Copyright © 2024 World Wide Web Consortium. W3C® liability, trademark and permissive document license rules apply.
This document serves as a collection of known DID Document properties and property values.
This section describes the status of this document at the time of its publication. A list of current W3C publications and the latest revision of this technical report can be found in the W3C technical reports index at https://www.w3.org/TR/.
Comments regarding this document are welcome. Please file issues directly on GitHub, or send them to public-did-wg@w3.org ( subscribe, archives).
Portions of the work on this specification have been funded by the United States Department of Homeland Security's Science and Technology Directorate under contracts HSHQDC-16-R00012-H-SB2016-1-002, 70RSAT20T00000010, and HSHQDC-17-C-00019. The content of this specification does not necessarily reflect the position or the policy of the U.S. Government and no official endorsement should be inferred.
Work on this registry has also been supported by the Rebooting the Web of Trust community facilitated by Christopher Allen, Shannon Appelcline, Kiara Robles, Brian Weller, Betty Dhamers, Kaliya Young, Kim Hamilton Duffy, Manu Sporny, Drummond Reed, Joe Andrieu, and Heather Vescent, Dmitri Zagidulin, and Dan Burnett.
This document was published by the Decentralized Identifier Working Group as a Group Note using the Note track.
This Group Note is endorsed by the Decentralized Identifier Working Group, but is not endorsed by W3C itself nor its Members.
This is a draft document and may be updated, replaced or obsoleted by other documents at any time. It is inappropriate to cite this document as other than work in progress.
The W3C Patent Policy does not carry any licensing requirements or commitments on this document.
This document is governed by the 03 November 2023 W3C Process Document.
This section is non-normative.
This document serves as a collection of known DID Document properties and property values.
The registration process is described in the Decentralized Identifier Extensions.
As well as sections marked as non-normative, all authoring guidelines, diagrams, examples, and notes in this specification are non-normative. Everything else in this specification is normative.
The key word MUST in this document is to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.
The following section defines the properties available for use in a DID document. Note that some of these properties are defined in the DID Core Specification, and others are defined elsewhere and may be method- or domain-specific. Please read the associated specifications to ensure that the properties you use are appropriate for your implementation. The properties are arranged here according to the purpose they serve.
This registry is a work in progress and some properties are missing normative definitions. We are working on this! This does NOT mean that in future it will be possible to submit items to the registry without normative definitions (see 1.1 The Registration Process).
These properties are foundational to DID documents, and are expected to be useful to all DID methods.
Normative Definition | JSON-LD |
---|---|
DID Core | DID Core |
{
"id": "did:example:123",
...
}
Normative Definition | JSON-LD |
---|---|
DID Core | DID Core |
{
"alsoKnownAs": "https://example.com/",
...
}
Normative Definition | JSON-LD |
---|---|
DID Core | DID Core |
{
"controller": "did:example:123",
...
}
Normative Definition | JSON-LD |
---|---|
DID Core Terminology | DID Core |
{
"id": "did:example:123",
"verificationMethod": [
{
"id": "did:example:123#key-1",
"type": "Ed25519VerificationKey2018",
"controller": "did:example:123",
"publicKeyBase58": "H3C2AVvLMv6gmMNam3uVAjZpfkcJCwDwnZn6z3wXmqPV"
},
{
"id": "did:example:123#key-2",
"type": "JsonWebKey2020",
"controller": "did:example:123",
"publicKeyJwk": {
"kty": "OKP",
"crv": "Ed25519",
"x": "r7V8qmdFbwqSlj26eupPew1Lb22vVG5vnjhn3vwEA1Y"
},
}
]
}
This property has been deprecated, use verificationMethod instead.
Normative Definition | JSON-LD |
---|---|
security-vocab | security-vocab context |
{
"id": "did:example:123",
"publicKey": [
{
"id": "did:example:123#ZC2jXTO6t4R501bfCXv3RxarZyUbdP2w_psLwMuY6ec",
"type": "Ed25519VerificationKey2018",
"controller": "did:example:123",
"publicKeyBase58": "H3C2AVvLMv6gmMNam3uVAjZpfkcJCwDwnZn6z3wXmqPV"
},
{
"id": "did:example:123#WjKgJV7VRw3hmgU6--4v15c0Aewbcvat1BsRFTIqa5Q",
"type": "EcdsaSecp256k1VerificationKey2019",
"controller": "did:example:123",
"publicKeyJwk": {
"crv": "secp256k1",
"x": "NtngWpJUr-rlNNbs0u-Aa8e16OwSJu6UiFf0Rdo1oJ4",
"y": "qN1jKupJlFsPFc1UkWinqljv4YE0mq_Ickwnjgasvmo",
"kty": "EC",
"kid": "WjKgJV7VRw3hmgU6--4v15c0Aewbcvat1BsRFTIqa5Q"
}
}
]
}
Normative Definition | JSON-LD |
---|---|
DID Core | DID Core |
{
...
"service": [{
"id": "did:example:123#edv",
"type": "EncryptedDataVault",
"serviceEndpoint": "https://edv.example.com/"
}]
}
Normative Definition | JSON-LD |
---|---|
DID Cosmos Linked Resources | Cosmos JSON-LD Context |
{
...
"linkedResource" : [{
"id": "did:cosmos:1:impacthub:nft:abc123#resourceHashgraph",
"path": "did:cosmos:1:impacthub:nft:abc123/resourceHashgraph",
"type": "hashgraph",
"proof": "afybeiemxf5abjwjbikoz4mcb3a3dla6ual3jsgpdr4cjr3oz",
"endpoint" : "did:cosmos:1:impacthub:nft:abc123?service=mediator"
}]
}
Normative Definition | JSON-LD |
---|---|
High Assurance DIDs with DNS | dnsValidationDomain JSON-LD Context |
{
"dnsValidationDomain": "mydomain.example"
...
}
These are properties that express the relationship between the DID subject and a verification method using a verification relationship.
Normative Definition | JSON-LD |
---|---|
DID Core | DID Core |
{
...
"verificationMethod": [{
"id": "did:example:123#WjKgJV7VRw3hmgU6--4v15c0Aewbcvat1BsRFTIqa5Q",
"type": "EcdsaSecp256k1VerificationKey2019",
"controller": "did:example:123",
"publicKeyJwk": {
"crv": "secp256k1",
"x": "NtngWpJUr-rlNNbs0u-Aa8e16OwSJu6UiFf0Rdo1oJ4",
"y": "qN1jKupJlFsPFc1UkWinqljv4YE0mq_Ickwnjgasvmo",
"kty": "EC",
"kid": "WjKgJV7VRw3hmgU6--4v15c0Aewbcvat1BsRFTIqa5Q"
}
}],
"assertionMethod": [{
"id": "did:example:123#z6MkpzW2izkFjNwMBwwvKqmELaQcH8t54QL5xmBdJg9Xh1y4",
"type": "Ed25519VerificationKey2018",
"controller": "did:example:123",
"publicKeyBase58": "BYEz8kVpPqSt5T7DeGoPVUrcTZcDeX5jGkGhUQBWmoBg"
},
"did:example:123#WjKgJV7VRw3hmgU6--4v15c0Aewbcvat1BsRFTIqa5Q"
]
}
Normative Definition | JSON-LD |
---|---|
DID Core | DID Core |
{
...
"verificationMethod": [{
"id": "did:example:123#WjKgJV7VRw3hmgU6--4v15c0Aewbcvat1BsRFTIqa5Q",
"type": "EcdsaSecp256k1VerificationKey2019",
"controller": "did:example:123",
"publicKeyJwk": {
"crv": "secp256k1",
"x": "NtngWpJUr-rlNNbs0u-Aa8e16OwSJu6UiFf0Rdo1oJ4",
"y": "qN1jKupJlFsPFc1UkWinqljv4YE0mq_Ickwnjgasvmo",
"kty": "EC",
"kid": "WjKgJV7VRw3hmgU6--4v15c0Aewbcvat1BsRFTIqa5Q"
}
}],
"authentication": [{
"id": "did:example:123#z6MkpzW2izkFjNwMBwwvKqmELaQcH8t54QL5xmBdJg9Xh1y4",
"type": "Ed25519VerificationKey2018",
"controller": "did:example:123",
"publicKeyBase58": "BYEz8kVpPqSt5T7DeGoPVUrcTZcDeX5jGkGhUQBWmoBg"
},
"did:example:123#WjKgJV7VRw3hmgU6--4v15c0Aewbcvat1BsRFTIqa5Q"
]
}
Normative Definition | JSON-LD |
---|---|
DID Core | DID Core |
{
...
