# Deactivate a DID

Deactivating a DID marks it as **no longer active or in use**. This process updates the DID Document on the ledger to signal to verifiers, wallets, and other clients that the DID should no longer be trusted for interactions such as credential issuance or presentation.

Once a DID is deactivated:

* ✅ It cannot be updated again
* ❌ It cannot be reactivated
* 🛑 Applications resolving the DID will see its status marked as **deactivated**

***

## When to Deactivate a DID

You should deactivate a DID when:

* The associated identity (e.g. organisation, credential issuer) is no longer operating
* The cryptographic keys have been compromised or rotated to a new DID
* You want to enforce a clean break with no further updates to the DID Document

***

## Security Requirement

To prevent unauthorized deactivations, a `deactivate` request **must be signed by all of the Verification Method keys** listed in the current DID Document.

This ensures that **only the current controller(s)** of the DID can authorize its deactivation.

> 🔐 If even one required key is missing or invalid, the request will be rejected.

***

## How to Deactivate a DID

Use the API below to submit a request to deactivate a `did:cheqd` DID.

## Deactivate a DID Document.

> This endpoint deactivates a DID Document by taking the DID identifier as input. Must be called and signed by the DID owner.

```json
{"openapi":"3.0.0","info":{"title":"cheqd Studio API for cheqd network","version":"2.0.0"},"tags":[{"name":"Decentralized Identifiers (DIDs)"}],"servers":[{"url":"https://studio-api.cheqd.net","description":"Main (production) server"},{"url":"https://studio-api-staging.cheqd.net","description":"Staging server for testing"},{"url":"http://localhost:3000","description":"Local server for testing"}],"security":[{"ApiKeyAuth":[]}],"components":{"securitySchemes":{"ApiKeyAuth":{"type":"apiKey","name":"x-api-key","in":"header"}},"schemas":{"DidDeactivateRequest":{"type":"object","properties":{"publicKeyHexs":{"description":"List of key references (publicKeys) which will be used for signing the message. The should be in hexadecimal format and placed in the wallet of current user.","type":"array","items":{"type":"string"}}}},"DeactivatedDidResolution":{"type":"object","properties":{"@context":{"type":"string"},"didDidResolutionMetadata":{"$ref":"#/components/schemas/DidResolutionMetadata"},"didDocument":{"$ref":"#/components/schemas/DidDocument"},"didDocumentMetadata":{"$ref":"#/components/schemas/DeactivatedDidDocumentMetadata"}}},"DidResolutionMetadata":{"type":"object","properties":{"contentType":{"allOf":[{"$ref":"#/components/schemas/ContentType"}]},"retrieved":{"type":"string"},"did":{"$ref":"#/components/schemas/DidProperties"}}},"ContentType":{"type":"string","enum":["application/did+json","application/did+ld+json","application/ld+json","application/json"]},"DidProperties":{"type":"object","properties":{"didString":{"type":"string"},"method":{"type":"string"},"methodSpecificId":{"type":"string"}}},"DidDocument":{"description":"This input field contains either a complete DID document, or an incremental change (diff) to a DID document. See <a href=\"https://identity.foundation/did-registration/#diddocument\">Universal DID Registrar specification</a>.","type":"object","properties":{"@context":{"type":"array","items":{"type":"string"}},"id":{"type":"string"},"controllers":{"type":"array","items":{"type":"string"}},"verificationMethod":{"type":"array","items":{"$ref":"#/components/schemas/VerificationMethod"}},"service":{"type":"array","items":{"$ref":"#/components/schemas/Service"}},"authentication":{"type":"array","items":{"type":"string"}},"assertionMethod":{"type":"array","items":{"type":"string"}},"capabilityInvocation":{"type":"array","items":{"type":"string"}},"capabilityDelegation":{"type":"array","items":{"type":"string"}},"keyAgreement":{"type":"array","items":{"type":"string"}}}},"VerificationMethod":{"type":"object","properties":{"id":{"type":"string"},"type":{"type":"string"},"controller":{"type":"string"},"publicKeyMultibase":{"type":"string"},"publicKeyJwk":{"type":"array","items":{"type":"string"}}}},"Service":{"description":"Communicating or interacting with the DID subject or associated entities via one or more service endpoints. See <a href=\"https://www.w3.org/TR/did-core/#services\">DID Core specification</a> for more details.","type":"object","properties":{"id":{"description":"DID appended with Service fragment ID (e.g., `#service-1` in `did:cheqd:mainnet:7bf81a20-633c-4cc7-bc4a-5a45801005e0#service-1`)","type":"string"},"type":{"description":"Service type as defined in <a href=\"https://www.w3.org/TR/did-spec-registries/#service-types\">DID Specification Registries</a>.","type":"string"},"serviceEndpoint":{"description":"Service endpoint as defined in <a href=\"https://www.w3.org/TR/did-core/#services\">DID Core Specification</a>.","type":"array","items":{"type":"string"}},"priority":{"description":"(Optional) Priority of the service endpoint, used for distinction when multiple did-communication service endpoints are present in a single DID document.","type":"integer"},"recipientKeys":{"description":"(Optional) List of recipient keys used to denote the default recipients of an endpoint.","type":"array","items":{"type":"string"}},"routingKeys":{"description":"(Optional) List of routing keys used to used to denote the individual routing hops in between the sender and recipients.","type":"array","items":{"type":"string"}},"accept":{"description":"(Optional) List of media types that the service endpoint accepts.","type":"array","items":{"type":"string"}}}},"DeactivatedDidDocumentMetadata":{"type":"object","properties":{"created":{"type":"string"},"deactivated":{"type":"boolean"},"updated":{"type":"string"},"versionId":{"type":"string"},"linkedResourceMetadata":{"type":"array","items":{"$ref":"#/components/schemas/ResourceMetadata"}}}},"ResourceMetadata":{"type":"object","properties":{"resourceURI":{"type":"string"},"resourceCollectionId":{"type":"string"},"resourceId":{"type":"string"},"resourceName":{"type":"string"},"resourceType":{"type":"string"},"mediaType":{"type":"string"},"resourceVersion":{"type":"string"},"checksum":{"type":"string"},"created":{"type":"string"},"nextVersionId":{"type":"string"},"previousVersionId":{"type":"string"}}},"InvalidRequest":{"description":"A problem with the input fields has occurred. Additional state information plus metadata may be available in the response body.","type":"object","properties":{"error":{"type":"string"}}},"UnauthorizedError":{"description":"Access token is missing or invalid","type":"object","properties":{"error":{"type":"string"}}},"InternalError":{"description":"An internal error has occurred. Additional state information plus metadata may be available in the response body.","type":"object","properties":{"error":{"type":"string"}}}}},"paths":{"/did/deactivate/{did}":{"post":{"tags":["Decentralized Identifiers (DIDs)"],"summary":"Deactivate a DID Document.","description":"This endpoint deactivates a DID Document by taking the DID identifier as input. Must be called and signed by the DID owner.","parameters":[{"in":"path","name":"did","description":"DID identifier to deactivate.","schema":{"type":"string"},"required":true}],"requestBody":{"content":{"application/x-www-form-urlencoded":{"schema":{"$ref":"#/components/schemas/DidDeactivateRequest"}},"application/json":{"schema":{"$ref":"#/components/schemas/DidDeactivateRequest"}}}},"responses":{"200":{"description":"The request was successful.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/DeactivatedDidResolution"}}}},"400":{"$ref":"#/components/schemas/InvalidRequest"},"401":{"$ref":"#/components/schemas/UnauthorizedError"},"500":{"$ref":"#/components/schemas/InternalError"}}}}}}
```

