DID JWK
Create a did:jwk
CURL
Endpoint: /v1/{target}/did-service-api/dids/create/jwk | API Reference
Example Request
curl -X 'POST' \
'https://{orgID}.enterprise-sandbox.waltid.dev/v1/{target}/did-service-api/dids/create/jwk' \
-H 'accept: */*' \
-H 'Authorization: Bearer {yourToken}' \
-H 'Content-Type: application/json' \
-d '{
"keyId": "waltid.tenant1.kms1.key1",
"didId": "did1"
}'
Body
{
"keyId": "waltid.tenant1.kms1.key1",
"didId": "did1"
}
Path Parameters
orgID: - When performing operations within an organization, it is essential to use the organization's Base URL or another valid host alias. For example, if your organization is namedtest, your default Base URL will betest.enterprise-sandbox.walt.devwhen using the sandbox environment.target: resourceIdentifier - The target indicates the organization + tenant + DID service in which to execute the DID creation ({organizationID}.{tenantID}.{didServiceID}), e.g.waltid.tenant1.didservice
Body Parameters
keyId: resourceIdentifier - Specifies the key for which to generate a DID + DID Document. Please make sure that the key is stored in a KMS service under the same tenant as the DID service and is attached following the Using KMS for DID Creation guide.didId: resourceIdentifier - Specifies the identifier of the did to be stored when a DID Store is attached. If not provided, the identifier will be generated automatically.
Response
201- DID created successfully.
{
"id": "waltid.tenant1.didstore.did1",
"did": "did:jwk:eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2Iiwia2lkIjoielRBdUxpbUpvVUtOOHAtVTRib0tTQzNQUXJwOThnMXNoSnZqa2VtRTR1VSIsIngiOiJCVEJjdjRKSHp3V1VWMldCcGFmQ2hSTE5BR1VmSWZYNTZvZGlHem9KcXdNIiwieSI6InNtZjdKeTd5S1VJWUtMM2loaFluM25DNDBoS1FUYXloWC1SUm1XS2tQNmMifQ",
"document": {
"@context": [
"https://www.w3.org/ns/did/v1",
"https://w3id.org/security/suites/jws-2020/v1"
],
"id": "did:jwk:eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2Iiwia2lkIjoielRBdUxpbUpvVUtOOHAtVTRib0tTQzNQUXJwOThnMXNoSnZqa2VtRTR1VSIsIngiOiJCVEJjdjRKSHp3V1VWMldCcGFmQ2hSTE5BR1VmSWZYNTZvZGlHem9KcXdNIiwieSI6InNtZjdKeTd5S1VJWUtMM2loaFluM25DNDBoS1FUYXloWC1SUm1XS2tQNmMifQ",
"verificationMethod": [
{
"id": "did:jwk:eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2Iiwia2lkIjoielRBdUxpbUpvVUtOOHAtVTRib0tTQzNQUXJwOThnMXNoSnZqa2VtRTR1VSIsIngiOiJCVEJjdjRKSHp3V1VWMldCcGFmQ2hSTE5BR1VmSWZYNTZvZGlHem9KcXdNIiwieSI6InNtZjdKeTd5S1VJWUtMM2loaFluM25DNDBoS1FUYXloWC1SUm1XS2tQNmMifQ#0",
"type": "JsonWebKey2020",
"controller": "did:jwk:eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2Iiwia2lkIjoielRBdUxpbUpvVUtOOHAtVTRib0tTQzNQUXJwOThnMXNoSnZqa2VtRTR1VSIsIngiOiJCVEJjdjRKSHp3V1VWMldCcGFmQ2hSTE5BR1VmSWZYNTZvZGlHem9KcXdNIiwieSI6InNtZjdKeTd5S1VJWUtMM2loaFluM25DNDBoS1FUYXloWC1SUm1XS2tQNmMifQ",
"publicKeyJwk": {
"kty": "EC",
"crv": "P-256",
"kid": "zTAuLimJoUKN8p-U4boKSC3PQrp98g1shJvjkemE4uU",
"x": "BTBcv4JHzwWUV2WBpafChRLNAGUfIfX56odiGzoJqwM",
"y": "smf7Jy7yKUIYKL3ihhYn3nC40hKQTayhX-RRmWKkP6c"
}
}
],
"assertionMethod": [
"did:jwk:eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2Iiwia2lkIjoielRBdUxpbUpvVUtOOHAtVTRib0tTQzNQUXJwOThnMXNoSnZqa2VtRTR1VSIsIngiOiJCVEJjdjRKSHp3V1VWMldCcGFmQ2hSTE5BR1VmSWZYNTZvZGlHem9KcXdNIiwieSI6InNtZjdKeTd5S1VJWUtMM2loaFluM25DNDBoS1FUYXloWC1SUm1XS2tQNmMifQ#0"
],
"authentication": [
"did:jwk:eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2Iiwia2lkIjoielRBdUxpbUpvVUtOOHAtVTRib0tTQzNQUXJwOThnMXNoSnZqa2VtRTR1VSIsIngiOiJCVEJjdjRKSHp3V1VWMldCcGFmQ2hSTE5BR1VmSWZYNTZvZGlHem9KcXdNIiwieSI6InNtZjdKeTd5S1VJWUtMM2loaFluM25DNDBoS1FUYXloWC1SUm1XS2tQNmMifQ#0"
],
"capabilityInvocation": [
"did:jwk:eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2Iiwia2lkIjoielRBdUxpbUpvVUtOOHAtVTRib0tTQzNQUXJwOThnMXNoSnZqa2VtRTR1VSIsIngiOiJCVEJjdjRKSHp3V1VWMldCcGFmQ2hSTE5BR1VmSWZYNTZvZGlHem9KcXdNIiwieSI6InNtZjdKeTd5S1VJWUtMM2loaFluM25DNDBoS1FUYXloWC1SUm1XS2tQNmMifQ#0"
],
"capabilityDelegation": [
"did:jwk:eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2Iiwia2lkIjoielRBdUxpbUpvVUtOOHAtVTRib0tTQzNQUXJwOThnMXNoSnZqa2VtRTR1VSIsIngiOiJCVEJjdjRKSHp3V1VWMldCcGFmQ2hSTE5BR1VmSWZYNTZvZGlHem9KcXdNIiwieSI6InNtZjdKeTd5S1VJWUtMM2loaFluM25DNDBoS1FUYXloWC1SUm1XS2tQNmMifQ#0"
],
"keyAgreement": [
"did:jwk:eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2Iiwia2lkIjoielRBdUxpbUpvVUtOOHAtVTRib0tTQzNQUXJwOThnMXNoSnZqa2VtRTR1VSIsIngiOiJCVEJjdjRKSHp3V1VWMldCcGFmQ2hSTE5BR1VmSWZYNTZvZGlHem9KcXdNIiwieSI6InNtZjdKeTd5S1VJWUtMM2loaFluM25DNDBoS1FUYXloWC1SUm1XS2tQNmMifQ#0"
]
}
}
Please make sure to save the generated DID (Decentralized Identifier) along with the key ID for future reference. This information is necessary, for example, when issuing credentials through the Issuer Service. We are working on a solution to have this referenced stored automatically for easier access across all services.
Last updated on May 6, 2026