"verificationMethod": [{
"id": "did:example:123#WjKgJV7VRw3hmgU6--4v15c0Aewbcvat1BsRFTIqa5Q",
"type": "EcdsaSecp256k1VerificationKey2019",
"controller": "did:example:123",
"publicKeyJwk": {
"crv": "secp256k1",
"x": "NtngWpJUr-rlNNbs0u-Aa8e16OwSJu6UiFf0Rdo1oJ4",
"y": "qN1jKupJlFsPFc1UkWinqljv4YE0mq_Ickwnjgasvmo",
"kty": "EC",
"kid": "WjKgJV7VRw3hmgU6--4v15c0Aewbcvat1BsRFTIqa5Q"
}
}],
"capabilityDelegation": [{
"id": "did:example:123#z6MkpzW2izkFjNwMBwwvKqmELaQcH8t54QL5xmBdJg9Xh1y4",
"type": "Ed25519VerificationKey2020",
"controller": "did:example:123",
"publicKeyMultibase": "z6MkpzW2izkFjNwMBwwvKqmELaQcH8t54QL5xmBdJg9Xh1y4"
},
"did:example:123#WjKgJV7VRw3hmgU6--4v15c0Aewbcvat1BsRFTIqa5Q"
]
}
Normative Definition | JSON-LD |
---|---|
DID Core | DID Core |
{
...
"verificationMethod": [{
"id": "did:example:123#WjKgJV7VRw3hmgU6--4v15c0Aewbcvat1BsRFTIqa5Q",
"type": "EcdsaSecp256k1VerificationKey2019",
"controller": "did:example:123",
"publicKeyJwk": {
"crv": "secp256k1",
"x": "NtngWpJUr-rlNNbs0u-Aa8e16OwSJu6UiFf0Rdo1oJ4",
"y": "qN1jKupJlFsPFc1UkWinqljv4YE0mq_Ickwnjgasvmo",
"kty": "EC",
"kid": "WjKgJV7VRw3hmgU6--4v15c0Aewbcvat1BsRFTIqa5Q"
}
}],
"capabilityInvocation": [{
"id": "did:example:123#z6MkpzW2izkFjNwMBwwvKqmELaQcH8t54QL5xmBdJg9Xh1y4",
"type": "Ed25519VerificationKey2020",
"controller": "did:example:123",
"publicKeyMultibase": "z6MkpzW2izkFjNwMBwwvKqmELaQcH8t54QL5xmBdJg9Xh1y4"
},
"did:example:123#WjKgJV7VRw3hmgU6--4v15c0Aewbcvat1BsRFTIqa5Q"
]
}
Normative Definition | JSON-LD |
---|---|
DID Core | DID Core |
{
...
"keyAgreement": [
{
"id": "did:example:123#zC9ByQ8aJs8vrNXyDhPHHNNMSHPcaSgNpjjsBYpMMjsTdS",
"type": "X25519KeyAgreementKey2019",
"controller": "did:example:123",
"publicKeyMultibase": "zC9ByQ8aJs8vrNXyDhPHHNNMSHPcaSgNpjjsBYpMMjsTdS"
}
]
}
These properties are for use on a verification method object, in the value of
verificationMethod
. An
implementer is expected to not be relying directly on the linked contexts
registered below in nearly every case and instead should be including the
context definitions registered by the
verificationMethod
.
Normative Definition | JSON-LD |
---|---|
security-vocab | https://w3id.org/security/suites/jws-2020/v1 |
{
"id": "did:example:123#_Qq0UL2Fq651Q0Fjd6TvnYE-faHiOpRlPVQcY_-tA4A",
"type": "JsonWebKey2020",
"controller": "did:example:123",
"publicKeyJwk": {
"crv": "Ed25519",
"x": "VCpo2LMLhn6iWku8MKvSLg2ZAoC-nlOyPVQaO3FxVeQ",
"kty": "OKP",
"kid": "_Qq0UL2Fq651Q0Fjd6TvnYE-faHiOpRlPVQcY_-tA4A"
}
},
This property is deprecated in favor of publicKeyMultibase
or
publicKeyJwk
. It's generally expected that this term will still be
used in older suites and therefore needs be supported for legacy compatibility,
but is expected to not be used for newly defined suites.