## The DeactivatedDidResolution object

```json
{"openapi":"3.0.0","info":{"title":"cheqd Studio API for cheqd network","version":"2.0.0"},"components":{"schemas":{"DeactivatedDidResolution":{"type":"object","properties":{"@context":{"type":"string"},"didDidResolutionMetadata":{"$ref":"#/components/schemas/DidResolutionMetadata"},"didDocument":{"$ref":"#/components/schemas/DidDocument"},"didDocumentMetadata":{"$ref":"#/components/schemas/DeactivatedDidDocumentMetadata"}}},"DidResolutionMetadata":{"type":"object","properties":{"contentType":{"allOf":[{"$ref":"#/components/schemas/ContentType"}]},"retrieved":{"type":"string"},"did":{"$ref":"#/components/schemas/DidProperties"}}},"ContentType":{"type":"string","enum":["application/did+json","application/did+ld+json","application/ld+json","application/json"]},"DidProperties":{"type":"object","properties":{"didString":{"type":"string"},"method":{"type":"string"},"methodSpecificId":{"type":"string"}}},"DidDocument":{"description":"This input field contains either a complete DID document, or an incremental change (diff) to a DID document. See <a href=\"https://identity.foundation/did-registration/#diddocument\">Universal DID Registrar specification</a>.","type":"object","properties":{"@context":{"type":"array","items":{"type":"string"}},"id":{"type":"string"},"controllers":{"type":"array","items":{"type":"string"}},"verificationMethod":{"type":"array","items":{"$ref":"#/components/schemas/VerificationMethod"}},"service":{"type":"array","items":{"$ref":"#/components/schemas/Service"}},"authentication":{"type":"array","items":{"type":"string"}},"assertionMethod":{"type":"array","items":{"type":"string"}},"capabilityInvocation":{"type":"array","items":{"type":"string"}},"capabilityDelegation":{"type":"array","items":{"type":"string"}},"keyAgreement":{"type":"array","items":{"type":"string"}}}},"VerificationMethod":{"type":"object","properties":{"id":{"type":"string"},"type":{"type":"string"},"controller":{"type":"string"},"publicKeyMultibase":{"type":"string"},"publicKeyJwk":{"type":"array","items":{"type":"string"}}}},"Service":{"description":"Communicating or interacting with the DID subject or associated entities via one or more service endpoints. See <a href=\"https://www.w3.org/TR/did-core/#services\">DID Core specification</a> for more details.","type":"object","properties":{"id":{"description":"DID appended with Service fragment ID (e.g., `#service-1` in `did:cheqd:mainnet:7bf81a20-633c-4cc7-bc4a-5a45801005e0#service-1`)","type":"string"},"type":{"description":"Service type as defined in <a href=\"https://www.w3.org/TR/did-spec-registries/#service-types\">DID Specification Registries</a>.","type":"string"},"serviceEndpoint":{"description":"Service endpoint as defined in <a href=\"https://www.w3.org/TR/did-core/#services\">DID Core Specification</a>.","type":"array","items":{"type":"string"}},"priority":{"description":"(Optional) Priority of the service endpoint, used for distinction when multiple did-communication service endpoints are present in a single DID document.","type":"integer"},"recipientKeys":{"description":"(Optional) List of recipient keys used to denote the default recipients of an endpoint.","type":"array","items":{"type":"string"}},"routingKeys":{"description":"(Optional) List of routing keys used to used to denote the individual routing hops in between the sender and recipients.","type":"array","items":{"type":"string"}},"accept":{"description":"(Optional) List of media types that the service endpoint accepts.","type":"array","items":{"type":"string"}}}},"DeactivatedDidDocumentMetadata":{"type":"object","properties":{"created":{"type":"string"},"deactivated":{"type":"boolean"},"updated":{"type":"string"},"versionId":{"type":"string"},"linkedResourceMetadata":{"type":"array","items":{"$ref":"#/components/schemas/ResourceMetadata"}}}},"ResourceMetadata":{"type":"object","properties":{"resourceURI":{"type":"string"},"resourceCollectionId":{"type":"string"},"resourceId":{"type":"string"},"resourceName":{"type":"string"},"resourceType":{"type":"string"},"mediaType":{"type":"string"},"resourceVersion":{"type":"string"},"checksum":{"type":"string"},"created":{"type":"string"},"nextVersionId":{"type":"string"},"previousVersionId":{"type":"string"}}}}}}
```

