Product Docs
Product DocsTechnical DocsLearning & GovernanceUseful Links
  • Product Docs
  • Node Docs
  • Learning Docs
  • โ„น๏ธGetting Started
    • Product Overview
    • โžก๏ธGet Started with cheqd Studio
      • ๐Ÿ‘‰Set Up Your Account
      • ๐Ÿ—๏ธCreate API Keys
      • ๐Ÿช™Token Top Up
      • ๐Ÿ”„Advanced Configuration Options
    • โ˜‘๏ธUse Trust Registries for AI Agents
      • ๐Ÿ—๏ธBuild an AI Agent Trust Registry
        • Setup AI Agent Trust Registry
          • Issue Verifiable Credentials to AI Agent
        • Setup and Configure MCP Server
          • Create AI Agent DID
          • Import Credential to AI Agent
          • Advanced functionality
            • Issue a Verifiable Credential
            • Verify a Credential
      • ๐ŸคValidate AI Agent Trust Chain
  • ๐ŸŸขStart using cheqd
    • ๐Ÿ†”Create DIDs and Identity Keys
      • Create Issuer DID
      • Create Identity Keys
      • Create Subject DID
      • Resolve a DID
      • Update a DID
      • Deactivate a DID
    • โœ…Issue Credentials and Presentations
      • Issue Credential
      • Setup Verida Wallet
      • Verify Credential
      • Verify Presentation
      • Revoke Credential
      • Suspend or Unsuspend Credential
    • โ™ป๏ธCharge for Verifiable Credentials
      • Understanding Credential Payments
        • Access Control Conditions
        • Privacy Considerations
      • Charge for Status List
      • Issue Credential with Encrypted Status List
      • Create Verifier Pays Issuer flow
      • Bulk Update or Rotate Encryption Keys
    • ๐ŸคBuild Trust Registries
      • Decentralized Trust Chains (DTCs)
        • Root Authorisations
        • RTAO -> TAO
        • TAO -> SubTAO
        • TAO -> Trusted Issuer (TI)
        • Referencing Trust Registry within a Verifiable Credential
      • Set up Trust Chain
        • Issue Verifiable Accreditation
        • Verify Verifiable Accreditation
      • Get Started with TRAIN
        • Deploy TRAIN and Anchor rTAO in DNS
        • Validate Trust Chain
    • ๐ŸŽ‹Create Status Lists
      • Bitstring Status List
        • Create Bitstring Status List
        • Update Bitstring Status List
        • Check Bitstring Status List
        • Search Bitstring Status List
      • Token Status List
        • Create Token Status List
        • Update Token Status List
    • โ†•๏ธCreate DID-Linked Resources
      • Understanding DID-Linked Resources
        • Context for developing DID-Linked Resources
        • Technical composition of DID-Linked Resources
        • Referencing DID-Linked Resources in VCs
      • Create DID-Linked Resource
      • Search DID-Linked Resource
  • ๐Ÿ› ๏ธIntegrate an SDK
    • Choosing the right SDK
    • ๐ŸCredo
      • Setup Credo Agent
      • Decentralized Identifiers (DIDs)
        • Create a DID
        • Update a DID
        • Deactivate a DID
      • DID-Linked Resources
        • Create DID-Linked Resource
        • Resolve DID-Linked Resource
        • Create AnonCreds Schema
        • Create AnonCreds Credential Definition
      • Verifiable Credentials and Presentations
        • Issue a Verifiable Credential (AnonCreds)
        • Present a Verifiable Credential (AnonCreds)
    • ๐ŸŠACA-Py
      • Setup ACA-Py Agent
      • Decentralized Identifiers (DIDs)
        • Create a DID
        • Update a DID
        • Deactivate a DID
      • DID-Linked Resources