Normative Definition | JSON-LD |
---|---|
security-vocab | https://w3id.org/security/v2 |
This property is deprecated in favor of publicKeyMultibase
or
publicKeyJwk
. It's generally expected that this term will still be
used in older suites and therefore needs be supported for legacy compatibility,
but is expected to not be used for newly defined suites.
Normative Definition | JSON-LD | |
---|---|---|
security-vocab | https://w3id.org/security/v3-unstable |
{
"@context":[
"https://www.w3.org/ns/did/v1",
"https://identity.foundation/EcdsaSecp256k1RecoverySignature2020#"
],
"id":"did:example:123",
"verificationMethod":[{
"id": "did:example:123#vm-2",
"controller": "did:example:123",
"type": "EcdsaSecp256k1RecoveryMethod2020",
"publicKeyHex": "027560af3387d375e3342a6968179ef3c6d04f5d33b2b611cf326d4708badd7770"
}]
}
Normative Definition | JSON-LD |
---|---|
security-vocab | https://w3id.org/security/v3-unstable |
Normative Definition | JSON-LD |
---|---|
security-vocab | https://w3id.org/security/v3-unstable |
{
"@context":[
"https://www.w3.org/ns/did/v1",
"https://identity.foundation/EcdsaSecp256k1RecoverySignature2020#"
],
"id":"did:example:123",
"verificationMethod":[{
"id": "did:example:123#vm-3",
"controller": "did:example:123",
"type": "EcdsaSecp256k1RecoveryMethod2020",
"blockchainAccountId":"eip155:1:0xab16a96d359ec26a11e2c2b3d8f8b8942d5bfcdb"
}]
}
This property is deprecated in favor of blockchainAccountId
. It's
generally expected that this term will still be used in older suites and
therefore needs be supported for legacy compatibility, but is expected to not be
used for newly defined suites.
Normative Definition | JSON-LD |
---|---|
security-vocab | https://w3id.org/security/v3-unstable |
{
"@context":[
"https://www.w3.org/ns/did/v1",
"https://identity.foundation/EcdsaSecp256k1RecoverySignature2020#"
],
"id":"did:example:123",
"verificationMethod":[{
"id": "did:example:123#vm-3",
"controller": "did:example:123",
"type": "EcdsaSecp256k1RecoveryMethod2020",
"ethereumAddress": "0xF3beAC30C498D9E26865F34fCAa57dBB935b0D74"
}]
}
These properties are for use on a service object, in the value of
service
.
Normative Definition | JSON-LD |
---|---|
DID Core | DID Core |
{
...
"service": [{
"id": "did:example:123#edv",
"type": "EncryptedDataVault",
"serviceEndpoint": "https://edv.example.com/"
}]
}
These are values to be used for the type
in a verification method object.
Do not include private or extraneous information in verification methods. The class of private information related to JWKs is defined here. Please review the DID Core specification for additional details on this topic.
