYdgpIt/ITZa+p\nTT0mQ/r5XyA4MEAiabn7XJjvCERlF2dcn2wqJw+CreTkkQ2R\n-----END CERTIFICATE-----"
  },
  "client_secret_post": {
    "client_id": "client_secret_post",
    "client_secret": "cRZGUg0oa9MoMEOgo5iXRjg9Z0AJaAf97IrP7wURYpk"
  },
  "client2": {
    "client_id": "client_secret_basic",
    "client_secret": "FdL-0qSC8oVVy9Vh1Et2Tx7owpdukS643i-NWaysQvY"
  },
  "credential": {
    "signing_jwk": {
      "crv": "P-256",
      "d": "QHT_DquJcR7lgyRJKWObrn9jR-Z6c5XJr8v1IpMnHLw",
      "ext": true,
      "key_ops": [
        "sign"
      ],
      "kty": "EC",
      "x": "OBSJttHHHSzol8KlF7yPS_dkXJOWgwNLXVJFGnevtK4",
      "y": "aIRnddtHxT8WBEVpgIbALguRFrNcUU6P8JBtIW5dzaU",
      "alg": "ES256",
      "use": "sig",
      "kid": "codeb-cred-signing-1shj727f"
    }
  }
}
baseMtlsUrl
https://mtls-www.certification.openid.net/test-mtls/a/codeb-oid4vp-haip-v2
testName
oid4vp-1final-verifier-invalid-kb-jwt-nonce
2026-07-19 01:52:28 SUCCESS
OIDCCGenerateServerConfiguration
Generated default server configuration
server_configuration
{
  "issuer": "https://www.certification.openid.net/test/a/codeb-oid4vp-haip-v2/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/codeb-oid4vp-haip-v2/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/codeb-oid4vp-haip-v2/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/codeb-oid4vp-haip-v2/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/codeb-oid4vp-haip-v2/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/codeb-oid4vp-haip-v2/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "HS256",
    "HS384",
    "HS512",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA",
    "Ed25519",
    "Ed448"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "preferred_username",
    "gender",
    "birthdate",
    "address",
    "zoneinfo",
    "locale",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified",
    "website",
    "profile",
    "updated_at",
    "txn"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA",
    "Ed25519",
    "Ed448"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA",
    "Ed25519",
    "Ed448"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA",
    "Ed25519",
    "Ed448"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ]
}
2026-07-19 01:52:28
SetRequestUriParameterSupportedToTrueInServerConfiguration
Enabled request_uri support in server configuration
server
{
  "issuer": "https://www.certification.openid.net/test/a/codeb-oid4vp-haip-v2/",
  "authorization_endpoint": "https://www.certification.openid.net/test/a/codeb-oid4vp-haip-v2/authorize",
  "token_endpoint": "https://www.certification.openid.net/test/a/codeb-oid4vp-haip-v2/token",
  "jwks_uri": "https://www.certification.openid.net/test/a/codeb-oid4vp-haip-v2/jwks",
  "userinfo_endpoint": "https://www.certification.openid.net/test/a/codeb-oid4vp-haip-v2/userinfo",
  "registration_endpoint": "https://www.certification.openid.net/test/a/codeb-oid4vp-haip-v2/register",
  "scopes_supported": [
    "openid",
    "phone",
    "profile",
    "email",
    "address",
    "offline_access"
  ],
  "response_types_supported": [
    "code",
    "id_token code",
    "token code id_token",
    "id_token",
    "token id_token",
    "token code",
    "token"
  ],
  "response_modes_supported": [
    "query",
    "fragment",
    "form_post"
  ],
  "token_endpoint_auth_methods_supported": [
    "client_secret_basic",
    "client_secret_post",
    "client_secret_jwt",
    "private_key_jwt"
  ],
  "token_endpoint_auth_signing_alg_values_supported": [
    "HS256",
    "HS384",
    "HS512",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA",
    "Ed25519",
    "Ed448"
  ],
  "grant_types_supported": [
    "authorization_code",
    "implicit"
  ],
  "claims_parameter_supported": true,
  "acr_values_supported": [
    "PASSWORD"
  ],
  "subject_types_supported": [
    "public",
    "pairwise"
  ],
  "claim_types_supported": [
    "normal",
    "aggregated",
    "distributed"
  ],
  "claims_supported": [
    "sub",
    "name",
    "given_name",
    "family_name",
    "middle_name",
    "nickname",
    "preferred_username",
    "gender",
    "birthdate",
    "address",
    "zoneinfo",
    "locale",
    "phone_number",
    "phone_number_verified",
    "email",
    "email_verified",
    "website",
    "profile",
    "updated_at",
    "txn"
  ],
  "id_token_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA",
    "Ed25519",
    "Ed448"
  ],
  "id_token_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "id_token_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_object_signing_alg_values_supported": [
    "none",
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA",
    "Ed25519",
    "Ed448"
  ],
  "request_object_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "request_object_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "userinfo_signing_alg_values_supported": [
    "RS256",
    "RS384",
    "RS512",
    "PS256",
    "PS384",
    "PS512",
    "ES256",
    "ES256K",
    "ES384",
    "ES512",
    "EdDSA",
    "Ed25519",
    "Ed448"
  ],
  "userinfo_encryption_alg_values_supported": [
    "RSA1_5",
    "RSA-OAEP",
    "RSA-OAEP-256",
    "RSA-OAEP-384",
    "RSA-OAEP-512",
    "ECDH-ES",
    "ECDH-ES+A128KW",
    "ECDH-ES+A192KW",
    "ECDH-ES+A256KW",
    "A128KW",
    "A192KW",
    "A256KW",
    "A128GCMKW",
    "A192GCMKW",
    "A256GCMKW",
    "dir"
  ],
  "userinfo_encryption_enc_values_supported": [
    "A128CBC-HS256",
    "A192CBC-HS384",
    "A256CBC-HS512",
    "A128GCM",
    "A192GCM",
    "A256GCM"
  ],
  "request_uri_parameter_supported": true,
  "require_request_uri_registration": false
}
2026-07-19 01:52:28
RegisterClientRequestObjectTrustAnchor
Registered client request object trust anchor certificate
trust_anchor_pem
-----BEGIN CERTIFICATE-----
MIICizCCAhGgAwIBAgIQXd1w3TH4AchcGGp6BLgK/jAKBggqhkjOPQQDAzAuMQsw
CQYDVQQGEwJVUzENMAsGA1UEChMESVNSRzEQMA4GA1UEAxMHUm9vdCBZRTAeFw0y
NTA5MDMwMDAwMDBaFw0yODA5MDIyMzU5NTlaMDMxCzAJBgNVBAYTAlVTMRYwFAYD
VQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQDEwNZRTEwdjAQBgcqhkjOPQIBBgUr
gQQAIgNiAAQHZVB1/mimla2hfSurylScjPMZaOJXLz/NnAc2sylm8WDyhU9Ccp+z
ASQi5vSwGGJjSGklkD9fdPR8GpyDIOIjCEfrnbt/v+ZSEPLLEGbaM6EccDbN7p9x
