search
cheqd StudioSupport / Bug Reports
githubEdit

Create Identity Keys

Create a standalone public/private keypair, used to create Decentralized Identifiers (DIDs), using cheqd Studio.

In decentralized identity systems, all actors—whether Issuers, Holders, or Verifiers—require cryptographic keys to prove control over a Decentralized Identifier (DID) and to sign or verify interactions (e.g. credential issuance or presentation).

This tutorial guides you through generating a key pair that can be used to:

  • ✅ Create a new DID (e.g. did:cheqd or did:key)

  • ✅ Import into cheqd Studio for identity operations

  • ✅ Use directly in SDKs or agent frameworks that support key-based identity

hashtag
Why Identity Keys Matter

DIDs are built on public-private key cryptography. The public key is embedded in or referenced by the DID Document, while the private key remains securely held by the actor controlling the identity.

Without keys, you can’t:

  • Create a DID

  • Authenticate or prove control of an identity

  • Sign or verify credentials and presentations

  • Rotate or deactivate identifiers

hashtag
Step 1: Choose Your Key Type

cheqd Studio supports two cryptographic key types for identity operations:

Key Type
Use Case / Notes

Ed25519

The default and recommended key type for most DID and Verifiable Credential operations. Fast, secure, and widely supported across agent frameworks.

secp256k1

A widely adopted elliptic curve used in blockchain ecosystems (e.g. Bitcoin, Ethereum). Useful for cross-chain identity interoperability or aligning with Web3 wallets.

✅ Choose Ed25519 for identity-specific use cases. Use secp256k1 if you need compatibility with blockchain-based tooling, wallets, or ecosystems that already rely on this curve.

hashtag
Step 2: Hit the API below

Use the API below to create and generate your new identity key pair of either type Ed25519 or secp256k1.

hashtag
Create an identity key pair.

post
/key/create

This endpoint creates an identity key pair associated with the user's account for custodian-mode clients.

Authorizations
x-api-keystringRequired
Query parameters
typestring · enumOptional

Key type of the identity key pair to create.

Possible values:
Responses
chevron-right
200

The request was successful.

application/json
post
/key/create

hashtag
Step 3 (Alternative): Fetch Identity Key Details

If you've already generated a key pair using cheqd Studio and want to retrieve, reference or use it later, you can do so by referencing its Key ID (kid). This is useful for:

  • Recovering key material generated earlier (e.g., to construct a DID or sign a credential)

  • Working with shared or externally provisioned keys

  • Avoiding duplicate key creation when managing identities programmatically

hashtag
Fetch an identity key pair.

get
/key/read/{kid}

This endpoint fetches an identity key pair's details for a given key ID. Only the user account associated with the custodian-mode client can fetch the key pair.

Authorizations
x-api-keystringRequired
Path parameters
kidstringRequired

Key ID of the identity key pair to fetch.

Responses
chevron-right
200

The request was successful.

application/json
get
/key/read/{kid}

Last updated

Was this helpful?