Normative Definition | JSON-LD |
---|---|
JSON Web Signature 2020 | https://w3id.org/security/suite/jws-2020/v1 |
{
"id": "did:example:123#_TKzHv2jFIyvdTGF1Dsgwngfdg3SH6TpDv0Ta1aOEkw",
"type": "JsonWebKey2020",
"controller": "did:example:123",
"publicKeyJwk": {
"crv": "P-256",
"x": "38M1FDts7Oea7urmseiugGW7tWc3mLpJh6rKe7xINZ8",
"y": "nDQW6XZ7b_u2Sy9slofYLlG03sOEoug3I0aAPQ0exs4",
"kty": "EC",
"kid": "_TKzHv2jFIyvdTGF1Dsgwngfdg3SH6TpDv0Ta1aOEkw"
}
}
Normative Definition | JSON-LD |
---|---|
Ecdsa Secp256k1 Signature 2019 | https://w3id.org/security/suites/secp256k1-2019/v1 |
{
"id": "did:example:123#WjKgJV7VRw3hmgU6--4v15c0Aewbcvat1BsRFTIqa5Q",
"type": "EcdsaSecp256k1VerificationKey2019",
"controller": "did:example:123",
"publicKeyJwk": {
"crv": "secp256k1",
"x": "NtngWpJUr-rlNNbs0u-Aa8e16OwSJu6UiFf0Rdo1oJ4",
"y": "qN1jKupJlFsPFc1UkWinqljv4YE0mq_Ickwnjgasvmo",
"kty": "EC",
"kid": "WjKgJV7VRw3hmgU6--4v15c0Aewbcvat1BsRFTIqa5Q"
}
}
Normative Definition | JSON-LD |
---|---|
Ed25519 Signature 2018 | https://w3id.org/security/suites/ed25519-2018/v1 |
{
"id": "did:example:123#ZC2jXTO6t4R501bfCXv3RxarZyUbdP2w_psLwMuY6ec",
"type": "Ed25519VerificationKey2018",
"controller": "did:example:123",
"publicKeyBase58": "H3C2AVvLMv6gmMNam3uVAjZpfkcJCwDwnZn6z3wXmqPV"
}
Normative Definition | JSON-LD |
---|---|
BBS+ Signatures 2020 | https://w3id.org/security/suites/bls12381-2020/v1 |
{
"id": "did:example:123#z3tEGVtEKzdhJB2rT5hLVjwQPis8k7bTM16t7vDZrQaoddk6wZ7or6xPPs1P8H9U16Xe75",
"type": "Bls12381G1Key2020",
"controller": "did:example:123",
"publicKeyBase58": "7bXhTVonHPizXP72AE92PPmRiaXipC519yU7F6NxUFExWpyQo57LuKKBoTyuZ3uWm9",
}
Normative Definition | JSON-LD |
---|---|
BBS+ Signatures 2020 | https://w3id.org/security/suites/bls12381-2020/v1 |
{
"id": "did:example:123#zUC7K51WYEsj8y6KPVa1XfwdW5ZJrW5kSbMV619j128T6atCLLXJjjovMZsJ3Ay4STdngRkvM4ygT4qm1mk6HR8FvipSY435nLgYS1TTcaqJAzDWzM1iB9vh3hTL1DEKitwn56i",
"type": "Bls12381G2Key2020",
"controller": "did:example:123",
"publicKeyBase58": "25ETdUZDVnME6yYuAMjFRCnCPcDmYQcoZDcZuXAfeMhXPvjZg35QmZ7uctBcovA69YDM3Jf7s5BHo4u1y89nY6mHiji8yphZ4AMm4iNCRh35edSg76Dkasu3MY2VS9LnuaVQ",
}
Normative Definition | JSON-LD | Additional Details |
---|---|---|
Linked Data Signatures for PGP | https://w3id.org/security/suites/pgp-2021/v1 | Use of this verification key should be in line with the OpenPGP Message Format as defined in RFC 4880 |
{
"@context":[
"https://www.w3.org/ns/did/v1",
"https://gpg.jsld.org/contexts/lds-gpg2020-v0.0.jsonld"
],
"id":"did:example:123",
"verificationMethod":[{
"id": "did:example:123#989ed1057a294c8a3665add842e784c4d08de1e2",
"type": "PgpVerificationKey2021",
"controller": "did:example:123",
"publicKeyPgp": "-----BEGIN PGP PUBLIC KEY BLOCK-----\r\nVersion: OpenPGP.js v4.9.0\r\nComment: https://openpgpjs.org\r\n\r\nxjMEXkm5LRYJKwYBBAHaRw8BAQdASmfrjYr7vrjwHNiBsdcImK397Vc3t4BL\r\nE8rnN......v6\r\nDw==\r\n=wSoi\r\n-----END PGP PUBLIC KEY BLOCK-----\r\n"
}]
}
DID Specification Registries Issue 370 This property should be moved into a separate suite and linked to here rather than relying on the Verifiable Credentials vocabulary. There are known issues with the first version of the Security vocabulary JSON-LD context and the first version of the Verifiable Credentials JSON-LD context which will prevent these contexts from being listed in the same document. For now it's suggested that implementers rely upon the first version of the Verifiable Credentials JSON-LD context and not rely on the Security vocabulary JSON-LD context in the same document.