## The DeactivatedDidDocumentMetadata object

```json
{"openapi":"3.0.0","info":{"title":"cheqd Studio API for cheqd network","version":"2.0.0"},"components":{"schemas":{"DeactivatedDidDocumentMetadata":{"type":"object","properties":{"created":{"type":"string"},"deactivated":{"type":"boolean"},"updated":{"type":"string"},"versionId":{"type":"string"},"linkedResourceMetadata":{"type":"array","items":{"$ref":"#/components/schemas/ResourceMetadata"}}}},"ResourceMetadata":{"type":"object","properties":{"resourceURI":{"type":"string"},"resourceCollectionId":{"type":"string"},"resourceId":{"type":"string"},"resourceName":{"type":"string"},"resourceType":{"type":"string"},"mediaType":{"type":"string"},"resourceVersion":{"type":"string"},"checksum":{"type":"string"},"created":{"type":"string"},"nextVersionId":{"type":"string"},"previousVersionId":{"type":"string"}}}}}}
```

## The DidDeactivateRequest object

```json
{"openapi":"3.0.0","info":{"title":"cheqd Studio API for cheqd network","version":"2.0.0"},"components":{"schemas":{"DidDeactivateRequest":{"type":"object","properties":{"publicKeyHexs":{"description":"List of key references (publicKeys) which will be used for signing the message. The should be in hexadecimal format and placed in the wallet of current user.","type":"array","items":{"type":"string"}}}}}}}
```