Identity Management the Decentralized Way
Identity management is on the verge of a paradigm shift. It is moving from centralized, federated methods to decentralized ones of providing, proving, and sharing identity data between trusted parties. This brings benefits such as:
Users being in control of their data and identity
Organizations don't need to store and manage vast amounts of PII
A universal approach to handling identifiers
Experimental Support in The Curity Identity Server
The Curity Identity Server version 8.2 introduced the ability to issue verifiable credentials using the OpenID for Verifiable Credential Issuance draft specification. The feature is available when enabled with a feature flag and allows users to experiment with credentials and plan how to prepare for this new identity paradigm.
Decentralized Identity Explained
What Are Decentralized Identifiers?
Decentralized identifiers are a type of Uniform Resource Identifier (URI). They are identified via the DID scheme, followed by a method name and a method-specific identifier. They are resolved to keys that can be used to verify an identity.
Myths and Truths About Decentralized Identifiers
What are Verifiable Credentials?
Compared to Decentralized Identifiers (DID) documents and publicly available keys, verifiable credentials are personal and securely stored by the credential holder (e.g., in a wallet). By keeping verifiable credentials private, the holder can control the timing and context in which to share a credential and can do so without involving the authority. Novelly, when the holder chooses to present them to a relying party, the issuer has no knowledge of the transaction or the relying party. These characteristics enable self-controlled identities, also called self-sovereign identities.
Easily Exchange Digital Credentials with a Digital Wallet
Explore issuance and verification of digital credentials
Read More about Digital Wallet
Decentralized Identities Changes Everything, Even Your APIs
In this talk, Jacob Ideskog, CTO at Curity, walks through the paradigm shift that is happening with the advent of decentralized identity. When thinking about identity, we tend to think about user accounts, available somewhere in the organization’s data sources. But how will this change when the identities are decentralized, and how do we make sure our APIs can make the right decisions about access?