        • Create AnonCreds Schema
        • Create AnonCreds Credential Definition
      • Verifiable Credentials and Presentations
        • AnonCreds
          • Issue a Verifiable Credential
          • Present a Verifiable Credential
          • Revoke a Verifiable Credential
        • JSON-LD
          • Issue a Verifiable Credential
          • Present a Verifiable Credential
    • ๐ŸˆVeramo
      • Setup Veramo CLI for cheqd
        • Troubleshooting Veramo CLI setup
      • Decentralised Identifiers (DIDs)
        • Create a DID
        • Querying a DID
        • Update an existing DID
        • Deactivate a DID
        • Create an off-ledger holder DID
        • Managing Identity Keys
        • Troubleshooting
      • Verifiable Credentials and Presentations
        • Issue a Verifiable Credential
        • Verify a Verifiable Credential
        • Create a Verifiable Presentation
        • Verify a Verifiable Presentation
      • Credential Payments
        • Charge for Status List
        • Issue Credential with Encrypted Status List
        • Verifier pays Issuer
      • Bitstring Status List
        • Create Status List
        • Issuing a Verifiable Credential referencing Status List
      • DID-Linked Resources
        • Create a DID-Linked Resource
        • Create a new Resource version within existing Collection
    • ๐ŸซWalt.id Community Stack
  • ๐Ÿ—๏ธArchitecture
    • Architecture Decision Record (ADR) Process
    • List of ADRs
      • ๐Ÿ”ตADR 001: cheqd DID Method
      • ๐ŸŸขADR 002: DID-Linked Resources
      • ๐ŸŸกADR 003: DID Resolver
      • ๐ŸŸ ADR 004: DID Registrar
      • ๐ŸŸฃADR 005: DID Resolution & DID URL Dereferencing
  • ๐Ÿ’ซAdvanced features and alternatives
    • โžก๏ธDID Registrar
      • Setup DID Registrar
      • Create a DID
      • Create a DID-Linked Resource
    • โฌ…๏ธDID Resolver
      • Setup DID Resolver
    • โšกAnonCreds Object Method
      • Schemas
      • Credential Definitions
      • Revocation Registry Definitions
      • Revocation Status Lists
    • ๐ŸŒ Advanced Tooling
      • cheqd Cosmos CLI for identity
        • Create a DID
        • Update a DID
        • Deactivate a DID
        • Query a DID
        • Create a DID-Linked Resource
        • Update a DID-Linked Resource
      • Direct interaction with ledger code
      • VDR Tools CLI with cheqd (deprecated)
      • Demo Wallet for Identity Setup
  • โš›๏ธNetwork
    • Get started with cheqd Network
      • Identity Write Pricing
      • Comparison to Hyperledger Indy
    • โฉSetup your Wallet
      • Setup Leap Wallet
        • Congifure cheqd testnet for Leap
      • Setup Keplr Wallet
      • Migrate from Keplr to Leap Wallet
    • โ†ช๏ธUseful Tools and APIs
      • Block Explorer
      • Testnet Faucet
      • Validator Status API
      • Cheqd x Cosmos Data APIs
      • Cosmos Airdrop Helpers
      • Cosmos Address Convertor
      • Ethereum Bridge
    • โฌ†๏ธNetwork Upgrades
      • 2021
        • 0.1.x
        • 0.2.x
        • 0.3.x
      • 2022
        • 0.4.x
        • 0.5.x
        • 0.6.x
      • 2023
        • 1.x
      • 2024
        • 2.x
        • 3.x
      • Root Cause Analysis of Outages
        • v1.x upgrade RCA
  • โš–๏ธLegal
    • License
    • Code of Conduct
    • Security Policy
  • ๐Ÿ†˜Support
    • System Status
    • Discord
    • Bugs & Feature Requests
Powered by GitBook
LogoLogo