teIm2Avf+ryjge4wgeswDgYDVR0PAQH/BAQDAgGGMBMGA1UdJQQMMAoGCCsGAQUF
BwMBMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFLsgykcL/tflnPmPCSqj
jDdFsbzYMB8GA1UdIwQYMBaAFKPIJlqOoUzQNWP8myPIOq5W809WMDIGCCsGAQUF
BwEBBCYwJDAiBggrBgEFBQcwAoYWaHR0cDovL3llLmkubGVuY3Iub3JnLzATBgNV
HSAEDDAKMAgGBmeBDAECATAnBgNVHR8EIDAeMBygGqAYhhZodHRwOi8veWUuYy5s
ZW5jci5vcmcvMAoGCCqGSM49BAMDA2gAMGUCMQDgjUEahFT/h3DRakqiPZpLvPgf
Zwkt6K2EOMmh1nvEzl83eMLYcod4GCl3b0J1Nn0CMBNYmEQJb4CEG5WoOe7aRn/L
VKu6saHmHEynI7ysIPd8zQsK1HdmhlHKlw9Z5GpGvA==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIICpjCCAiugAwIBAgIRAIchZfw0tuX7qK3Vs3BftTowCgYIKoZIzj0EAwMwTzEL
MAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2VhcmNo
IEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDIwHhcNMjYwNTEzMDAwMDAwWhcN
MzIwOTAyMjM1OTU5WjAuMQswCQYDVQQGEwJVUzENMAsGA1UEChMESVNSRzEQMA4G
A1UEAxMHUm9vdCBZRTB2MBAGByqGSM49AgEGBSuBBAAiA2IABDwS/6vhrcVqcbBo
+wgdI3fwn9x7DNJJOY/lTOti0vkwuRN87RhEhTH17E7XyFjWsPYhIPt/wzOqxTd2
b+4ZJNy9ID04YywF9U5zasDVyGSNErVNtz8uSGh5izW87j77GaOB6zCB6DAOBgNV
HQ8BAf8EBAMCAQYwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0TAQH/BAUwAwEB
/zAdBgNVHQ4EFgQUo8gmWo6hTNA1Y/ybI8g6rlbzT1YwHwYDVR0jBBgwFoAUfEKW
rt5LSDv6kviejM9ti6lyN5UwMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzAChhZo
dHRwOi8veDIuaS5sZW5jci5vcmcvMBMGA1UdIAQMMAowCAYGZ4EMAQIBMCcGA1Ud
HwQgMB4wHKAaoBiGFmh0dHA6Ly94Mi5jLmxlbmNyLm9yZy8wCgYIKoZIzj0EAwMD
aQAwZgIxAMU19WCtmxVND8UHBZRoma49Z7jPs64Dma0eTu1OChVbB/2J7GV3nvYK
Ax54uk1G9QIxAO0miLVJu8PLNiXXXkiE/gsK3CTRTF/aeo4bMX42Zw40csRU6AC2
6hSW1/IWaas6dg==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEcDCCAligAwIBAgIQbI8dxyfHEX97r4U6yYD5zTANBgkqhkiG9w0BAQsFADBP
MQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFy
Y2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMTAeFw0yNjA1MTMwMDAwMDBa
Fw0zMjA5MDIyMzU5NTlaME8xCzAJBgNVBAYTAlVTMSkwJwYDVQQKEyBJbnRlcm5l
dCBTZWN1cml0eSBSZXNlYXJjaCBHcm91cDEVMBMGA1UEAxMMSVNSRyBSb290IFgy
MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEzZvVn4CDCuwJSvMWSj5cz3es3mcFDR0H
ttwW+1qLFNvicWDEukWVEYmO6gbf9yoWHKS5xcUy4APgHoIYOIvXRdgKam7mAHf7
AlF9ItgKbppbd9/w+kHsOdx1ymgHDB/qo4H1MIHyMA4GA1UdDwEB/wQEAwIBBjAd
BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDwYDVR0TAQH/BAUwAwEB/zAd
BgNVHQ4EFgQUfEKWrt5LSDv6kviejM9ti6lyN5UwHwYDVR0jBBgwFoAUebRZ5nu2
5eQBc4AIiMgaWPbpm24wMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzAChhZodHRw
Oi8veDEuaS5sZW5jci5vcmcvMBMGA1UdIAQMMAowCAYGZ4EMAQIBMCcGA1UdHwQg
MB4wHKAaoBiGFmh0dHA6Ly94MS5jLmxlbmNyLm9yZy8wDQYJKoZIhvcNAQELBQAD
ggIBAD2/e9frmMxNpCV03qUHegg+MV2wz9644YoXdqtH8RyWYcBO7xfjjGEXdU1e
/o0OkEFiynUCOSIk/vLLo7ttz6CPAeNlWfC0XNkoGeWgK6jjXvozBaGuGH5n0Ufo
shMeWTuURqNN5G00sSXDTBrpp2+mgvdZQjb8K11TYMA25QA+YHNfbIEL0BniAhKS
2gsnJjSzrdZLI+EZ7SEyqdR2rkjd1KutLDU+n3TFyxjniZVGur4YlhMP3mY/dV95
IruAkkjOZier6hGBdEgZXXvaCz9u9iVEadsIE75pAGL8oHV5vxdARDiotRpul1IN
/UZwzAbrfUFcw1HkAcYD/mlZfnQ2ieCF2MS7j3Vhv7JPDKp45fmykmzYNSrumRW0
upFFKDBOoF7hsOb7oLyHS+Uft6jOUfOrogj8YUx38hKb2K20r42OgsSdDdxdeYWc
MS3Sb6mwJeSZEYxJ2gaXnDSPaKhhrNkYwljyVQyr4Nq+MEJytXNTnHqaAcrNwZlV
pcJL1KBnMrMjP7eanvUwL3FYj3cF17jtboLt7gLoi4+2rWZFvn+w54jmd/FIuhhZ
cEaU/wvU6BUNMtcVquVGHp7itQeDth5j+XL3j4WJ2SABwzUl6OeYdgpIt/ITZa+p
TT0mQ/r5XyA4MEAiabn7XJjvCERlF2dcn2wqJw+CreTkkQ2R
-----END CERTIFICATE-----
2026-07-19 01:52:28 SUCCESS
EnsureClientRequestObjectTrustAnchorConfigured
Request Object Trust Anchor is configured
2026-07-19 01:52:28
oid4vp-1final-verifier-invalid-kb-jwt-nonce
Setup Done
2026-07-19 01:52:31 INCOMING
oid4vp-1final-verifier-invalid-kb-jwt-nonce
Incoming HTTP request to /test/a/codeb-oid4vp-haip-v2/authorize
incoming_headers
{
  "host": "www.certification.openid.net",
  "sec-ch-ua": "\"Google Chrome\";v\u003d\"149\", \"Chromium\";v\u003d\"149\", \"Not)A;Brand\";v\u003d\"24\"",
  "sec-ch-ua-mobile": "?0",
  "sec-ch-ua-platform": "\"Windows\"",
  "upgrade-insecure-requests": "1",
  "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/149.0.0.0 Safari/537.36",
  "accept": "text/html,application/xhtml+xml,application/xml;q\u003d0.9,image/avif,image/webp,image/apng,*/*;q\u003d0.8,application/signed-exchange;v\u003db3;q\u003d0.7",
  "sec-fetch-site": "cross-site",
  "sec-fetch-mode": "navigate",
  "sec-fetch-user": "?1",
  "sec-fetch-dest": "document",
  "accept-encoding": "gzip, deflate, br, zstd",
  "accept-language": "en-GB,en;q\u003d0.9,en-US;q\u003d0.8,de;q\u003d0.7",
  "cookie": "_gid\u003dGA1.2.1519654100.1784391516; _ga\u003dGA1.2.1777941607.1784391515; _ga_NF8HNLNJJE\u003dGS2.1.s1784391515$o1$g1$t1784393527$j26$l0$h0; JSESSIONID\u003dE70C083A1BBAF19EB73F190970FD3626",
  "connection": "close"
}
incoming_path
/test/a/codeb-oid4vp-haip-v2/authorize
incoming_body_form_params
incoming_method
GET
incoming_tls_version
TLSv1.2
incoming_tls_cert
incoming_query_string_params
{
  "client_id": "x509_hash:rCwVO2yykJ8rJUQrlgaLnfF7UjatGjAlK_Rc4V9BhBs",
  "request_uri": "https://phone.codeb.io/oidc.ashx?action\u003dvp-request\u0026id\u003dkAPLyOKQYFPaKnH-GEhz1A"
}
incoming_body
incoming_tls_chain
[
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL",
  "CONFORMANCE_SUITE_JSON_NULL"
]
incoming_body_json_parse_error
incoming_tls_cipher
ECDHE-RSA-AES128-GCM-SHA256
incoming_body_json
Authorization endpoint
2026-07-19 01:52:31
FetchRequestUriAndExtractRequestObject
Fetching request object from request_uri
request_uri
https://phone.codeb.io/oidc.ashx?action=vp-request&id=kAPLyOKQYFPaKnH-GEhz1A
2026-07-19 01:52:31
FetchRequestUriAndExtractRequestObject
HTTP request
request_uri
https://phone.codeb.io/oidc.ashx?action=vp-request&id=kAPLyOKQYFPaKnH-GEhz1A
request_method
GET
request_headers
{
  "Accept": "text/plain, application/json, application/yaml, application/*+json, */*",
  "Content-Length": "0"
}
request_body

                                
2026-07-19 01:52:32 RESPONSE
FetchRequestUriAndExtractRequestObject
HTTP response
response_status_code
200 OK
response_status_text
OK
response_headers
{
  "cache-control": "private, no-store,no-store, no-cache, must-revalidate, max-age\u003d0",
  "pragma": "no-cache,no-cache",
  "content-type": "application/oauth-authz-req+jwt; charset\u003dutf-8",
  "expires": "0",
  "x-aspnet-version": "4.0.30319",
  "referrer-policy": "no-referrer",
