jspωiki
DID Authentication

Overview#

DID Authentication (DID Auth) is the mechanism by which an entity can cryptographically prove that they are associated with a DID and DID Description.

Authentication is separate from Authorization because an entity may wish to enable other entities to update the DID Document, for example, to assist with key recovery without enabling them to prove ownership (and thus be able to impersonate the entity.

The rules for Authentication are:

DID Authentication Example#

{
  "@context": "https://w3id.org/did/v1",
  "id": "did:example:123456789abcdefghi",
  ...
  "authentication": [{
    // this key can be used to authenticate as DID ...fghi
    "type": "RsaSignatureAuthentication2018",
    "publicKey": "did:example:123456789abcdefghi#keys-1"
  }, {
    // this key can be used to authenticate as DID ...fghi
    "type": "PseudonymousBiometricAuthentication2018",
    "biometricTemplate": "did:example:123456789abcdefghi#bio-1"
  }],
  ...
}

More Information#

There might be more information for this subject on one of the following: