<meta charset="UTF-8">
<meta name="robots" content="noindex,nofollow" />
<link rel="shortcut icon" type="image/x-icon" href="/wiki/images/favicon.ico" />
<link rel="icon" type="image/x-icon" href="/wiki/images/favicon.ico" />

<pre>
!!! Overview
[{$pagename}] ([DID Auth])  is the mechanism by which an [entity] can cryptographically prove that they are associated with a [DID] and DID Description. 


%%warning
[Authentication] is separate from [Authorization] because an [entity] may wish to enable other entities to update the [DID Document], for [example], to assist with [key recovery] without enabling them to prove [ownership] (and thus be able to [impersonate|Impersonation] the [entity].
%%


The rules for Authentication are:
** [MAY] include an [authentication] property.
** The value of the [authentication] property should be an array of proof mechanisms ([{$applicationname}] assumes these are [Authentication Factors]).
** Each proof mechanism [MUST] include the type property.
** Each proof mechanism [MAY] embed or reference a [Public Key] 


!! [{$pagename}] [Example]
{{{{
  &quot;@context&quot;: &quot;https://w3id.org/did/v1&quot;,
  &quot;id&quot;: &quot;did:example:123456789abcdefghi&quot;,
  ...
  &quot;authentication&quot;: [{
    // this key can be used to authenticate as DID ...fghi
    &quot;type&quot;: &quot;RsaSignatureAuthentication2018&quot;,
    &quot;publicKey&quot;: &quot;did:example:123456789abcdefghi#keys-1&quot;
  }, {
    // this key can be used to authenticate as DID ...fghi
    &quot;type&quot;: &quot;PseudonymousBiometricAuthentication2018&quot;,
    &quot;biometricTemplate&quot;: &quot;did:example:123456789abcdefghi#bio-1&quot;
  }],
  ...
}
}}}

!! [{$pagename}] and [Self-Issued OpenID Provider]
The current [{$pagename}] [Working Group] working in coordination with editors of the [OpenID Connect] [specification] to combine the knowledge from the [DIF] community and the [OpenID Foundation] and are using [Self-Issued OpenID Provider] for [{$pagename}] within the [Verifiable Credentials].


[{Image src='https://miro.medium.com/max/1079/1*GoeFcYzRBavzan21-XonYA.png' caption='SIOP in the Context of W3C Verifiable Credentials' align ='left' style='font-size: 120%;'}]\\



!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [W3C Decentralized Identifiers (DIDs)|https://w3c-ccg.github.io/did-spec/|target='_blank'] - based on information obtained 2018-11-29
* [#2] - [Using OpenID Connect with Decentralized Identifiers|https://medium.com/decentralized-identity/using-openid-connect-with-decentralized-identifiers-24733f6fa636|target='_blank'] - based on information obtained 2019-10-14 
* [#3] - [Using OpenID Connect Self-Issued to achieve DID Auth|https://github.com/WebOfTrustInfo/rwot8-barcelona/blob/master/draft-documents/did-auth-oidc.md|target='_blank'] - based on information obtained 2019-10-14 



</pre>