  "x-content-type-options": "nosniff",
  "permissions-policy": "camera\u003d(self), microphone\u003d(self), display-capture\u003d(self)",
  "strict-transport-security": "max-age\u003d63072000; includeSubDomains",
  "date": "Sun, 19 Jul 2026 01:52:31 GMT",
  "content-length": "3158"
}
response_body
eyJhbGciOiJFUzI1NiIsInR5cCI6Im9hdXRoLWF1dGh6LXJlcStqd3QiLCJ4NWMiOlsiTUlJRGlqQ0NBeENnQXdJQkFnSVNCWkpZL0VuUityVkZpN3IwU3puRUIxUG9NQW9HQ0NxR1NNNDlCQU1ETURNeEN6QUpCZ05WQkFZVEFsVlRNUll3RkFZRFZRUUtFdzFNWlhRbmN5QkZibU55ZVhCME1Rd3dDZ1lEVlFRREV3TlpSVEV3SGhjTk1qWXdOekU0TWpBMU1UTXhXaGNOTWpZeE1ERTJNakExTVRNd1dqQVpNUmN3RlFZRFZRUURFdzV3YUc5dVpTNWpiMlJsWWk1cGJ6QlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VIQTBJQUJGMGZTVVFXdVIrY2FXamo1YUZMeXN4TVZlcEFXQktmRjRONXgwS2sydmEzTTJ6ZURUVVBwU1VrbHJRUWs3TUdUOVRJbWFNNFUzbEYzR3NtS3dabzJRQ2pnZ0ljTUlJQ0dEQU9CZ05WSFE4QkFmOEVCQU1DQjRBd0V3WURWUjBsQkF3d0NnWUlLd1lCQlFVSEF3RXdEQVlEVlIwVEFRSC9CQUl3QURBZEJnTlZIUTRFRmdRVUpDbWR1ZHhnL3duTTJIK3I1R0hUa0xwdWE2NHdId1lEVlIwakJCZ3dGb0FVdXlES1J3disxK1djK1k4SktxT01OMFd4dk5nd013WUlLd1lCQlFVSEFRRUVKekFsTUNNR0NDc0dBUVVGQnpBQ2hoZG9kSFJ3T2k4dmVXVXhMbWt1YkdWdVkzSXViM0puTHpBWkJnTlZIUkVFRWpBUWdnNXdhRzl1WlM1amIyUmxZaTVwYnpBVEJnTlZIU0FFRERBS01BZ0dCbWVCREFFQ0FUQXZCZ05WSFI4RUtEQW1NQ1NnSXFBZ2hoNW9kSFJ3T2k4dmVXVXhMbU11YkdWdVkzSXViM0puTHpFd05TNWpjbXd3Z2dFTEJnb3JCZ0VFQWRaNUFnUUNCSUg4QklINUFQY0FkUURDTVg1WFJSbWpSZTUvT042eWtFSHJ4OEloV2lLL2Y5VzFyWGFhMlE1U3pRQUFBWjkzTlN2Y0FBQUVBd0JHTUVRQ0lGVzBKKzJkcDI5Ri9Jc2RiOS9Gd3o0T3hWTjhEVktMK1BNNW5VaDBsc0tlQWlBWkpTZzM3T1NwSVdUZVRXL2g5WEZ3NDdGaklFNlU5OXZTM1hWRDFPSzNpQUIrQUNialpHNVlhU0VqdkRRL1J5UTFtemVTelNSYWlOZ1YwNU16L1prWXEwY2pBQUFCbjNjMUtPZ0FDQUFBQlFBcXE4MDFCQU1BUnpCRkFpRUF2S3NPaDJRSUQ1UzM0V3gxMk5lNksrSEFEUjkzRTRxL1BkVmc0SHhOdEpzQ0lFR2V1Y0NzbXV3MnhlUUNMN3I4MXZXeE1zSElVZTJRWCtBcjhsRWphNDlzTUFvR0NDcUdTTTQ5QkFNREEyZ0FNR1VDTUNHaG9KY1puZE9ZUVhCaS9ndGh4S3NvZXdEOXMydDdVY0pJTGlCVW9JcjF0MWt2N1NtRS9yNDZYUHRwWmtnVVJ3SXhBUHhoWjFWU2I4c3BVSVZDMTFITkRHYmVvVURrYjdCWk9xRGp2UDdDRWlCNjg5RmUrL0RMSU9LcXk1UjhWNHBCTGc9PSJdfQ.eyJpc3MiOiJ4NTA5X2hhc2g6ckN3Vk8yeXlrSjhySlVRcmxnYUxuZkY3VWphdEdqQWxLX1JjNFY5QmhCcyIsImNsaWVudF9pZCI6Ing1MDlfaGFzaDpyQ3dWTzJ5eWtKOHJKVVFybGdhTG5mRjdVamF0R2pBbEtfUmM0VjlCaEJzIiwiYXVkIjoiaHR0cHM6Ly9zZWxmLWlzc3VlZC5tZS92MiIsInJlc3BvbnNlX3R5cGUiOiJ2cF90b2tlbiIsInJlc3BvbnNlX21vZGUiOiJkaXJlY3RfcG9zdC5qd3QiLCJyZXNwb25zZV91cmkiOiJodHRwczovL3Bob25lLmNvZGViLmlvL29pZGMuYXNoeD9hY3Rpb249dnAtcmVzcG9uc2VcdTAwMjZpZD1rQVBMeU9LUVlGUGFLbkgtR0VoejFBIiwibm9uY2UiOiJ6ZFUtdVdhVElLek1xSmpzQUpubG5IZVgtTVhkaE5xalJMX3Q2aVZBeUZVIiwic3RhdGUiOiJjS3BjS2lCb3p2Vl9yV3B1YV93bGlnIiwiZGNxbF9xdWVyeSI6eyJjcmVkZW50aWFscyI6W3siaWQiOiJldWRpX3BpZCIsImZvcm1hdCI6ImRjK3NkLWp3dCIsIm1ldGEiOnsidmN0X3ZhbHVlcyI6WyJ1cm46ZXUuZXVyb3BhLmVjLmV1ZGk6cGlkOjEiXX0sImNsYWltcyI6W3sicGF0aCI6WyJnaXZlbl9uYW1lIl19LHsicGF0aCI6WyJmYW1pbHlfbmFtZSJdfSx7InBhdGgiOlsiYWdlX292ZXJfMTgiXX1dfV19LCJjbGllbnRfbWV0YWRhdGEiOnsiandrcyI6eyJrZXlzIjpbeyJrdHkiOiJFQyIsImNydiI6IlAtMjU2IiwidXNlIjoiZW5jIiwiYWxnIjoiRUNESC1FUyIsIngiOiJ6Ti1YWlRFT3BPTDUzbGdZdlljTFE3ZDlPUy1VejUzRjBhbTczc1FRRWxZIiwieSI6IkxkZHd6cFBNSnRnYXJsenlhRjRFVHBXbXdiM2dITEp1LUtxc1BJMVYyNFkiLCJraWQiOiJBYndJSzh5X181cyJ9XX0sImVuY3J5cHRlZF9yZXNwb25zZV9lbmNfdmFsdWVzX3N1cHBvcnRlZCI6WyJBMTI4R0NNIiwiQTI1NkdDTSJdLCJ2cF9mb3JtYXRzX3N1cHBvcnRlZCI6eyJkYytzZC1qd3QiOnsic2Qtand0X2FsZ192YWx1ZXMiOlsiRVMyNTYiXSwia2Itand0X2FsZ192YWx1ZXMiOlsiRVMyNTYiXX19fSwiaWF0IjoxNzg0NDI1OTUyLCJleHAiOjE3ODQ0MjYyNTJ9.AXfsgu-JpzE7RQnEg9FwCFfTaNdqXigMwC1cayPOfKWwVSq-RToglU8noUS0O_qoCFEnD4-Rt4RsPfEGLGcucA
2026-07-19 01:52:32
FetchRequestUriAndExtractRequestObject
Downloaded request object
request_object
eyJhbGciOiJFUzI1NiIsInR5cCI6Im9hdXRoLWF1dGh6LXJlcStqd3QiLCJ4NWMiOlsiTUlJRGlqQ0NBeENnQXdJQkFnSVNCWkpZL0VuUityVkZpN3IwU3puRUIxUG9NQW9HQ0NxR1NNNDlCQU1ETURNeEN6QUpCZ05WQkFZVEFsVlRNUll3RkFZRFZRUUtFdzFNWlhRbmN5QkZibU55ZVhCME1Rd3dDZ1lEVlFRREV3TlpSVEV3SGhjTk1qWXdOekU0TWpBMU1UTXhXaGNOTWpZeE1ERTJNakExTVRNd1dqQVpNUmN3RlFZRFZRUURFdzV3YUc5dVpTNWpiMlJsWWk1cGJ6QlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VIQTBJQUJGMGZTVVFXdVIrY2FXamo1YUZMeXN4TVZlcEFXQktmRjRONXgwS2sydmEzTTJ6ZURUVVBwU1VrbHJRUWs3TUdUOVRJbWFNNFUzbEYzR3NtS3dabzJRQ2pnZ0ljTUlJQ0dEQU9CZ05WSFE4QkFmOEVCQU1DQjRBd0V3WURWUjBsQkF3d0NnWUlLd1lCQlFVSEF3RXdEQVlEVlIwVEFRSC9CQUl3QURBZEJnTlZIUTRFRmdRVUpDbWR1ZHhnL3duTTJIK3I1R0hUa0xwdWE2NHdId1lEVlIwakJCZ3dGb0FVdXlES1J3disxK1djK1k4SktxT01OMFd4dk5nd013WUlLd1lCQlFVSEFRRUVKekFsTUNNR0NDc0dBUVVGQnpBQ2hoZG9kSFJ3T2k4dmVXVXhMbWt1YkdWdVkzSXViM0puTHpBWkJnTlZIUkVFRWpBUWdnNXdhRzl1WlM1amIyUmxZaTVwYnpBVEJnTlZIU0FFRERBS01BZ0dCbWVCREFFQ0FUQXZCZ05WSFI4RUtEQW1NQ1NnSXFBZ2hoNW9kSFJ3T2k4dmVXVXhMbU11YkdWdVkzSXViM0puTHpFd05TNWpjbXd3Z2dFTEJnb3JCZ0VFQWRaNUFnUUNCSUg4QklINUFQY0FkUURDTVg1WFJSbWpSZTUvT042eWtFSHJ4OEloV2lLL2Y5VzFyWGFhMlE1U3pRQUFBWjkzTlN2Y0FBQUVBd0JHTUVRQ0lGVzBKKzJkcDI5Ri9Jc2RiOS9Gd3o0T3hWTjhEVktMK1BNNW5VaDBsc0tlQWlBWkpTZzM3T1NwSVdUZVRXL2g5WEZ3NDdGaklFNlU5OXZTM1hWRDFPSzNpQUIrQUNialpHNVlhU0VqdkRRL1J5UTFtemVTelNSYWlOZ1YwNU16L1prWXEwY2pBQUFCbjNjMUtPZ0FDQUFBQlFBcXE4MDFCQU1BUnpCRkFpRUF2S3NPaDJRSUQ1UzM0V3gxMk5lNksrSEFEUjkzRTRxL1BkVmc0SHhOdEpzQ0lFR2V1Y0NzbXV3MnhlUUNMN3I4MXZXeE1zSElVZTJRWCtBcjhsRWphNDlzTUFvR0NDcUdTTTQ5QkFNREEyZ0FNR1VDTUNHaG9KY1puZE9ZUVhCaS9ndGh4S3NvZXdEOXMydDdVY0pJTGlCVW9JcjF0MWt2N1NtRS9yNDZYUHRwWmtnVVJ3SXhBUHhoWjFWU2I4c3BVSVZDMTFITkRHYmVvVURrYjdCWk9xRGp2UDdDRWlCNjg5RmUrL0RMSU9LcXk1UjhWNHBCTGc9PSJdfQ.eyJpc3MiOiJ4NTA5X2hhc2g6ckN3Vk8yeXlrSjhySlVRcmxnYUxuZkY3VWphdEdqQWxLX1JjNFY5QmhCcyIsImNsaWVudF9pZCI6Ing1MDlfaGFzaDpyQ3dWTzJ5eWtKOHJKVVFybGdhTG5mRjdVamF0R2pBbEtfUmM0VjlCaEJzIiwiYXVkIjoiaHR0cHM6Ly9zZWxmLWlzc3VlZC5tZS92MiIsInJlc3BvbnNlX3R5cGUiOiJ2cF90b2tlbiIsInJlc3BvbnNlX21vZGUiOiJkaXJlY3RfcG9zdC5qd3QiLCJyZXNwb25zZV91cmkiOiJodHRwczovL3Bob25lLmNvZGViLmlvL29pZGMuYXNoeD9hY3Rpb249dnAtcmVzcG9uc2VcdTAwMjZpZD1rQVBMeU9LUVlGUGFLbkgtR0VoejFBIiwibm9uY2UiOiJ6ZFUtdVdhVElLek1xSmpzQUpubG5IZVgtTVhkaE5xalJMX3Q2aVZBeUZVIiwic3RhdGUiOiJjS3BjS2lCb3p2Vl9yV3B1YV93bGlnIiwiZGNxbF9xdWVyeSI6eyJjcmVkZW50aWFscyI6W3siaWQiOiJldWRpX3BpZCIsImZvcm1hdCI6ImRjK3NkLWp3dCIsIm1ldGEiOnsidmN0X3ZhbHVlcyI6WyJ1cm46ZXUuZXVyb3BhLmVjLmV1ZGk6cGlkOjEiXX0sImNsYWltcyI6W3sicGF0aCI6WyJnaXZlbl9uYW1lIl19LHsicGF0aCI6WyJmYW1pbHlfbmFtZSJdfSx7InBhdGgiOlsiYWdlX292ZXJfMTgiXX1dfV19LCJjbGllbnRfbWV0YWRhdGEiOnsiandrcyI6eyJrZXlzIjpbeyJrdHkiOiJFQyIsImNydiI6IlAtMjU2IiwidXNlIjoiZW5jIiwiYWxnIjoiRUNESC1FUyIsIngiOiJ6Ti1YWlRFT3BPTDUzbGdZdlljTFE3ZDlPUy1VejUzRjBhbTczc1FRRWxZIiwieSI6IkxkZHd6cFBNSnRnYXJsenlhRjRFVHBXbXdiM2dITEp1LUtxc1BJMVYyNFkiLCJraWQiOiJBYndJSzh5X181cyJ9XX0sImVuY3J5cHRlZF9yZXNwb25zZV9lbmNfdmFsdWVzX3N1cHBvcnRlZCI6WyJBMTI4R0NNIiwiQTI1NkdDTSJdLCJ2cF9mb3JtYXRzX3N1cHBvcnRlZCI6eyJkYytzZC1qd3QiOnsic2Qtand0X2FsZ192YWx1ZXMiOlsiRVMyNTYiXSwia2Itand0X2FsZ192YWx1ZXMiOlsiRVMyNTYiXX19fSwiaWF0IjoxNzg0NDI1OTUyLCJleHAiOjE3ODQ0MjYyNTJ9.AXfsgu-JpzE7RQnEg9FwCFfTaNdqXigMwC1cayPOfKWwVSq-RToglU8noUS0O_qoCFEnD4-Rt4RsPfEGLGcucA
