Create a DID


These instructions will help developers create DIDs on cheqd using the DID Registrar.

Watch this video for a simple walkthrough

What you need

  1. 1.
    Any framework for creating keys and signing payloads, such as Veramo CLI;
  2. 2.
    cheqd DID Registrar
  3. 3.
    5 minutes!
Swagger UI for cheqd DID Registrar

1. Setup Veramo CLI

This tutorial will be using the Veramo CLI for Key management. Setup the cli following this tutorial

2. Generate Key Pair in Veramo wallet

Enter the below command in the cli
veramo execute -m keyManagerCreate --argsJSON '{ "type": "Ed25519", "kms": "local" }'
Example Output
"type": "Ed25519",
"kid": "d2ce308f19ee116ee810956605632ccd024bad8dedd02baf49f248d03acdaa48",
"publicKeyHex": "d2ce308f19ee116ee810956605632ccd024bad8dedd02baf49f248d03acdaa48",
"meta": {
"algorithms": [
"kms": "local"
Note down the kid and publicKeyHex values of the generated key

3. Generate DID Payload

Go to "cheqd helpers" in our Registrar Driver here and click "try it out" in the top right corner.
Select the following options:
  • Select VerificationMethodType
  • Select MethodSpecificAlgo
  • Select network
  • Enter the publicKeyHex value generated in the previous step
DID Registrar - create DID payload
Figure 2: Creating a DID payload from template
"didDoc": {
"id": "did:cheqd:testnet:d4d4404b-6f7f-4e02-8d41-b81afb1f05ed",
"controller": [
"verificationMethod": [
"id": "did:cheqd:testnet:d4d4404b-6f7f-4e02-8d41-b81afb1f05ed#key-1",
"type": "Ed25519VerificationKey2020",
"controller": "did:cheqd:testnet:d4d4404b-6f7f-4e02-8d41-b81afb1f05ed",
"publicKeyMultibase": "z6MkteA1x9gEkJbYTe8myArT39Q5gZBmLPqsqJLeM3htytCo"
"authentication": [
"key": {
"verificationMethodId": "did:cheqd:testnet:d4d4404b-6f7f-4e02-8d41-b81afb1f05ed#key-1",
"publicKeyHex": "d2ce308f19ee116ee810956605632ccd024bad8dedd02baf49f248d03acdaa48"
Copy the didDoc field from the output.

4. Request Create Operation

Use /create to publish the DID
  1. 1.
    Paste the contents of didDoc from the previous step in the didDocument field of the /create api body
  2. 2.
    Click on execute to perform the request
    This response requests an action for you to sign the serialized payload again in a CLI. This is a security feature which means you are not passing your private key to the Registrar. Note down the serialized payload, jobId from the response

5. Sign Payload

Sign the serialized payload in your CLI with the below command
veramo execute -m keyManagerSign
Fill in the prompts
  1. 1.
    keyRef: Enter the kid of the keyPair generated in the first step
  2. 2.
    algorithm: Ed25519
  3. 3.
    data to sign: Paste the serialized payload from the previous step
  4. 4.
    enconding: Select base64
Example Response
Arguments: {
"keyRef": "d2ce308f19ee116ee810956605632ccd024bad8dedd02baf49f248d03acdaa48",
"algorithm": "Ed25519",
"encoding": "base64"
Result : "1ubhK2CRWfB4AsqzsxVeoVwZ2yb7OpNMOe7assJXhnitoPkClm5ZFjT9zV7s6OETMKSVsUtFwIp4XCoj2xl4Bw"
NOTE: If there are n verification methods for the controller then n signatures are required to publish a DID.
Copy the Result value from the response.

6. Submit Signature

Use the /create api again
  1. 1.
    Create the payload using the following values
    • jobId
    • secret
      • signingResponse
        • verificationMethodId
        • signature
  2. 2.
    Click on Execute
  3. 3.
    The state in didState should be finished in the response, the DID is created successfully

7. Check your DID is live

You can check your DID on the universal resolver or by going to{yourDID}