General

  • Website
  • Blog
  • Get $CHEQ

Product Docs

  • Product Docs
  • cheqd Studio
  • Creds.xyz
  • Bug/Feature Requests

Technical Docs

  • Node Docs
  • GitHub
  • Block Explorer

Learning Docs

  • Learning Docs
  • Governance Docs
  • Governance Forum
  • Governance Explorer
On this page

Was this helpful?

Edit on GitHub
Export as PDF
  1. Start using cheqd
  2. Create DIDs and Identity Keys

Create Identity Keys

Create a standalone public/private keypair, used to create Decentralized Identifiers (DIDs), using cheqd Studio.

In decentralized identity systems, all actorsโ€”whether Issuers, Holders, or Verifiersโ€”require cryptographic keys to prove control over a Decentralized Identifier (DID) and to sign or verify interactions (e.g. credential issuance or presentation).

This tutorial guides you through generating a key pair that can be used to:

  • โœ… Create a new DID (e.g. did:cheqd or did:key)

  • โœ… Import into cheqd Studio for identity operations

  • โœ… Use directly in SDKs or agent frameworks that support key-based identity

Why Identity Keys Matter

DIDs are built on public-private key cryptography. The public key is embedded in or referenced by the DID Document, while the private key remains securely held by the actor controlling the identity.

Without keys, you canโ€™t:

  • Create a DID

  • Authenticate or prove control of an identity

  • Sign or verify credentials and presentations

  • Rotate or deactivate identifiers

Step 1: Choose Your Key Type

cheqd Studio supports two cryptographic key types for identity operations:

Key Type
Use Case / Notes

Ed25519

The default and recommended key type for most DID and Verifiable Credential operations. Fast, secure, and widely supported across agent frameworks.

secp256k1

A widely adopted elliptic curve used in blockchain ecosystems (e.g. Bitcoin, Ethereum). Useful for cross-chain identity interoperability or aligning with Web3 wallets.

โœ… Choose Ed25519 for identity-specific use cases. Use secp256k1 if you need compatibility with blockchain-based tooling, wallets, or ecosystems that already rely on this curve.

Step 2: Hit the API below

Use the API below to create and generate your new identity key pair of either type Ed25519 or secp256k1.

Step 3 (Alternative): Fetch Identity Key Details

If you've already generated a key pair using cheqd Studio and want to retrieve it later, you can do so by referencing its Key ID (kid). This is useful for:

  • Recovering key material generated earlier (e.g., to construct a DID or sign a credential)

  • Working with shared or externally provisioned keys

  • Avoiding duplicate key creation when managing identities programmatically

Last updated 6 hours ago

Was this helpful?

๐ŸŸข
๐Ÿ†”

Fetch an identity key pair.

get

This endpoint fetches an identity key pair's details for a given key ID. Only the user account associated with the custodian-mode client can fetch the key pair.

Authorizations
Path parameters
kidstringRequired

Key ID of the identity key pair to fetch.

Responses
200
The request was successful.
application/json
400
A problem with the input fields has occurred. Additional state information plus metadata may be available in the response body.
application/json
401
Access token is missing or invalid
500
An internal error has occurred. Additional state information plus metadata may be available in the response body.
application/json
get
GET /key/read/{kid} HTTP/1.1
Host: 
x-api-key: YOUR_API_KEY
Accept: */*

{
  "kid": "text",
  "type": "Ed25519",
  "publicKeyHex": "text"
}

Create an identity key pair.

post

This endpoint creates an identity key pair associated with the user's account for custodian-mode clients.

Authorizations
Query parameters
typestring ยท enumOptional

Key type of the identity key pair to create.

Possible values:
Responses
200
The request was successful.
application/json
400
A problem with the input fields has occurred. Additional state information plus metadata may be available in the response body.
application/json
401
Access token is missing or invalid
500
An internal error has occurred. Additional state information plus metadata may be available in the response body.
application/json
post
POST /key/create HTTP/1.1
Host: 
x-api-key: YOUR_API_KEY
Accept: */*

{
  "kid": "text",
  "type": "Ed25519",
  "publicKeyHex": "text"
}
  • Why Identity Keys Matter
  • Step 1: Choose Your Key Type
  • Step 2: Hit the API below
  • POSTCreate an identity key pair.
  • Step 3 (Alternative): Fetch Identity Key Details
  • GETFetch an identity key pair.