2026-07-19 01:52:32 SUCCESS
FetchRequestUriAndExtractRequestObject
Parsed request object
value
eyJhbGciOiJFUzI1NiIsInR5cCI6Im9hdXRoLWF1dGh6LXJlcStqd3QiLCJ4NWMiOlsiTUlJRGlqQ0NBeENnQXdJQkFnSVNCWkpZL0VuUityVkZpN3IwU3puRUIxUG9NQW9HQ0NxR1NNNDlCQU1ETURNeEN6QUpCZ05WQkFZVEFsVlRNUll3RkFZRFZRUUtFdzFNWlhRbmN5QkZibU55ZVhCME1Rd3dDZ1lEVlFRREV3TlpSVEV3SGhjTk1qWXdOekU0TWpBMU1UTXhXaGNOTWpZeE1ERTJNakExTVRNd1dqQVpNUmN3RlFZRFZRUURFdzV3YUc5dVpTNWpiMlJsWWk1cGJ6QlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VIQTBJQUJGMGZTVVFXdVIrY2FXamo1YUZMeXN4TVZlcEFXQktmRjRONXgwS2sydmEzTTJ6ZURUVVBwU1VrbHJRUWs3TUdUOVRJbWFNNFUzbEYzR3NtS3dabzJRQ2pnZ0ljTUlJQ0dEQU9CZ05WSFE4QkFmOEVCQU1DQjRBd0V3WURWUjBsQkF3d0NnWUlLd1lCQlFVSEF3RXdEQVlEVlIwVEFRSC9CQUl3QURBZEJnTlZIUTRFRmdRVUpDbWR1ZHhnL3duTTJIK3I1R0hUa0xwdWE2NHdId1lEVlIwakJCZ3dGb0FVdXlES1J3disxK1djK1k4SktxT01OMFd4dk5nd013WUlLd1lCQlFVSEFRRUVKekFsTUNNR0NDc0dBUVVGQnpBQ2hoZG9kSFJ3T2k4dmVXVXhMbWt1YkdWdVkzSXViM0puTHpBWkJnTlZIUkVFRWpBUWdnNXdhRzl1WlM1amIyUmxZaTVwYnpBVEJnTlZIU0FFRERBS01BZ0dCbWVCREFFQ0FUQXZCZ05WSFI4RUtEQW1NQ1NnSXFBZ2hoNW9kSFJ3T2k4dmVXVXhMbU11YkdWdVkzSXViM0puTHpFd05TNWpjbXd3Z2dFTEJnb3JCZ0VFQWRaNUFnUUNCSUg4QklINUFQY0FkUURDTVg1WFJSbWpSZTUvT042eWtFSHJ4OEloV2lLL2Y5VzFyWGFhMlE1U3pRQUFBWjkzTlN2Y0FBQUVBd0JHTUVRQ0lGVzBKKzJkcDI5Ri9Jc2RiOS9Gd3o0T3hWTjhEVktMK1BNNW5VaDBsc0tlQWlBWkpTZzM3T1NwSVdUZVRXL2g5WEZ3NDdGaklFNlU5OXZTM1hWRDFPSzNpQUIrQUNialpHNVlhU0VqdkRRL1J5UTFtemVTelNSYWlOZ1YwNU16L1prWXEwY2pBQUFCbjNjMUtPZ0FDQUFBQlFBcXE4MDFCQU1BUnpCRkFpRUF2S3NPaDJRSUQ1UzM0V3gxMk5lNksrSEFEUjkzRTRxL1BkVmc0SHhOdEpzQ0lFR2V1Y0NzbXV3MnhlUUNMN3I4MXZXeE1zSElVZTJRWCtBcjhsRWphNDlzTUFvR0NDcUdTTTQ5QkFNREEyZ0FNR1VDTUNHaG9KY1puZE9ZUVhCaS9ndGh4S3NvZXdEOXMydDdVY0pJTGlCVW9JcjF0MWt2N1NtRS9yNDZYUHRwWmtnVVJ3SXhBUHhoWjFWU2I4c3BVSVZDMTFITkRHYmVvVURrYjdCWk9xRGp2UDdDRWlCNjg5RmUrL0RMSU9LcXk1UjhWNHBCTGc9PSJdfQ.eyJpc3MiOiJ4NTA5X2hhc2g6ckN3Vk8yeXlrSjhySlVRcmxnYUxuZkY3VWphdEdqQWxLX1JjNFY5QmhCcyIsImNsaWVudF9pZCI6Ing1MDlfaGFzaDpyQ3dWTzJ5eWtKOHJKVVFybGdhTG5mRjdVamF0R2pBbEtfUmM0VjlCaEJzIiwiYXVkIjoiaHR0cHM6Ly9zZWxmLWlzc3VlZC5tZS92MiIsInJlc3BvbnNlX3R5cGUiOiJ2cF90b2tlbiIsInJlc3BvbnNlX21vZGUiOiJkaXJlY3RfcG9zdC5qd3QiLCJyZXNwb25zZV91cmkiOiJodHRwczovL3Bob25lLmNvZGViLmlvL29pZGMuYXNoeD9hY3Rpb249dnAtcmVzcG9uc2VcdTAwMjZpZD1rQVBMeU9LUVlGUGFLbkgtR0VoejFBIiwibm9uY2UiOiJ6ZFUtdVdhVElLek1xSmpzQUpubG5IZVgtTVhkaE5xalJMX3Q2aVZBeUZVIiwic3RhdGUiOiJjS3BjS2lCb3p2Vl9yV3B1YV93bGlnIiwiZGNxbF9xdWVyeSI6eyJjcmVkZW50aWFscyI6W3siaWQiOiJldWRpX3BpZCIsImZvcm1hdCI6ImRjK3NkLWp3dCIsIm1ldGEiOnsidmN0X3ZhbHVlcyI6WyJ1cm46ZXUuZXVyb3BhLmVjLmV1ZGk6cGlkOjEiXX0sImNsYWltcyI6W3sicGF0aCI6WyJnaXZlbl9uYW1lIl19LHsicGF0aCI6WyJmYW1pbHlfbmFtZSJdfSx7InBhdGgiOlsiYWdlX292ZXJfMTgiXX1dfV19LCJjbGllbnRfbWV0YWRhdGEiOnsiandrcyI6eyJrZXlzIjpbeyJrdHkiOiJFQyIsImNydiI6IlAtMjU2IiwidXNlIjoiZW5jIiwiYWxnIjoiRUNESC1FUyIsIngiOiJ6Ti1YWlRFT3BPTDUzbGdZdlljTFE3ZDlPUy1VejUzRjBhbTczc1FRRWxZIiwieSI6IkxkZHd6cFBNSnRnYXJsenlhRjRFVHBXbXdiM2dITEp1LUtxc1BJMVYyNFkiLCJraWQiOiJBYndJSzh5X181cyJ9XX0sImVuY3J5cHRlZF9yZXNwb25zZV9lbmNfdmFsdWVzX3N1cHBvcnRlZCI6WyJBMTI4R0NNIiwiQTI1NkdDTSJdLCJ2cF9mb3JtYXRzX3N1cHBvcnRlZCI6eyJkYytzZC1qd3QiOnsic2Qtand0X2FsZ192YWx1ZXMiOlsiRVMyNTYiXSwia2Itand0X2FsZ192YWx1ZXMiOlsiRVMyNTYiXX19fSwiaWF0IjoxNzg0NDI1OTUyLCJleHAiOjE3ODQ0MjYyNTJ9.AXfsgu-JpzE7RQnEg9FwCFfTaNdqXigMwC1cayPOfKWwVSq-RToglU8noUS0O_qoCFEnD4-Rt4RsPfEGLGcucA
header
{
  "x5c": [
    "MIIDijCCAxCgAwIBAgISBZJY/EnR+rVFi7r0SznEB1PoMAoGCCqGSM49BAMDMDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MQwwCgYDVQQDEwNZRTEwHhcNMjYwNzE4MjA1MTMxWhcNMjYxMDE2MjA1MTMwWjAZMRcwFQYDVQQDEw5waG9uZS5jb2RlYi5pbzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABF0fSUQWuR+caWjj5aFLysxMVepAWBKfF4N5x0Kk2va3M2zeDTUPpSUklrQQk7MGT9TImaM4U3lF3GsmKwZo2QCjggIcMIICGDAOBgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUJCmdudxg/wnM2H+r5GHTkLpua64wHwYDVR0jBBgwFoAUuyDKRwv+1+Wc+Y8JKqOMN0WxvNgwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzAChhdodHRwOi8veWUxLmkubGVuY3Iub3JnLzAZBgNVHREEEjAQgg5waG9uZS5jb2RlYi5pbzATBgNVHSAEDDAKMAgGBmeBDAECATAvBgNVHR8EKDAmMCSgIqAghh5odHRwOi8veWUxLmMubGVuY3Iub3JnLzEwNS5jcmwwggELBgorBgEEAdZ5AgQCBIH8BIH5APcAdQDCMX5XRRmjRe5/ON6ykEHrx8IhWiK/f9W1rXaa2Q5SzQAAAZ93NSvcAAAEAwBGMEQCIFW0J+2dp29F/Isdb9/Fwz4OxVN8DVKL+PM5nUh0lsKeAiAZJSg37OSpIWTeTW/h9XFw47FjIE6U99vS3XVD1OK3iAB+ACbjZG5YaSEjvDQ/RyQ1mzeSzSRaiNgV05Mz/ZkYq0cjAAABn3c1KOgACAAABQAqq801BAMARzBFAiEAvKsOh2QID5S34Wx12Ne6K+HADR93E4q/PdVg4HxNtJsCIEGeucCsmuw2xeQCL7r81vWxMsHIUe2QX+Ar8lEja49sMAoGCCqGSM49BAMDA2gAMGUCMCGhoJcZndOYQXBi/gthxKsoewD9s2t7UcJILiBUoIr1t1kv7SmE/r46XPtpZkgURwIxAPxhZ1VSb8spUIVC11HNDGbeoUDkb7BZOqDjvP7CEiB689Fe+/DLIOKqy5R8V4pBLg\u003d\u003d"
  ],
  "typ": "oauth-authz-req+jwt",
  "alg": "ES256"
}
claims
{
  "response_uri": "https://phone.codeb.io/oidc.ashx?action\u003dvp-response\u0026id\u003dkAPLyOKQYFPaKnH-GEhz1A",
  "aud": "https://self-issued.me/v2",
  "iss": "x509_hash:rCwVO2yykJ8rJUQrlgaLnfF7UjatGjAlK_Rc4V9BhBs",
  "response_type": "vp_token",
  "state": "cKpcKiBozvV_rWpua_wlig",
  "dcql_query": {
    "credentials": [
      {
        "id": "eudi_pid",
        "format": "dc+sd-jwt",
        "meta": {
          "vct_values": [
            "urn:eu.europa.ec.eudi:pid:1"
          ]
        },
        "claims": [
          {
            "path": [
              "given_name"
            ]
          },
          {
            "path": [
              "family_name"
            ]
          },
          {
            "path": [
              "age_over_18"
            ]
          }
        ]
      }
    ]
  },
  "exp": 1784426252,
  "nonce": "zdU-uWaTIKzMqJjsAJnlnHeX-MXdhNqjRL_t6iVAyFU",
  "iat": 1784425952,
  "client_id": "x509_hash:rCwVO2yykJ8rJUQrlgaLnfF7UjatGjAlK_Rc4V9BhBs",
