DID Auth

DIDs and Verifiable Credentials (VCs) offer various uses, with DID authentication being a common use case. One example of implementing a decentralized login mechanism is by allowing users to have full control over their DIDs for Sign Up and Login features on an application. Keep in mind that this is just one approach, and multiple DID authentication methods can be utilized.

How the Signup works

  1. The user clicks on Sign Up button on the example website

  2. The website interacts with the backend API server to generate a Verifiable Credential with some data within it(such as the user's name, username, etc. This can be any arbitrary data the Company A wants to put in the Verifiable Credential they issue using their DID private key)

  3. The backend API server sends back the generated VC back to the example website

  4. The website calls the "saveVC" API of Identify Snap to save this newly generated VC in the snap storage within Metamask

How the Login works

  1. The user clicks on Login button on the example website

  2. The website calls the "getVCs" API of Identify Snap to retrieve all the VCs that are in the user's snap storage within Metamask

  3. The website displays the list of user VCs from which the user needs to select which VC to use to login to the website

  4. After the user chooses the VC to login with, the website calls the "createVP" API of Identify Snap to generate a Verifiable Presentation out of the VC the user chose. Developers may choose to add a "challenge" when calling this snap API for additional security.

  5. The website sends the VP to the backend API server where a method to verify VP will be called to ensure the VP and VC are legitimate and signed by Company A's DID and that the VP does belong to the user

  6. The backend API server sends a message to the website saying everything was verified successfully and log the user into the website

If you would like to see an example project implementing this exact DID auth mechanism, check out the following repos:

Last updated