DID Discovery

Updated: June 2, 2020

You can use the discovery API to fetch the DID document associated with a DID. This step will be necessary any time you wish to interact with a DID, including during authentication. To discover a DID, you can send an HTTP request:

GET /1.0/identifiers/did:ion-test:EiDDNR0RyVI4rtKFeI8GpaSougQ36mr1ZJb8u6vTZOW6Vw HTTP/1.1
Host: beta.discover.did.microsoft.com
Accept: application/json

The following curl command will produce this request for you:

curl https://beta.discover.did.microsoft.com/1.0/identifiers/did:ion-test:EiDDNR0RyVI4rtKFeI8GpaSougQ36mr1ZJb8u6vTZOW6Vw

And the response for a properly registered DID uses the following format:

HTTP/1.1 200 OK
Content-Length: 301
Content-Type: application/json

{
  "document": {
    "@context": "https://w3id.org/did/v1",
    "publicKey": [
      {
        "id": "#key-1",
        "type": "Secp256k1VerificationKey2018",
        "publicKeyJwk": {
          "kty": "EC",
          "kid": "#key-1",
          "crv": "P-256K",
          "x": "Y4ezHen9MPuJcowKwhc9jT1owEzNb65BMUqtS7NH_C8",
          "y": "wWDGd0PHYjIGRcP9owNvsSLYWzSbFLuCKE8KX75KFRY",
          "use": "verify",
          "defaultEncryptionAlgorithm": "none",
          "defaultSignAlgorithm": "ES256K"
        }
      }
    ],
    "service": [
      {
        "id": "IdentityHub",
        "type": "IdentityHub",
        "serviceEndpoint": {
          "@context": "schema.identity.foundation/hub",
          "@type": "UserServiceEndpoint",
          "instance": [
            "did:test:hub.id"
          ]
        }
      }
    ],
    "id": "did:ion-test:EiDDNR0RyVI4rtKFeI8GpaSougQ36mr1ZJb8u6vTZOW6Vw"
  },
  "resolverMetadata": {
    "driverId": "did:ion-test",
    "driver": "HttpDriver",
    "retrieved": "2019-05-10T20:07:17.489Z",
    "duration": "152.6719ms"
  }
}

This response format is compliant with DID specifications, and that helps ensure that the discovery API can be used by any software package that implements DID standards. The full format of the DID document is described in the DID specification, but the highlights include:

Property	Description
`@context`	The schema of the DID document, accoriding to JSON-LD semantics.
`id`	The DID.
`publicKey`	The set of public keys asssociated with the DID that can be used for various interactions, such as authentication.
`publicKey.id`	The key ID for the specific key, which can be used for key lookup.
`publicKey.type`	The key type of public key.
`publicKey.publicKeyJwk`	The public key, as a string in JSON Web Key format.

Note

Public keys may be returned in other formats, such as publicKeyHex or publicKeyPem. The CryptoSuite publicKey.type will dictate which formats are possible.

If you can receive a DID document for your DID, then your DID is properly registered. You can now use the DID, for instance, to sign-in to applications.

See something missing? We'd love your feedback and input on the Verifiable Credentials preview. Please contact us. When you use Microsoft DID Services, you agree to the DID Preview Agreement and the Microsoft Privacy Statement.