  "client_metadata": {
    "jwks": {
      "keys": [
        {
          "kty": "EC",
          "crv": "P-256",
          "use": "enc",
          "alg": "ECDH-ES",
          "x": "zN-XZTEOpOL53lgYvYcLQ7d9OS-Uz53F0am73sQQElY",
          "y": "LddwzpPMJtgarlzyaF4ETpWmwb3gHLJu-KqsPI1V24Y",
          "kid": "AbwIK8y__5s"
        }
      ]
    },
    "encrypted_response_enc_values_supported": [
      "A128GCM",
      "A256GCM"
    ],
    "vp_formats_supported": {
      "dc+sd-jwt": {
        "sd-jwt_alg_values": [
          "ES256"
        ],
        "kb-jwt_alg_values": [
          "ES256"
        ]
      }
    }
  },
  "response_mode": "direct_post.jwt"
}
2026-07-19 01:52:32 SUCCESS
EnsureRequestUriIsHttps
request_uri is a https url
request_uri
https://phone.codeb.io/oidc.ashx?action=vp-request&id=kAPLyOKQYFPaKnH-GEhz1A
2026-07-19 01:52:32 SUCCESS
EnsureRequestUriHasNoFragment
request_uri does not contain a fragment
request_uri
https://phone.codeb.io/oidc.ashx?action=vp-request&id=kAPLyOKQYFPaKnH-GEhz1A
2026-07-19 01:52:32 SUCCESS
ExtractAndValidateX509HashClientId
Client ID matched
client_id
x509_hash:rCwVO2yykJ8rJUQrlgaLnfF7UjatGjAlK_Rc4V9BhBs
2026-07-19 01:52:32 SUCCESS
ValidateRequestObjectTypIsOAuthQauthReqJwt
Request object typ header is valid
typ
oauth-authz-req+jwt
2026-07-19 01:52:32 SUCCESS
OIDCCValidateRequestObjectExp
Request object contains a valid exp claim, expiry time
exp
"Jul 19, 2026, 1:57:32 AM"
2026-07-19 01:52:32 SUCCESS
ValidateRequestObjectIat
iat claim is valid
iat
1784425952
2026-07-19 01:52:32 SUCCESS
EnsureNumericRequestObjectClaimsAreNotNull
None of the claims expected to have numeric values, have null values
numeric_claims
[
  "max_age"
]
2026-07-19 01:52:32
ValidateRequestObjectMaxAge
Request object does not contain a max_age claim
2026-07-19 01:52:32 SUCCESS
EnsureRequestObjectDoesNotContainRequestOrRequestUri
Request object does not contain request or request_uri
2026-07-19 01:52:32 SUCCESS
EnsureRequestObjectDoesNotContainSubWithClientId
Request object does not contain Client Id in sub
2026-07-19 01:52:32 SUCCESS
ValidateRequestObjectIssIfPresent
iss claim matches the client id
iss
x509_hash:rCwVO2yykJ8rJUQrlgaLnfF7UjatGjAlK_Rc4V9BhBs
2026-07-19 01:52:32 SUCCESS
ValidateRequestObjectAudForVP
Request object aud claim is valid
aud
https://self-issued.me/v2
expected_self_issued
https://self-issued.me/v2
expected_wallet_issuer
https://www.certification.openid.net/test/a/codeb-oid4vp-haip-v2/
2026-07-19 01:52:32 SUCCESS
ValidateRequestObjectSignatureAgainstX5cHeader
Request object x5c chain validated and signature verified
chain_length
1
leaf_cert_subject
CN=phone.codeb.io
request_object_signing_alg
ES256
2026-07-19 01:52:32 SUCCESS
EnsureClientIdInAuthorizationRequestParametersMatchRequestObject
client_id http request parameter value matches client_id in request object
2026-07-19 01:52:32 INFO
ValidateEncryptedRequestObjectHasKid
Skipped evaluation due to missing required element: authorization_request_object jwe_header
path
jwe_header
mapped
object
authorization_request_object
2026-07-19 01:52:32 SUCCESS
EnsureOptionalAuthorizationRequestParametersMatchRequestObject
All http request parameters and request object claims match
2026-07-19 01:52:32 SUCCESS
CheckForUnexpectedParametersInVpAuthorizationEndpointHttpRequest
All HTTP authorization request parameters are expected
known_params
[
  "client_id",
  "request_uri",
  "request_uri_method"
]
parameters
[
  "client_id",
  "request_uri"
]
2026-07-19 01:52:32 SUCCESS
CreateEffectiveAuthorizationRequestParameters
Merged http request parameters with request object claims
effective_authorization_endpoint_request
{
  "client_id": "x509_hash:rCwVO2yykJ8rJUQrlgaLnfF7UjatGjAlK_Rc4V9BhBs",
  "response_uri": "https://phone.codeb.io/oidc.ashx?action\u003dvp-response\u0026id\u003dkAPLyOKQYFPaKnH-GEhz1A",
  "aud": "https://self-issued.me/v2",
  "iss": "x509_hash:rCwVO2yykJ8rJUQrlgaLnfF7UjatGjAlK_Rc4V9BhBs",
  "response_type": "vp_token",
  "state": "cKpcKiBozvV_rWpua_wlig",
  "dcql_query": {
    "credentials": [
      {
        "id": "eudi_pid",
        "format": "dc+sd-jwt",
        "meta": {
          "vct_values": [
            "urn:eu.europa.ec.eudi:pid:1"
          ]
        },
        "claims": [
          {
            "path": [
              "given_name"
            ]
          },
          {
            "path": [
              "family_name"
            ]
          },
          {
            "path": [
              "age_over_18"
            ]
          }
        ]
      }
    ]
  },
  "exp": 1784426252,
  "nonce": "zdU-uWaTIKzMqJjsAJnlnHeX-MXdhNqjRL_t6iVAyFU",
  "iat": 1784425952,
  "client_metadata": {
    "jwks": {
      "keys": [
        {
          "kty": "EC",
          "crv": "P-256",
          "use": "enc",
          "alg": "ECDH-ES",
          "x": "zN-XZTEOpOL53lgYvYcLQ7d9OS-Uz53F0am73sQQElY",
          "y": "LddwzpPMJtgarlzyaF4ETpWmwb3gHLJu-KqsPI1V24Y",
          "kid": "AbwIK8y__5s"
        }
      ]
    },
    "encrypted_response_enc_values_supported": [
      "A128GCM",
      "A256GCM"
    ],
    "vp_formats_supported": {
      "dc+sd-jwt": {
        "sd-jwt_alg_values": [
          "ES256"
        ],
        "kb-jwt_alg_values": [
          "ES256"
        ]
      }
    }
  },
  "response_mode": "direct_post.jwt"
}
2026-07-19 01:52:32 SUCCESS
ExtractNonceFromAuthorizationRequest
Extracted nonce
nonce
zdU-uWaTIKzMqJjsAJnlnHeX-MXdhNqjRL_t6iVAyFU
2026-07-19 01:52:32 INFO
EnsureAuthorizationRequestContainsPkceCodeChallenge
Skipped evaluation due to missing required element: effective_authorization_endpoint_request code_challenge
path
code_challenge
mapped
object
effective_authorization_endpoint_request
2026-07-19 01:52:32 SUCCESS
EnsureResponseTypeIsVpToken
Response type is expected value
expected
vp_token
2026-07-19 01:52:32 SUCCESS
ValidateResponseMode
response_mode is direct_post.jwt
2026-07-19 01:52:32 SUCCESS
CheckNoClientIdSchemeParameter
client_id_scheme parameter is not present, as expected.
2026-07-19 01:52:32 SUCCESS
CheckNoScopeParameter
scope parameter is not present, as expected.
2026-07-19 01:52:32 SUCCESS
CheckRequestUriMethodParameter
request_uri_method parameter is not present.
