# Create a Subject DID

In decentralized identity systems, **Holders** (also referred to as **Subjects**) are the recipients of **Verifiable Credentials**—typically representing individuals, organisations, objects or devices.

To enable credential interactions such as **receiving**, **presenting**, and **proving control** over an identity, each Holder needs a unique cryptographic key pair. This key pair is used to create a **Decentralized Identifier (DID)** that represents their identity.

***

## Use Cases for Holder Identity Keys

After generating a key pair using the API below, you can use it to:

* ✅ **Generate a `did:key` identifier**, an off-ledger, self-contained DID that is ideal for lightweight identity use cases

***

## Why Use `did:key` for Holders?

The `did:key` method is a simple, deterministic DID method that embeds the Holder’s public key directly into the DID itself. It doesn’t require blockchain anchoring, making it:

* ⚡ **Fast and lightweight** – no on-ledger operations required
* 🔐 **Privacy-preserving** – good for ephemeral or throwaway identifiers
* 🧪 **Useful for testing and interoperability** – widely supported by wallets and agent frameworks
* 🧍 **Ideal for Holder/Subject identities** – where the main role is to receive and present credentials rather than issue them

Many ecosystems choose `did:key` for **wallet-based identities**, while keeping issuer DIDs on-ledger (e.g. `did:cheqd`) to ensure resolvability and public trust.

Take a deeper look into the `did:key` specification here:

<table data-card-size="large" data-view="cards"><thead><tr><th></th><th></th><th data-hidden data-card-target data-type="content-ref"></th></tr></thead><tbody><tr><td><mark style="color:blue;"><strong>Create a  did:key DID</strong></mark></td><td>Create an off-ledger 'holder' or 'subject' DID, of the <code>did:key</code> method using the specification.</td><td><a href="https://w3c-ccg.github.io/did-key-spec/">https://w3c-ccg.github.io/did-key-spec/</a></td></tr></tbody></table>

{% hint style="success" %}
Note that there are also perfectly valid use cases for using a `did:cheqd` DID for a 'Holder' or 'Subject' DID as well, where it is valuable to have the 'Holder' / 'Subject' identifiable on-chain.&#x20;

For example, AI Agents, Organisations or products in a supply chain are good use cases for using `did:cheqd`. &#x20;

This is because the 'Holder' / 'Subject' does not have Personally Identifiable Information (PII) associated with it.
{% endhint %}

***

## Get Started

To create a `did:key` DID, you can generate an identity key pair using the API below on cheqd Studio.

## Create an identity key pair.

> This endpoint creates an identity key pair associated with the user's account for custodian-mode clients.

```json
{"openapi":"3.0.0","info":{"title":"cheqd Studio API for cheqd network","version":"2.0.0"},"tags":[{"name":"Keys"}],"servers":[{"url":"https://studio-api.cheqd.net","description":"Main (production) server"},{"url":"https://studio-api-staging.cheqd.net","description":"Staging server for testing"},{"url":"http://localhost:3000","description":"Local server for testing"}],"security":[{"ApiKeyAuth":[]}],"components":{"securitySchemes":{"ApiKeyAuth":{"type":"apiKey","name":"x-api-key","in":"header"}},"schemas":{"KeyResult":{"type":"object","properties":{"kid":{"type":"string"},"type":{"type":"string","enum":["Ed25519","Secp256k1"]},"publicKeyHex":{"type":"string"}}},"InvalidRequest":{"description":"A problem with the input fields has occurred. Additional state information plus metadata may be available in the response body.","type":"object","properties":{"error":{"type":"string"}}},"UnauthorizedError":{"description":"Access token is missing or invalid","type":"object","properties":{"error":{"type":"string"}}}}},"paths":{"/key/create":{"post":{"tags":["Keys"],"summary":"Create an identity key pair.","description":"This endpoint creates an identity key pair associated with the user's account for custodian-mode clients.","parameters":[{"name":"type","description":"Key type of the identity key pair to create.","in":"query","schema":{"type":"string","enum":["Ed25519"]}}],"responses":{"200":{"description":"The request was successful.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/KeyResult"}}}},"400":{"description":"A problem with the input fields has occurred. Additional state information plus metadata may be available in the response body.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InvalidRequest"}}}},"401":{"$ref":"#/components/schemas/UnauthorizedError"},"500":{"description":"An internal error has occurred. Additional state information plus metadata may be available in the response body.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InvalidRequest"}}}}}}}}}
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.cheqd.io/product/studio/dids/create-subject-did.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.