Normative Definition | JSON-LD |
---|---|
RSA Signature Suite 2018 | https://www.w3.org/2018/credentials/v1 |
{
"id": "did:example:123#key-0",
"type": "RsaVerificationKey2018",
"controller": "did:example:123",
"publicKeyJwk": {
"kty":"RSA",
"e":"AQAB",
"use":"sig",
"kid":"tNksV42EUs3Xct9AkgZyFWglItRGMxVZ1A1XM68SNq0
"n":"kO2d_qQTEBjYFGcoY_da7ziFY4L2QX14K7snCee09n-cY2eP-oJXk8T2_lL20YnpYhf4i
jhkWHGU8kY8-FWPRrzSeu3JUMVSZoqTgoAiKWdnSLNvPVxvGuD2CiA3T6AkwUC03D2AkOLCcJV
8h_hxUEPeDawF7ArpuJW5DXzEJjE7gOjN4r6d7VB6sd5y-3la54H2ADz2amHLdBWs30fL4BRBH
lVdx0YmF37V4u5yvnnb5Iyr3kBXJes8t0MUMPkjqEEXRmukpKUzZYNpWDXY0tVcXeK5sRx0DAn
lNgNNf14-vsyjGkj2Rz0oGW73jjWa8dw-yVlDEHyIkQU9-UY4dFXbVjdIO8j_5ghh62o1T7Y4w
5CWMc-FxPE3LHe-_teW97X__NN-ToYgfi42IvV2mYOdQMCbvnvY2oMdK3b9wmeVi0marToauL5
LMg5xHDKopmIR7E3VyRtNYwDFAZ89kadcbSrZ8zTR5APaB7Tmp2L2ZfXKxqKQuxlFTTCcZtg4e
5AN8QuYdI18DEDQn2umUU_Twj7k4CXvuIKVL8p4yRHC4CHAGIm9cH_t11dF3wXygaENVOGRXQu
0g1iKq0mO2rWpOqkGJ5uXMFb5lx54i8uOjCdZ9y2el28xA55Ve95KCxeTHp997Bn3TIgbeQ-B_
-3PBVTuuAAH8y9fFNKtu5E"
}
}
Normative definition in a suite is required for registration, this entry should be updated or removed.
Normative Definition | JSON-LD |
---|---|
Normative definition pending | https://w3id.org/security/suites/x25519-2019/v1 |
{
...
"keyAgreement": [
{
"id": "did:example:123#zC9ByQ8aJs8vrNXyDhPHHNNMSHPcaSgNpjjsBYpMMjsTdS",
"type": "X25519KeyAgreementKey2019",
"controller": "did:example:123",
"publicKeyBase58": "9hFgmPVfmBZwRvFEyniQDBkz9LmV7gDEqytWyGZLmDXE"
}
]
}
Normative Definition | JSON-LD |
---|---|
ECDSA Secp256k1 Recovery Signature 2020 | https://w3id.org/security/suites/secp256k1recovery-2020/v1 |
{
"@context": [
"https://www.w3.org/ns/did/v1",
"https://identity.foundation/EcdsaSecp256k1RecoverySignature2020#"
],
"id":"did:example:123",
"verificationMethod": [
{
"id": "did:example:123#vm-1",
"controller": "did:example:123",
"type": "EcdsaSecp256k1RecoveryMethod2020",
"publicKeyJwk": {
"crv": "secp256k1",
"kid": "JUvpllMEYUZ2joO59UNui_XYDqxVqiFLLAJ8klWuPBw",
"kty": "EC",
"x": "dWCvM4fTdeM0KmloF57zxtBPXTOythHPMm1HCLrdd3A",
"y": "36uMVGM7hnw-N6GnjFcihWE3SkrhMLzzLCdPMXPEXlA"
}
},
{
"id": "did:example:123#vm-2",
"controller": "did:example:123",
"type": "EcdsaSecp256k1RecoveryMethod2020",
"publicKeyHex": "027560af3387d375e3342a6968179ef3c6d04f5d33b2b611cf326d4708badd7770"
},
{
"id": "did:example:123#vm-3",
"controller": "did:example:123",
"type": "EcdsaSecp256k1RecoveryMethod2020",
"ethereumAddress": "0xF3beAC30C498D9E26865F34fCAa57dBB935b0D74"
}
]
}
Normative Definition | JSON-LD |
---|---|
Verifiable Conditions Verification Method Suite 2021 | https://w3c-ccg.github.io/verifiable-conditions/contexts/verifiable-conditions-2021-v1.json |
{
"id": "did:example:123#1",
"controller": "did:example:123",
"type": "VerifiableCondition2021",
"conditionAnd": [{
"id": "did:example:123#1-1",
"controller": "did:example:123",
"type": "VerifiableCondition2021",
"conditionOr": [{
"id": "did:example:123#1-1-1",