2026-07-19 01:52:32 INFO
WarnIfRequestUriMethodInRequestObject
Skipped evaluation due to missing required string: authorization_request_object
expected
authorization_request_object
2026-07-19 01:52:32 INFO
EnsureNoWalletNonceInRequestObject
Skipped evaluation due to missing required string: authorization_request_object
expected
authorization_request_object
2026-07-19 01:52:32 SUCCESS
CheckForUnexpectedParametersInVpAuthorizationRequest
All authorization parameters are expected
known_params
[
  "presentation_definition",
  "dcql_query",
  "client_id",
  "client_id_scheme",
  "response_uri",
  "client_metadata",
  "nonce",
  "state",
  "response_type",
  "response_mode",
  "verifier_info",
  "scope",
  "request_uri_method",
  "wallet_nonce",
  "aud",
  "iss",
  "iat",
  "nbf",
  "exp",
  "jti"
]
parameters
[
  "client_id",
  "response_uri",
  "aud",
  "iss",
  "response_type",
  "state",
  "dcql_query",
  "exp",
  "nonce",
  "iat",
  "client_metadata",
  "response_mode"
]
2026-07-19 01:52:32 SUCCESS
CheckNoTransactionDataInVpAuthorizationRequest
Authorization request does not contain transaction_data
2026-07-19 01:52:32 INFO
ExtractVerifierInfoFromAuthorizationRequest
Skipped evaluation due to missing required element: effective_authorization_endpoint_request verifier_info
path
verifier_info
mapped
object
effective_authorization_endpoint_request
2026-07-19 01:52:32 INFO
ValidateVerifierInfo
Skipped evaluation due to missing required element: effective_authorization_endpoint_request verifier_info
path
verifier_info
mapped
object
effective_authorization_endpoint_request
2026-07-19 01:52:32 INFO
CheckForUnexpectedParametersInVerifierInfo
Skipped evaluation due to missing required element: effective_authorization_endpoint_request verifier_info
path
verifier_info
mapped
object
effective_authorization_endpoint_request
2026-07-19 01:52:32 SUCCESS
EnsureValidResponseUriForAuthorizationEndpointRequest
response_uri is valid https url with no fragment
actual
https://phone.codeb.io/oidc.ashx?action=vp-response&id=kAPLyOKQYFPaKnH-GEhz1A
2026-07-19 01:52:32 SUCCESS
CheckNoRedirectUriInVpAuthorizationRequest
Authorization request does not contain 'redirect_uri'
2026-07-19 01:52:32 SUCCESS
CheckNoPresentationDefinitionInVpAuthorizationRequest
Authorization request does not contain presentation_definition or presentation_definition_uri
2026-07-19 01:52:32 SUCCESS
VP1FinalCheckForUnexpectedParametersInVpClientMetadata
All client_metadata parameters are expected
parameters
[
  "jwks",
  "encrypted_response_enc_values_supported",
  "vp_formats_supported"
]
2026-07-19 01:52:32 SUCCESS
VP1FinalValidateVpFormatsSupportedInClientMetadata
vp_formats_supported contains valid dc+sd-jwt format
dc+sd-jwt
{
  "sd-jwt_alg_values": [
    "ES256"
  ],
  "kb-jwt_alg_values": [
    "ES256"
  ]
}
2026-07-19 01:52:32 SUCCESS
VP1FinalCheckForKeyIdInClientMetadataJWKs
All keys in client_metadata.jwks have unique kid values
jwks
{
  "keys": [
    {
      "kty": "EC",
      "crv": "P-256",
      "use": "enc",
      "alg": "ECDH-ES",
      "x": "zN-XZTEOpOL53lgYvYcLQ7d9OS-Uz53F0am73sQQElY",
      "y": "LddwzpPMJtgarlzyaF4ETpWmwb3gHLJu-KqsPI1V24Y",
      "kid": "AbwIK8y__5s"
    }
  ]
}
2026-07-19 01:52:32 SUCCESS
VP1FinalValidateClientMetadataJwksForEncryptedResponse
client_metadata.jwks contains valid encryption key(s) with alg
jwks
{
  "keys": [
    {
      "kty": "EC",
      "crv": "P-256",
      "use": "enc",
      "alg": "ECDH-ES",
      "x": "zN-XZTEOpOL53lgYvYcLQ7d9OS-Uz53F0am73sQQElY",
      "y": "LddwzpPMJtgarlzyaF4ETpWmwb3gHLJu-KqsPI1V24Y",
      "kid": "AbwIK8y__5s"
    }
  ]
}
Validate the JWK set in client_metadata
2026-07-19 01:52:32 SUCCESS
MapJwksToValidationLocation
Selected the JWK set in client_metadata for validation
jwks
{
  "keys": [
    {
      "kty": "EC",
      "crv": "P-256",
      "use": "enc",
      "alg": "ECDH-ES",
      "x": "zN-XZTEOpOL53lgYvYcLQ7d9OS-Uz53F0am73sQQElY",
      "y": "LddwzpPMJtgarlzyaF4ETpWmwb3gHLJu-KqsPI1V24Y",
      "kid": "AbwIK8y__5s"
    }
  ]
}
2026-07-19 01:52:32 SUCCESS
EnsureJwksHasNoPrivateOrSymmetricKeyMaterial
The JWK set in client_metadata contains only public key material
jwks_source
client_metadata
2026-07-19 01:52:32 SUCCESS
ValidateJwksStructure
The JWK set in client_metadata is structurally valid
jwks_source
client_metadata
2026-07-19 01:52:32 SUCCESS
ParseUsableJwksKeys
All usable keys in the JWK set in client_metadata parse successfully
jwks_source
client_metadata
2026-07-19 01:52:32 SUCCESS
WarnOnUnusableJwksKeys
All keys in the JWK set in client_metadata use a supported key type, curve and algorithm
jwks_source
client_metadata
2026-07-19 01:52:32 SUCCESS
ValidateVpClientMetadataEncryptionForHaip
client_metadata encryption parameters satisfy HAIP & OID4VP requirements
encrypted_response_enc_values_supported
[
  "A128GCM",
  "A256GCM"
]
2026-07-19 01:52:32 SUCCESS
VP1FinalCheckEncryptionKeyNotReused
Verifier response-encryption key(s) were not seen in a previous Authorization Request
jwk_thumbprints
[
  "fiN1Loc8iyqLmCO92TMk6az9-Qrs3v1R7Ee2PR6-aYY"
]
2026-07-19 01:52:32 SUCCESS
ExtractDCQLQueryFromAuthorizationRequest
Extracted dcql_query from authorization request
dcql
{
  "credentials": [
    {
      "id": "eudi_pid",
      "format": "dc+sd-jwt",
      "meta": {
        "vct_values": [
          "urn:eu.europa.ec.eudi:pid:1"
        ]
      },
      "claims": [
        {
          "path": [
            "given_name"
          ]
        },
        {
          "path": [
            "family_name"
          ]
        },
        {
          "path": [
            "age_over_18"
          ]
        }
      ]
    }
  ]
}
2026-07-19 01:52:32 SUCCESS
ValidateDCQLQuery
DCQL query input is valid
input
{
  "credentials": [
    {
      "id": "eudi_pid",
      "format": "dc+sd-jwt",
      "meta": {
        "vct_values": [
          "urn:eu.europa.ec.eudi:pid:1"
        ]
      },
      "claims": [
        {
          "path": [
            "given_name"
          ]
        },
        {
          "path": [
            "family_name"
          ]
        },
        {
          "path": [
            "age_over_18"
          ]
        }
      ]
    }
  ]
}
schema_link
/json-schemas/oid4vp/dcql_request.json
2026-07-19 01:52:32 SUCCESS
CheckForUnexpectedParametersInDcqlQuery
DCQL query input is valid
input
{
  "credentials": [
    {
      "id": "eudi_pid",
