Host a did:web
To make use of your did:web, you must make its DID document publicly available. It is important to understand that verifiers will rely on accessing the DID document to verify credentials issued using your did:web.
Therefore, the did.json file needs to be highly available. DID documents are not expected to change very often, so caching is encouraged using standard caching headers. A global CDN is also highly recommended to reduce latency during verification, as wallets may make multiple calls from across the world (use-case dependent).
Furthermore, if the DID is tied to an issuing infrastructure, if the latter is taken down for maintenance it will prevent both issuing and verifying during that downtime.
Taking these considerations into account, you can either host your did:web on your MATTR VII tenant, or on your own domain.
MATTR VII hosting
To get you started quickly using the did:web method, or as an alternative to setting up the DID document hosting against your own domain, MATTR VII provides hosting capabilities.
To make use of this capability, create the did:web with your tenant's URL:
https://{YOUR_TENANT_SUBDOMAIN}.vii.au01.mattr.globalMATTR VII will automatically host your DID document and make it available at the following URL:
https://{YOUR_TENANT_SUBDOMAIN}.vii.au01.mattr.global/.well-known/did.jsonSelf hosting
If you wish to host the DID document on your own domain:
Copy the contents of the
initialDidDocumentobject from the DID document. Remember not to copy the entire DID document, only theinitialDidDocumentobject.Paste the content in a text file and save it as
did.json.Upload
did.jsonto your domain under a folder named/.well-known.
You will need to update this file if you were to change the DID on MATTR VII
Hosting on a specific path
It is possible to create and host a did:web using a specific path rather than the /.well-known folder. When hosting on a specific path, you must host the DID document on your own domain. Refer to Self hosting for more information.
Request
Make the following request to create a did:web that will be hosted on a specific path:
1POST https://YOUR_TENANT_URL/v1/dids1
2{
3 "method": "web",
4 "options": {
5 "url": "organization.com/path"
6 }
7}
url: The returned DID Document must be hosted and available on the specified location for the DID to be resolvable.
Changing the URL for a DID Web will create a new DID that is distinct from any previously created ones.
Response
1{
2 "did": "did:web:organization.com:path",
3 "registrationStatus": "PROCESSING",
4 "localMetadata": {
5 "keys": [
6 {
7 "didDocumentKeyId": "did:web:organization.com#CfZMD88eoh",
8 "kmsKeyId": "CfZMD88eohsizC7XwamxwNVFuQaowN3fpNRW6rBjBEMy"
9 },
10 {
11 "didDocumentKeyId": "did:web:organization.com#9hvq54oWSa",
12 "kmsKeyId": "6FstRAzj71Yb2BYGy62uMFA6G4vcAkvRTnqQ7sherD9x"
13 }
14 ],
15 "registered": 1600731355153,
16 "initialDidDocument": {
17 "@context": [
18 "https://w3.org/ns/did/v1",
19 "https://w3id.org/security/suites/x25519-2019/v1",
20 "https://w3id.org/security/suites/ed25519-2018/v1",
21 "https://w3id.org/security/bbs/v1"
22 ],
23 "id": "did:web:organization.com",
24 "verificationMethod": [
25 {
26 "id": "did:web:organization.com#CfZMD88eoh",
27 "controller": "did:web:organization.com",
28 "type": "Ed25519VerificationKey2018",
29 "publicKeyBase58": "CfZMD88eohsizC7XwamxwNVFuQaowN3fpNRW6rBjBEMy"
30 }
31 ],
32 "authentication": [
33 "did:web:organization.com#CfZMD88eoh"
34 ],
35 "assertionMethod": [
36 "did:web:organization.com#CfZMD88eoh"
37 ],
38 "capabilityDelegation": [
39 "did:web:organization.com#CfZMD88eoh"
40 ],
41 "capabilityInvocation": [
42 "did:web:organization.com#CfZMD88eoh"
43 ],
44 "keyAgreement": [
45 {
46 "id": "did:web:organization.com#6FstRAzj71",
47 "controller": "did:web:organization.com",
48 "type": "X25519KeyAgreementKey2019",
49 "publicKeyBase58": "6FstRAzj71Yb2BYGy62uMFA6G4vcAkvRTnqQ7sherD9x"
50 }
51 ]
52 }
53 }
54}
did: The specified path is appended to the url.