"controller": "did:example:123",
"type": "EcdsaSecp256k1VerificationKey2019",
"publicKeyBase58": "5JBxKqYKzzoHrzeqwp6zXk8wZU3Ah94ChWAinSj1fYmyJvJS5rT"
}, {
"id": "did:example:123#1-1-2",
"controller": "did:example:123",
"type": "Ed25519VerificationKey2018",
"publicKeyBase58": "PZ8Tyr4Nx8MHsRAGMpZmZ6TWY63dXWSCzamP7YTHkZc78MJgqWsAy"
}]
}, {
"id": "did:example:123#1-2",
"controller": "did:example:123",
"type": "Ed25519VerificationKey2018",
"publicKeyBase58": "H3C2AVvLMv6gmMNam3uVAjZpfkcJCwDwnZn6z3wXmqPV"
}]
}
These are values to be used for the type
property
in a service object.
https://identity.foundation/.well-known/resources/did-configuration/#LinkedDomains
^ if this link changes the term defintion registered in did core will need to change, we should be sure we like this URL as is... forever.
Normative Definition | JSON-LD |
---|---|
Well Known DID Configuration | Well Known DID Configuration |
{
"@context": ["https://www.w3.org/ns/did/v1","https://identity.foundation/.well-known/did-configuration/v1"],
"id": "did:example:123",
"verificationMethod": [{
"id": "did:example:123#456",
"type": "JsonWebKey2020",
"controller": "did:example:123",
"publicKeyJwk": {
"kty": "OKP",
"crv": "Ed25519",
"x": "VCpo2LMLhn6iWku8MKvSLg2ZAoC-nlOyPVQaO3FxVeQ"
}
}],
"service": [
{
"id":"did:example:123#foo",
"type": "LinkedDomains",
"serviceEndpoint": {
"origins": ["https://foo.example.com", "https://identity.foundation"]
}
},
{
"id":"did:example:123#bar",
"type": "LinkedDomains",
"serviceEndpoint": "https://bar.example.com"
}
]
}
Normative Definition | JSON-LD |
---|---|
Linked Verifiable Presentation | Linked Verifiable Presentation |
{
"@context": [
"https://www.w3.org/ns/did/v1",
"https://identity.foundation/linked-vp/contexts/v1"
],
"id": "did:example:123",
"verificationMethod": [{
"id": "did:example:123#_Qq0UL2Fq651Q0Fjd6TvnYE-faHiOpRlPVQcY_-tA4A",
"type": "JsonWebKey2020",
"controller": "did:example:123",
"publicKeyJwk": {
"kty": "OKP",
"crv": "Ed25519",
"x": "VCpo2LMLhn6iWku8MKvSLg2ZAoC-nlOyPVQaO3FxVeQ"
}
}],
"service": [
{
"id": "did:example:123#foo",
"type": "LinkedVerifiablePresentation",
"serviceEndpoint": ["https://bar.example.com/verifiable-presentation.jsonld"]
},
{
"id": "did:example:123#baz",
"type": "LinkedVerifiablePresentation",
"serviceEndpoint": "ipfs://bafybeihkoviema7g3gxyt6la7vd5ho32ictqbilu3wnlo3rs7ewhnp7lly/verifiable-presentation.jwt"
}
]
}
Normative Definition | JSON-LD |
---|---|
DIDComm Messaging | A valid JSON-LD context needs to be published. DIDComm Messaging |
{
"@context":[
"https://www.w3.org/ns/did/v1",
"https://didcomm.org/messaging/contexts/v2"
],
"type":"DIDCommMessaging",
"serviceEndpoint": {
"uri": "http://example.com/path",
"accept":[ "didcomm/v2", "didcomm/aip2;env=rfc587" ],
"routingKeys":[ "did:example:somemediator#somekey" ]
}
}
The WotThing
and WotDirectory
endpoints allow publication of service endpoints in a DID document
that can be used to fetch Web of Things (WoT) Thing Descriptions (TDs).