      "format": "dc+sd-jwt",
      "meta": {
        "vct_values": [
          "urn:eu.europa.ec.eudi:pid:1"
        ]
      },
      "claims": [
        {
          "path": [
            "given_name"
          ]
        },
        {
          "path": [
            "family_name"
          ]
        },
        {
          "path": [
            "age_over_18"
          ]
        }
      ]
    }
  ]
}
schema_link
/json-schemas/oid4vp/dcql_request.json
2026-07-19 01:52:32 SUCCESS
CheckDCQLQueryCredentialFormatMatchesTestConfiguration
DCQL query credential format matches test configuration
expected_format
dc+sd-jwt
credential_count
1
2026-07-19 01:52:32 SUCCESS
CreateAuthorizationEndpointResponseParams
Added authorization_endpoint_response_params to environment
params
{
  "state": "cKpcKiBozvV_rWpua_wlig"
}
2026-07-19 01:52:32
InvalidateNonce
Replaced nonce with an invalid value
original_nonce
zdU-uWaTIKzMqJjsAJnlnHeX-MXdhNqjRL_t6iVAyFU
invalid_nonce
zdU-uWaTIKzMqJjsAJnlnHeX-MXdhNqjRL_t6iVAyFUINVALID
2026-07-19 01:52:32
CreateSdJwtKbCredential
Filtered SD-JWT disclosures to DCQL requested claims
filtered_disclosures
2
requested_claims
[
  "age_over_18",
  "given_name",
  "family_name"
]
total_disclosures
7
2026-07-19 01:52:32
CreateSdJwtKbCredential
Created an SD-JWT+KB
sdjwt
eyJ0eXAiOiJkYytzZC1qd3QiLCJhbGciOiJFUzI1NiJ9.eyJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL2NvZGViLW9pZDR2cC1oYWlwLXYyIiwiX3NkIjpbIjIwMjRjV2pFd2E3THJPblk1U3FSX0NXeDZaNUdYZXRYU2wxbGpxMmtrYnciLCI2RjA1U3pnSXN6Vllld053MXg4VlY5MWR2bENlcWRqNEF5SDJfd1BpUVpvIiwiOER6Y0VEU0xGcjRFM0pTbURyZzZtRHppalZpRDJRam5yOUk2YW1tNEU3NCIsIkZqTFNSS0RoeGFvUXFucWx1NnJWYkZVSTgyS1ZWbnAxdzdiZzA1dXRZa2MiLCJIeVE3THdBR2Q0V0VGaUx5T0xrS21YTkJFZFJ0aXBWNTVkU0JibnVBVWQwIiwiVXd1ZkcxU2dvcHBMQWJja013WXBGUFJVMjRvaGc1SlNBTzk3MWtFLUhHMCIsImhVRWN1LVU2T3AxVk04czRRRDRRamVzQXp3Vmd6VnpzaWdSZURCdTdwTzgiLCJ4dVFhSzFJU1hqbHY0bG9NeVRmaHE2QjNaU3hUcTRfX2lydUxfZHVfQTg4Il0sImNuZiI6eyJqd2siOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiJicEFKQ1pfMnVLUDY1QXA2RTF1Yk1KTFprMUVpWnduT05MNDhLdVdhdkIwIiwieSI6IkJZaG5SSzZSaHRsNW05MnNTb2haS3BfVjU1enNJSG1VNmZyRDUxSkE1T28ifX0sImV4cCI6MTc4NTYzNTU1MiwiaWF0IjoxNzg0NDI1OTUyLCJ2Y3QiOiJ1cm46ZXVkaTpwaWQ6MSJ9.ci3URZslXWkM5r0TTI8h4C-WzsFvfyVevuwZcdyb39SMiGPe331cd44foK2OxL6trbPim2FbSM07mzyXqKOO-w~WyJIU25OZWhtUUVCWTNtOXZtcnNBMnh3IiwiZ2l2ZW5fbmFtZSIsIkplYW4iXQ~WyJYdEEtMjZxeGxYeTdfWXVobTMzdFFRIiwiZmFtaWx5X25hbWUiLCJEdXBvbnQiXQ~eyJ0eXAiOiJrYitqd3QiLCJhbGciOiJFUzI1NiJ9.eyJzZF9oYXNoIjoiLTI2aXlfZE5sVE4ySUJobDZPQmVmMzVtT09Tb2pqalN5c2xzbEtVRlZ0TSIsImF1ZCI6Ing1MDlfaGFzaDpyQ3dWTzJ5eWtKOHJKVVFybGdhTG5mRjdVamF0R2pBbEtfUmM0VjlCaEJzIiwiaWF0IjoxNzg0NDI1OTUyLCJub25jZSI6InpkVS11V2FUSUt6TXFKanNBSm5sbkhlWC1NWGRoTnFqUkxfdDZpVkF5RlVJTlZBTElEIn0.sJ65ii2oreInXvHnWD_6tuti6SaPK8kQLfnjaPxz7WCriXhrm_Ba6lo7VgGkCwUB8_ty9E0qttm1oEtFJ4JPGw
2026-07-19 01:52:32 SUCCESS
AddVP1FinalDCQLVPTokenToAuthorizationEndpointResponseParams
Added credential in DCQL 'vp_token' authorization endpoint response parameter
authorization_endpoint_response_params
{
  "state": "cKpcKiBozvV_rWpua_wlig",
  "vp_token": {
    "eudi_pid": [
      "eyJ0eXAiOiJkYytzZC1qd3QiLCJhbGciOiJFUzI1NiJ9.eyJpc3MiOiJodHRwczovL3d3dy5jZXJ0aWZpY2F0aW9uLm9wZW5pZC5uZXQvdGVzdC9hL2NvZGViLW9pZDR2cC1oYWlwLXYyIiwiX3NkIjpbIjIwMjRjV2pFd2E3THJPblk1U3FSX0NXeDZaNUdYZXRYU2wxbGpxMmtrYnciLCI2RjA1U3pnSXN6Vllld053MXg4VlY5MWR2bENlcWRqNEF5SDJfd1BpUVpvIiwiOER6Y0VEU0xGcjRFM0pTbURyZzZtRHppalZpRDJRam5yOUk2YW1tNEU3NCIsIkZqTFNSS0RoeGFvUXFucWx1NnJWYkZVSTgyS1ZWbnAxdzdiZzA1dXRZa2MiLCJIeVE3THdBR2Q0V0VGaUx5T0xrS21YTkJFZFJ0aXBWNTVkU0JibnVBVWQwIiwiVXd1ZkcxU2dvcHBMQWJja013WXBGUFJVMjRvaGc1SlNBTzk3MWtFLUhHMCIsImhVRWN1LVU2T3AxVk04czRRRDRRamVzQXp3Vmd6VnpzaWdSZURCdTdwTzgiLCJ4dVFhSzFJU1hqbHY0bG9NeVRmaHE2QjNaU3hUcTRfX2lydUxfZHVfQTg4Il0sImNuZiI6eyJqd2siOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiJicEFKQ1pfMnVLUDY1QXA2RTF1Yk1KTFprMUVpWnduT05MNDhLdVdhdkIwIiwieSI6IkJZaG5SSzZSaHRsNW05MnNTb2haS3BfVjU1enNJSG1VNmZyRDUxSkE1T28ifX0sImV4cCI6MTc4NTYzNTU1MiwiaWF0IjoxNzg0NDI1OTUyLCJ2Y3QiOiJ1cm46ZXVkaTpwaWQ6MSJ9.ci3URZslXWkM5r0TTI8h4C-WzsFvfyVevuwZcdyb39SMiGPe331cd44foK2OxL6trbPim2FbSM07mzyXqKOO-w~WyJIU25OZWhtUUVCWTNtOXZtcnNBMnh3IiwiZ2l2ZW5fbmFtZSIsIkplYW4iXQ~WyJYdEEtMjZxeGxYeTdfWXVobTMzdFFRIiwiZmFtaWx5X25hbWUiLCJEdXBvbnQiXQ~eyJ0eXAiOiJrYitqd3QiLCJhbGciOiJFUzI1NiJ9.eyJzZF9oYXNoIjoiLTI2aXlfZE5sVE4ySUJobDZPQmVmMzVtT09Tb2pqalN5c2xzbEtVRlZ0TSIsImF1ZCI6Ing1MDlfaGFzaDpyQ3dWTzJ5eWtKOHJKVVFybGdhTG5mRjdVamF0R2pBbEtfUmM0VjlCaEJzIiwiaWF0IjoxNzg0NDI1OTUyLCJub25jZSI6InpkVS11V2FUSUt6TXFKanNBSm5sbkhlWC1NWGRoTnFqUkxfdDZpVkF5RlVJTlZBTElEIn0.sJ65ii2oreInXvHnWD_6tuti6SaPK8kQLfnjaPxz7WCriXhrm_Ba6lo7VgGkCwUB8_ty9E0qttm1oEtFJ4JPGw"
    ]
  }
}
2026-07-19 01:52:32
VP1FinalEncryptVPResponse
Encrypted the response
authorization_encrypted_response_alg
ECDH-ES
authorization_encrypted_response_enc
A128GCM
response
eyJlcGsiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiJzYUc4a09IaUZLR1JvMHlwRkUteTVveU9zelZiZEFVbXNxdkZZbHRCOXlNIiwieSI6IkdLRmFRODQ2cmt6NmxSamVqZ3JiZHplSHdoRmdLeHFVUXVkR2FPdzltdGcifSwiYXB2IjoiYURKQmQxTm1Zbk5VYVZNNVpFZHZNZyIsImtpZCI6IkFid0lLOHlfXzVzIiwiYXB1IjoiYUZKdlJrVnNlbkk1T0VoWFN6UkZhdyIsImN0eSI6Impzb24iLCJlbmMiOiJBMTI4R0NNIiwiYWxnIjoiRUNESC1FUyJ9..pAY1m7qGGx5dR8OV.al9iqr2_zMWDfYNvO6pvovLRKESa0HtSSkUw0S8Z_zPNFdO2GevkTNUidZ0XziQNCVC6V7Q9L2S960t0z9z3g-W5k87KdYA7z01r2tMC7TSFb5F81MOYfrA4GN4PcInzcDmVzGj4SpOGTYz2DFKTRCZBsy84f4tQgZM1taufa4CGkIkCp2UOVD0qxdR66_Mg4kXKvaTqyMNrJ1Ixr0K27XiEWJx531LFYqHa0hP7YoJWCPSQkpsX1P2mWWAVU5PRyxrxH-ocC347qDskYxRKsDu-WYiJ2HDuF8XwmUzvxyNqCxOmzpgSC9AHxh3ZxBMWftPMSSehljFFuV54mmOF_Q1iZCRBE7EdaFqj6V1DwIce4Vr9cElZjZD4WZtH3pwdqs6wX2MghQ4Z0KkRKfuKvoIBSNvE_bWithqXh7ZSO67EnvGjydVENdsD8jLAu9QmPyAk7X3jazO4QRee6STYF2MPBjc1NHZWO97RazvRuqI-4QdLTOduoTAEfT_E-pH3ZT2JeJgMuQDCDwfmsox0nQ_8VV9PtJ9K-Mhd05xkCijJ9JBoAVp8-3D4uQ75a9XbOGzPRrimn-1CEFsvIKjo3d8nrv2oH2CfI86qw1WUAqChXlqXgjH2T3XwC3RBdq6jj6zmgrA9WipfPYfKfJRZ7i2AZ1GVsCMEBIX7Bmzb1HJPRsDPg7FThD3bWVe3V0qu88V568IhObP2sgG7nZjx7b6j-JCXS_kk-Cvc-aBX0w_Qd24Ic5g0wtduiXdXrAWWxpwOSAMC2GusW_xtY0EVtCJAgClqGe-tMr6zKVe9FGIbXr-vPCBfuSOQJivdXY3f_KWjIlme0dKIrg-FSdZ0zfEDgV_fqguxKISGAyFBIsI-sJOdYD-393lUUCKGtQlEGnEZNkZarOXJbWEdf7RESVcn2j__VLEHM85jv1KcryzAAJDiuueOhmxnfTsrFxMGCVGOmQTFNzxm_FrCeFFXZqQMX-JczCa5xWPYKeXFcpN7BFCPHvv1t_Hx96iYWF5j09xVg1qsBGPei9ubkJRUhBsqpg7d9Nz0c1Vid5WXWHmSi3CVrRxRAD_WiOg44t2iZXlx6PtfVdznsMFg6y9op_3cdUlzhQJTQK1c109jW6Zx1UUAV7mxedO2Tft2h_NG1L1pG7i1hnBRJEku_4dOUBQhSGSr88jcCIUFu8Lvc3b3HogsgObHHSmAHhy5ZMIyk0ki7htEy49-66tBQinej4AI5XOBT__Fc3BIEAGcpjGhPPlOqTpW1u4rTuyAI2UagYTZRPfag5zzBbY6DZmgJC7IL1hqHOxGFF65uTpdkhxHJekPgpN4pOsbMzhYaqkcKNBE_PQ2FYzsYw7WqTlhpp2Sr5PFxIjHfhbBuGOYwBhY-h5CC2nCHrKj853dyuKpda2297XbSoc2c2rnicKK8s2gm7FiH8J0eYP9Z9O7xDVmk9E-_2fKfFG37OGdkfN5zbiQreHqjySfl9Ro85yjhN4Ag-Zsw03tAsBcy6VD0j2UiABmXFT-PcieegKmqOz3fbwBsUviXmCdgoBcivmRKt4h7HzZ_PPG-dmh_0R4x_zDIwzEQuuQE5lcnPPTcGWla05iKIzIgTwctTbW3dR1PGpcZWF4ops2lUj2Wqy-MbYID7Y_HX6UqpoP6h-9iYPtR6L2Sh5O0FHrF_DIbUTrKwoVp74IoHikwgwevzlXivxjiEERVSKj9iuNMu5d6RrTNYcYZ7LBheSQk5rJxmW4mzo4YAFg3TU6osuLTPSpMCP03xei-M5cFUg1nTUgMm9-r8B-SC2kbl7VmZHNYYfusAgDMhMrbqtOpGIxsWbIUoydl_VaiYZVbGThFZePpEtx4zhHDOYCf0iYYZ2Wrdfu0LlGV_20wi8fULmEzvWrEp8_pMv9RSAzY4OHMaTjGPiEa6P-rvnCq_YEI9Bwd5Kds5n8EgbN5rrjKlLpgG8pPYO1VIpJijLmqn__1z9vX7eGTAkbcog3vo4OXAcVn09araNQfMOzDjxkxNXKr_3vaT9uKgx9zDwQvj4K-nSleUx6-DXBYqUN1YhrvhyYSsvBDm0oHSVhOzRkj-vxILskDnqw9qKM_RjPHVnSsby8.ulYSaRhbwYiekX3F5xsaJg
