Credential verifier — UpSkillZone

Verify a credential.

Every UpSkillZone credential carries an Ed25519 signature and a public id. Paste the id below and we’ll render the cryptographic proof, the live revocation state, and the achievement at the moment of view — server-side, no client cache.

Look up by public id

The public id is the slug at the end of any upskillzone.com/verify/… link a learner has shared with you. URLs paste-cleanly too.

Verify out-of-band

You don’t need our frontend. Hit the same endpoint our server uses and read the JSON yourself:

# Wire-level verify — no UpSkillZone code required
curl -sS -X POST \
  https://upskillzone.com/api/v1/credentials/{public_id}/verify | jq

For full independence, fetch the JWKS and verify the JWS envelope directly against the issuer kid:

# Verify the signature directly against our JWKS
import httpx, jwt
jwks = httpx.get("https://upskillzone.com/.well-known/jwks.json").json()
token = httpx.get(f"https://upskillzone.com/api/v1/credentials/{public_id}").json()["proof"]["jwt"]
header = jwt.get_unverified_header(token)
key = next(k for k in jwks["keys"] if k["kid"] == header["kid"])
jwt.decode(token, key=key, algorithms=["EdDSA"], options={"verify_aud": False})

What “valid” means here

The credential’s JWS signature verifies against an issuer key advertised in our JWKS, current or retired.
The credential is not present in any active StatusList2021 revocation list.
The achievement and skill records embedded in the credential haven’t been retracted by their issuing mentors.

A revoked credential with a still-valid signature reads REVOKED. Revocation dominates.