The WotThing
endpoint is a REST service that returns a TD
when the GET
method is used.
This can be used for self-describing devices or services, or be a service
separate from the actual device or service described by the TD.
The WotDirectory
is also a REST service that returns a TD, but this service is always
a Web of Things (WoT) Thing Description Directory (TDD),
and the TD returned by a GET
always describes the TDD's interface.
Details (including normative statements covering the above) are in the
WoT Discovery specification.
Normative Definition | JSON-LD |
---|---|
WoT Discovery | WotThing |
WoT Discovery | WotDirectory |
{
"@context":[
"https://www.w3.org/ns/did/v1",
"https://www.w3.org/2022/wot/discovery-did"
],
...
"service": [{
"id": "did:example:wotdiscoveryexample#td",
"type": "WotThing",
"serviceEndpoint":
"https://wot.example.com/.well-known/wot"
}]
...
}
{
"@context":[
"https://www.w3.org/ns/did/v1",
"https://www.w3.org/2022/wot/discovery-did"
],
...
"service": [{
"id": "did:example:wotdiscoveryexample#tdd",
"type": "WotDirectory",
"serviceEndpoint":
"https://wot.example.com/tdd"
}]
...
}
The CredentialRegistry
endpoint allows publication of a dedicated service endpoint in a DID document, through which verifiable credentials can be queried. Each registry endpoint is a REST endpoint. When a GET
request is sent to the URI formed by appending the credentialSubject.id
as a URL-encoded string to the given endpoint URI, the registry MUST return an array of verifiable credentials associated with the subject ID. A sample registry endpoint can be found here.
Verifiable credential registries are supposed to hold credentials that are publicly accessible by default, e.g., for product passports on a product type level. An additional authentication for limiting access to certain credentials is currently under development.
Normative Definition | JSON-LD |
---|---|
Verifiable Credential Registry | Verifiable Credential Registry |
{
...
"service": [
{
"id": "did:example:123#vcregistry-1",
"type": "CredentialRegistry",
"serviceEndpoint": {
"registries": ["https://registry.example.com/{credentialSubject.id}", "https://identity.foundation/vcs/{credentialSubject.id}"]
}
},
{
"id": "did:example:123#vcregistry-2",
"type": "CredentialRegistry",
"serviceEndpoint": "https://ssi.eecc.de/api/registry/vcs/{credentialSubject.id}"
}
]
}
$ curl 'https://ssi.eecc.de/api/registry/vcs/https%3A%2F%2Ftest.de%2Ftest1' -H 'accept: application/ld+json, application/json'
[
{
"@context": ["https://www.w3.org/2018/credentials/v1",... ],
"type": ["VerifiableCredential",...],
"credentialSubject": {...},
"proof": {...},
...
},
...
]
The OID4VCI
service allows publication of a credential issuer that conforms to the OpenID for Verifiable Credential Issuance (OID4VCI) specification.
The service endpoint id
MUST be the Credential Issuer Identifier to get the Credential Issuer Metadata as described in Section Credential Issuer Metadata of OpenIDVCI.
Normative Definition | JSON-LD |
---|---|
OpenID4VCI | OpenID4VCI |
{
...
"service": [
{
"id": "did:example:123#oid4vci",
"type": "OID4VCI",
"serviceEndpoint": "https://issuer.example.com/"
}
]
}
The OID4VP
service allows publication of how to interact with a credential wallet that conforms with the OpenID for Verifiable Presentation (OID4VP) specification.
The service endpoint id
MUST be the Wallet (OAuth2) Issuer Identifier to obtain Wallet Metadata to invoke the wallet as described in section Wallet Invocation.
Normative Definition | JSON-LD |
---|---|
OpenID4VP | OpenID4VP |
{
...
"service": [
{
"id": "did:example:123#oid4vp",
"type": "OID4VP",
"serviceEndpoint": "https://wallet.example.com"
}
]
}