This guide shows how to validate a Virgil CardEach Card contains attributes associated with the holder of the Private key and are used to prove the ownership of a Public key more ... on a device. As previously noted each Virgil Card contains a Digital signature that provides data integrity for the Virgil Card over its life-cycle. Therefore, developers can verify the Digital Signature at any time.
During the validation process we verify, by default, two signatures:
- a signature from the Virgil CardA Digital Signature that provides data integrity for the Virgil Card over its life-cycle. owner
- a signature from Virgil ServicesA Digital Signature that can make trusted and authorized requests to Virgil Services.
Additionally, developers can verify the signature of the application serverA Signature which confirms to Virgil Services that a request or transmission is actually coming from the right application server..
See more information about the Virgil Card's signatures, with our Virgil Card Service endpoint.
Set up your project environment before you begin to validate a Virgil Card, with the getting started guide.
In order to validate the signature of the Virgil Card owner, Virgil ServicesVirgil Services is a group of cryptographic services that make up the Virgil Security infrastructure more ..., and the Application Server, we need to:
// initialize context with custom card verifiers.
$virgilApiContext = VirgilApiContext::create(
VirgilApiContext::AccessToken => '[YOUR_ACCESS_TOKEN_HERE]',
VirgilApiContext::CardVerifiers => [
// initialize High level Api
$virgilApi = new VirgilApi($virgilApiContext);
$aliceCards = $virgilApi->Cards->find(['alice']);