Testing Azure AD Verifiable Credentials Preview

Microsoft announced Azure AD Verifiable Credentials a month ago. It is a platform you can use to design and issue verifiable credentials to represent proof of employment, education or any other claim. Holder of the credential can decide who to share their credentials with and they can present credentials by using Microsoft Authenticator. Credentials is signed by using cryptographic keys associated with the DID that the user owns and controls.

Here is a good link to the documentation that explains how it works in detail:

https://docs.microsoft.com/en-us/azure/active-directory/verifiable-credentials/decentralized-identifier-overview

There is an excellent tutorial as well, if you like to try it out:

https://docs.microsoft.com/en-us/azure/active-directory/verifiable-credentials/enable-your-tenant-verifiable-credentials

I have tested it and it went quite smoothly, one thing that it doesn’t explain well, is how to verify your domain. Let me share how I did it.

I created a Storage Account (GPV2) and enabled Static website.

Then I created Azure CDN (to enable HTTPS for it). I also added a few DNS records:

vc.bay.fi CNAME bayvcd1.azureedge.net

cdnverify.bay.fi CNAME cdnverify.bayvcd1.azureedge.net

I added a custom domain (vc.bay.fi) to CDN (cdnverify.bay.fi is needed for verification).

I downloaded the did-configration.json file from the Verifiable Credentials Settings.

Uploaded the file to $web container in my Storage Account.

And Voilà! My domain shows as verified.

I will get back to this topic, when I have more to share, but in the meanwhile go ahead and test it yourself and let me know if you have any questions.

Update:

Azure Static Web Apps are GA now:

https://azure.microsoft.com/en-gb/pricing/details/app-service/static/

I would now prefer that option for publishing .json file.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: