JSON Schema: JSON Schema Validation

Definition

Core Validation Capabilities

JSON Schema provides a rich set of validation keywords that are essential for defining EUDI Wallet credential structures. Type validation ensures fields contain the correct data types (string, number, boolean, array, object). Format validation applies specific patterns to strings, such as date formats (ISO 8601), email addresses, or URI references. Constraint keywords like minimum, maximum, minLength, maxLength, and pattern provide fine-grained control over allowed values.

The required keyword specifies which properties must be present in a valid document, important for EUDI credentials where certain attributes like family name and date of birth are mandatory. The enum keyword restricts values to a predefined set, useful for fields like country codes or credential types. The $ref keyword enables schema composition, allowing complex credential schemas to reference shared definitions.

Schema composition keywords (allOf, anyOf, oneOf) allow credential schemas to combine base definitions with extensions. A national PID schema might use allOf to require both the EU-defined base PID attributes and additional country-specific attributes, ensuring compatibility with cross-border verification while supporting national requirements.

Credential Schemas in the EUDI Wallet Ecosystem

The EU defines standardized credential schemas for the core attestation types that EUDI Wallets must support. The Person Identification Data (PID) schema specifies attributes like family name, given name, date of birth, nationality, and a unique identifier. The mobile driving license schema aligns with ISO 18013-5 data elements. Educational credential schemas follow standards like the European Learning Model.

When an issuer creates a credential using OpenID4VCI, the credential metadata includes a reference to its JSON Schema. The wallet can then validate the received credential against this schema before storing it. Similarly, when a verifier requests specific attributes via OpenID4VP, it references the credential schema to specify which attributes it needs.

This schema-driven approach enables dynamic credential handling. A verifier does not need to be pre-configured for every possible credential type. Instead, it can retrieve the credential schema, determine which attributes are available, and construct appropriate presentation requests. This flexibility is essential for an ecosystem that will evolve over time as new credential types are added.

JSON Schema vs. JSON-LD for Credential Definition

JSON Schema and JSON-LD serve complementary roles in the EUDI Wallet credential ecosystem. JSON Schema handles structural validation -- ensuring data conforms to expected types, formats, and constraints. JSON-LD handles semantic definition -- ensuring that field names carry unambiguous, globally unique meanings.

A credential might pass JSON Schema validation (correct types, required fields present, values within constraints) but still be semantically ambiguous without JSON-LD context (does "address" mean a postal address or an email address?). Conversely, a credential with proper JSON-LD context might have invalid data (a date field containing free text). Both layers are needed for strong credential processing.

In practice, the EUDI Wallet ecosystem uses JSON Schema as the primary validation mechanism for SD-JWT credentials, with JSON-LD contexts providing additional semantic clarity where needed. This pragmatic approach balances the need for strict validation with the benefits of semantic interoperability, without requiring full JSON-LD processing in every wallet implementation.

Implementation in Wallet Software

JSON Schema validators are available for every major programming language, making implementation straightforward for wallet developers. Popular libraries include AJV (JavaScript), jsonschema (Python), everit-json-schema (Java), and gojsonschema (Go). These validators can be embedded directly in wallet applications to validate credentials at issuance time and before storage.

Wallet implementations typically cache credential schemas locally to support offline validation and reduce network dependencies. When a new credential type is encountered, the wallet retrieves and caches the corresponding schema. This approach ensures that credential validation works reliably even in environments with limited or no internet connectivity, which is important for offline verification scenarios.

Related Terms