Skip to main content

Create a did:web

DIDs using the web method host the DID document on a publicly accessible domain in order to make the document and contents available.

For example, Sovrin has a did:webusing our own domain did:web:sovrin.one. This DID is hosted on our website at https://sovrin.one/.well-known/did.json. DIDs may also be hosted at specific paths on your website.

Constraints

  • did:web inherently rely on the security of the website the DID Document is hosted on. We would only recommend the use of this type of DID on trusted and known sites/domains, such as government agencies and enterprises.

  • Message signing is not possible at this time using DIDs that only contain a bls12381g2 key type. Note that Sovrin creates did:web with multiple key types by default to overcome this constraint.

  • When you create a new credential configuration and don't specify an explicit issuer DID, the most recently created did:web on your tenant is used as an issuer DID by default.

Request

Make the following request to create a did:web:

POST https://api.sovrin.one/v1/dids
{
  "method": "web",
  "options": {
    "url": "organization.com"
  }
}

  • method: Set to web in order to create a did:web.

  • url: The domain that will host the DID document. When using Sovrin, this would likely be your tenant's URL.

Unlike the request to create a did:key, this request doesn't include a keyType attribute. Sovrin creates all did:web with multiple key types by default. This enables issuers to issue different types of credentials from a single DID, making use of the different key types features:

  • P-256:

  • This is the default option for signing Compact Credentials.

  • Bls12381G2Key2020:

  • This is the default option for signing Web Credentials.

  • Supports ZKP-enabled credentials.

  • Supports key rotation.

  • X25519 suite:

  • Ed25519: Recommended when the web:did is used as a Verifier DID, as it supports symmetric key signing required for verifying messages.

Response

{
    "did": "did:web:organization.com",
    "registrationStatus": "PROCESSING",
    "localMetadata": {
        "keys": [
            {
                "didDocumentKeyId": "did:web:organization.com#z12KpjmH",
                "kmsKeyId": "aa87d1be-d4f9-4ff0-87b8-8af7b45871c8"
            },
            {
                "didDocumentKeyId": "did:web:organization.com#7qLxNRsFS9",
                "kmsKeyId": "5f2bf621-8b96-47d8-893b-db48b8bc2947"
            },
            {
                "didDocumentKeyId": "did:web:organization.com#22NxLGzcwD",
                "kmsKeyId": "70f5cba8-ec85-4770-a40d-27012e4f652f"
            },
            {
                "didDocumentKeyId": "did:web:organization.com#2TurnSmooY",
                "kmsKeyId": "68787eec-7bde-4cda-9dc1-b73007c3d48d"
            }
        ],
        "registered": 1684275207499,
        "initialDidDocument": {
            "@context": [
                "https://w3.org/ns/did/v1",
                "https://w3id.org/security/suites/x25519-2019/v1",
                "https://w3id.org/security/suites/jws-2020/v1",
                "https://w3id.org/security/suites/ed25519-2018/v1",
                "https://w3id.org/security/bbs/v1"
            ],
            "id": "did:web:organization.com",
            "authentication": [
                "did:web:organization.com#7qLxNRsFS9"
            ],
            "assertionMethod": [
                "did:web:organization.com#z12KpjmH",
                "did:web:organization.com#7qLxNRsFS9",
                "did:web:organization.com#22NxLGzcwD"
            ],
            "capabilityDelegation": [
                "did:web:organization.com#z12KpjmH",
                "did:web:organization.com#7qLxNRsFS9",
                "did:web:organization.com#22NxLGzcwD"
            ],
            "capabilityInvocation": [
                "did:web:organization.com#z12KpjmH",
                "did:web:organization.com#7qLxNRsFS9",
                "did:web:organization.com#22NxLGzcwD"
            ],
            "verificationMethod": [
                {
                    "id": "did:web:organization.com#z12KpjmH",
                    "controller": "did:web:organization.com",
                    "type": "JsonWebKey2020",
                    "publicKeyJwk": {
                        "kty": "EC",
                        "crv": "P-256",
                        "x": "nAW2_ezqvNlSDYUyrpN3pAlRnWVH5D6-6G4iZS0ZoxI",
                        "y": "bSeCEF-erfdu7ZuTv6u6Ps_YJCCvvJ_nkaaFNynn1dQ"
                    }
                },
                {
                    "id": "did:web:organization.com#7qLxNRsFS9",
                    "controller": "did:web:organization.com",
                    "type": "Ed25519VerificationKey2018",
                    "publicKeyBase58": "7qLxNRsFS9T9bfa29a8YDrhsabKQsA5nmbT8RkbcdMm4"
                },
                {
                    "id": "did:web:organization.com#22NxLGzcwD",
                    "controller": "did:web:organization.com",
                    "type": "Bls12381G2Key2020",
                    "publicKeyBase58": "22NxLGzcwDb9oEtXCjT4gYEjemNX4vTL779hFHUSKEgMGNCLzbtdek4UN9jXbfHsgQ4TDS7FVnNFYTzzMaoSPhXGVDUTb6wiUx6ny9qwa6Rye398tEMLgg3Ki5CPX65MBnGP"
                }
            ],
            "keyAgreement": [
                {
                    "id": "did:web:organization.com#2TurnSmooY",
                    "controller": "did:web:organization.com",
                    "type": "X25519KeyAgreementKey2019",
                    "publicKeyBase58": "2TurnSmooYqT18Y5fi8Gh8HFNsAiSpTdoMNgSE6gvwUg"
                }
            ]
        }
    }
}