apv
h2AwSfbsTiS9dGo2
apu
hRoFElzr98HWK4Ek
apv_b64
{
  "value": "aDJBd1NmYnNUaVM5ZEdvMg"
}
apu_b64
{
  "value": "aFJvRkVsenI5OEhXSzRFaw"
}
2026-07-19 01:52:32
CallDirectPostEndpoint
HTTP request
request_uri
https://phone.codeb.io/oidc.ashx?action=vp-response&id=kAPLyOKQYFPaKnH-GEhz1A
request_method
POST
request_headers
{
  "Accept": "application/json",
  "Content-Type": "application/x-www-form-urlencoded",
  "Content-Length": "2507"
}
request_body
response=eyJlcGsiOnsia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiJzYUc4a09IaUZLR1JvMHlwRkUteTVveU9zelZiZEFVbXNxdkZZbHRCOXlNIiwieSI6IkdLRmFRODQ2cmt6NmxSamVqZ3JiZHplSHdoRmdLeHFVUXVkR2FPdzltdGcifSwiYXB2IjoiYURKQmQxTm1Zbk5VYVZNNVpFZHZNZyIsImtpZCI6IkFid0lLOHlfXzVzIiwiYXB1IjoiYUZKdlJrVnNlbkk1T0VoWFN6UkZhdyIsImN0eSI6Impzb24iLCJlbmMiOiJBMTI4R0NNIiwiYWxnIjoiRUNESC1FUyJ9..pAY1m7qGGx5dR8OV.al9iqr2_zMWDfYNvO6pvovLRKESa0HtSSkUw0S8Z_zPNFdO2GevkTNUidZ0XziQNCVC6V7Q9L2S960t0z9z3g-W5k87KdYA7z01r2tMC7TSFb5F81MOYfrA4GN4PcInzcDmVzGj4SpOGTYz2DFKTRCZBsy84f4tQgZM1taufa4CGkIkCp2UOVD0qxdR66_Mg4kXKvaTqyMNrJ1Ixr0K27XiEWJx531LFYqHa0hP7YoJWCPSQkpsX1P2mWWAVU5PRyxrxH-ocC347qDskYxRKsDu-WYiJ2HDuF8XwmUzvxyNqCxOmzpgSC9AHxh3ZxBMWftPMSSehljFFuV54mmOF_Q1iZCRBE7EdaFqj6V1DwIce4Vr9cElZjZD4WZtH3pwdqs6wX2MghQ4Z0KkRKfuKvoIBSNvE_bWithqXh7ZSO67EnvGjydVENdsD8jLAu9QmPyAk7X3jazO4QRee6STYF2MPBjc1NHZWO97RazvRuqI-4QdLTOduoTAEfT_E-pH3ZT2JeJgMuQDCDwfmsox0nQ_8VV9PtJ9K-Mhd05xkCijJ9JBoAVp8-3D4uQ75a9XbOGzPRrimn-1CEFsvIKjo3d8nrv2oH2CfI86qw1WUAqChXlqXgjH2T3XwC3RBdq6jj6zmgrA9WipfPYfKfJRZ7i2AZ1GVsCMEBIX7Bmzb1HJPRsDPg7FThD3bWVe3V0qu88V568IhObP2sgG7nZjx7b6j-JCXS_kk-Cvc-aBX0w_Qd24Ic5g0wtduiXdXrAWWxpwOSAMC2GusW_xtY0EVtCJAgClqGe-tMr6zKVe9FGIbXr-vPCBfuSOQJivdXY3f_KWjIlme0dKIrg-FSdZ0zfEDgV_fqguxKISGAyFBIsI-sJOdYD-393lUUCKGtQlEGnEZNkZarOXJbWEdf7RESVcn2j__VLEHM85jv1KcryzAAJDiuueOhmxnfTsrFxMGCVGOmQTFNzxm_FrCeFFXZqQMX-JczCa5xWPYKeXFcpN7BFCPHvv1t_Hx96iYWF5j09xVg1qsBGPei9ubkJRUhBsqpg7d9Nz0c1Vid5WXWHmSi3CVrRxRAD_WiOg44t2iZXlx6PtfVdznsMFg6y9op_3cdUlzhQJTQK1c109jW6Zx1UUAV7mxedO2Tft2h_NG1L1pG7i1hnBRJEku_4dOUBQhSGSr88jcCIUFu8Lvc3b3HogsgObHHSmAHhy5ZMIyk0ki7htEy49-66tBQinej4AI5XOBT__Fc3BIEAGcpjGhPPlOqTpW1u4rTuyAI2UagYTZRPfag5zzBbY6DZmgJC7IL1hqHOxGFF65uTpdkhxHJekPgpN4pOsbMzhYaqkcKNBE_PQ2FYzsYw7WqTlhpp2Sr5PFxIjHfhbBuGOYwBhY-h5CC2nCHrKj853dyuKpda2297XbSoc2c2rnicKK8s2gm7FiH8J0eYP9Z9O7xDVmk9E-_2fKfFG37OGdkfN5zbiQreHqjySfl9Ro85yjhN4Ag-Zsw03tAsBcy6VD0j2UiABmXFT-PcieegKmqOz3fbwBsUviXmCdgoBcivmRKt4h7HzZ_PPG-dmh_0R4x_zDIwzEQuuQE5lcnPPTcGWla05iKIzIgTwctTbW3dR1PGpcZWF4ops2lUj2Wqy-MbYID7Y_HX6UqpoP6h-9iYPtR6L2Sh5O0FHrF_DIbUTrKwoVp74IoHikwgwevzlXivxjiEERVSKj9iuNMu5d6RrTNYcYZ7LBheSQk5rJxmW4mzo4YAFg3TU6osuLTPSpMCP03xei-M5cFUg1nTUgMm9-r8B-SC2kbl7VmZHNYYfusAgDMhMrbqtOpGIxsWbIUoydl_VaiYZVbGThFZePpEtx4zhHDOYCf0iYYZ2Wrdfu0LlGV_20wi8fULmEzvWrEp8_pMv9RSAzY4OHMaTjGPiEa6P-rvnCq_YEI9Bwd5Kds5n8EgbN5rrjKlLpgG8pPYO1VIpJijLmqn__1z9vX7eGTAkbcog3vo4OXAcVn09araNQfMOzDjxkxNXKr_3vaT9uKgx9zDwQvj4K-nSleUx6-DXBYqUN1YhrvhyYSsvBDm0oHSVhOzRkj-vxILskDnqw9qKM_RjPHVnSsby8.ulYSaRhbwYiekX3F5xsaJg
2026-07-19 01:52:32 RESPONSE
CallDirectPostEndpoint
HTTP response
response_status_code
400 BAD_REQUEST
response_status_text
Bad Request
response_headers
{
  "cache-control": "private, no-store,no-store, no-cache, must-revalidate, max-age\u003d0",
  "pragma": "no-cache",
  "content-type": "application/json; charset\u003dutf-8",
  "expires": "0",
  "x-aspnet-version": "4.0.30319",
  "referrer-policy": "no-referrer",
  "x-content-type-options": "nosniff",
  "permissions-policy": "camera\u003d(self), microphone\u003d(self), display-capture\u003d(self)",
  "strict-transport-security": "max-age\u003d63072000; includeSubDomains",
  "date": "Sun, 19 Jul 2026 01:52:31 GMT",
  "content-length": "102"
}
response_body
{"error":"kb_jwt_nonce_mismatch","error_description":"KB-JWT nonce does not match Verifier challenge"}
2026-07-19 01:52:32 SUCCESS
CallDirectPostEndpoint
Parsed response uri endpoint response
status
400
endpoint_name
https://phone.codeb.io/oidc.ashx?action=vp-response&id=kAPLyOKQYFPaKnH-GEhz1A
headers
{
  "cache-control": "private, no-store,no-store, no-cache, must-revalidate, max-age\u003d0",
  "pragma": "no-cache",
  "content-type": "application/json; charset\u003dutf-8",
  "expires": "0",
  "x-aspnet-version": "4.0.30319",
  "referrer-policy": "no-referrer",
  "x-content-type-options": "nosniff",
  "permissions-policy": "camera\u003d(self), microphone\u003d(self), display-capture\u003d(self)",
  "strict-transport-security": "max-age\u003d63072000; includeSubDomains",
  "date": "Sun, 19 Jul 2026 01:52:31 GMT",
  "content-length": "102"
}
body
{"error":"kb_jwt_nonce_mismatch","error_description":"KB-JWT nonce does not match Verifier challenge"}
body_json
{
  "error": "kb_jwt_nonce_mismatch",
  "error_description": "KB-JWT nonce does not match Verifier challenge"
}
2026-07-19 01:52:32 SUCCESS
EnsureHttpStatusCodeIs4xx
https://phone.codeb.io/oidc.ashx?action=vp-response&id=kAPLyOKQYFPaKnH-GEhz1A endpoint http status code was 400
2026-07-19 01:52:32 OUTGOING
oid4vp-1final-verifier-invalid-kb-jwt-nonce
Response to HTTP request to test instance l53Rh1DSc5FepuR
outgoing
ModelAndView [view="resultCaptured"; model={returnUrl=/log-detail.html?log=l53Rh1DSc5FepuR}]
outgoing_path
authorize
2026-07-19 01:52:32 FINISHED
oid4vp-1final-verifier-invalid-kb-jwt-nonce
Test has run to completion
testmodule_result
PASSED
2026-07-19 01:52:44
TEST-RUNNER
Alias has now been claimed by another test
alias
codeb-oid4vp-haip-v2
new_test_id
TwIsKWGnJvLkpQr
Test Results