CX-0049 DID Document v2.2.0
ABSTRACT
This standard defines requirements for the DID document of a Catena-X participant's wallet.
1. INTRODUCTION
The DID document is a fundamental and mandatory concept in Self-Sovereign Identity (SSI). It is a public document that contains the DID controller's public key, several service endpoints associated with the DID controller, and potentially other information. Knowledge of a DID allows to resolve the DID and is therefore sufficient to get access to the corresponding DID document.
1.1 AUDIENCE & SCOPE
This section is non-normative
AUDIENCE
This standard is relevant for the following roles (see CX-0149 for more information about Catena-X-compliant wallets):
- Core Service Providers, in the context of provisioning wallets to participants
- participants, as they each must have a wallet associated with a compliant DID document
SCOPE
This standard defines the requirements a DID document must fulfil in order to be used by a participant in the Catena-X dataspace. It does not define:
1.2 CONTEXT AND ARCHITECTURE FIT
This section is non-normative
Every participant in the Catena-X dataspace is associated with and in control of their own Decentralized Identifier (DID). Every DID has an associated DID document, which can be obtained simply by having knowledge of the DID. DID documents are public documents! While only the DID controller ("owner") may have write access, everyone has read access. They contain information which the participant wants to make publicly available, such as their public key or service endpoints. A participant's DID document is usually hosted by the participant's wallet, but may be hosted elsewhere.
1.3 ARCHITECTURE OVERVIEW
This section is non-normative
Not applicable.
1.4 CONFORMANCE
As well as sections marked as non-normative, all authoring guidelines, diagrams, examples, and notes in this specification are non-normative. Everything else in this specification is normative.
The keywords MAY, MUST, MUST NOT, OPTIONAL, RECOMMENDED, REQUIRED, SHOULD and SHOULD NOT in this document document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.
1.5 PROOF OF CONFORMITY
This section is non-normative
Not applicable. See [CX-0149], which requires Catena-X-compliant wallets be associated with a DID document compliant with this standard.
1.6 TERMINOLOGY
This section is non-normative
Not applicable.
2. MAIN CONTENT
The DID document of a Catena-X participant's wallet MUST be compliant with the Decentralized Identifiers (DIDs) v1.0 specification. Additionally, the DID document MUST be compliant with the for DID documents specified in the Decentralized Claims Protocol (DCP) v1.0. Especially, the required service of type "CredentialService" MUST be a Credential Service as defined in the DCP v1.0 sec 5.2, and it MUST be a Catena-X-compliant credential service/wallet as defined in CX-0149. Where the DID document contains a service of type "DataService", the corresponding "serviceEndpoint" MUST resolve to a Data Service as specified in the Dataspace Protocol 2025-1-RC2.
2.1 DID DOCUMENT SCHEMA
This section is normative
The DID document of a Catena-X participant MUST be compliant with the following schema:
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"type": "object",
"required": [
"@context",
"id",
"service",
"verificationMethod",
"authentication",
"capabilityInvocation"
],
"properties": {
"@context": {
"type": "array",
"items": {
"type": "string"
},
"contains": {
"type": "string",
"enum": [
"https://www.w3.org/ns/did/v1",
"https://w3id.org/security/suites/jws-2020/v1",
"https://w3id.org/dspace-dcp/v1.0/dcp.jsonld",
"https://w3id.org/dspace/2025/1/context.jsonld"
]
},
"minContains": 4
},
"id": {
"type": "string"
},
"service": {
"type": "array",
"items": {
"type": "object",
"required": [
"id",
"type",
"serviceEndpoint"
],
"properties": {
"id": {
"type": "string",
"format": "uri"
},
"type": {
"type": "string"
},
"serviceEndpoint": {
"type": "string",
"format": "uri"
}
}
},
"contains": {
"type": "object",
"properties": {
"type": {
"const": "CredentialService"
}
}
}
},
"verificationMethod": {
"type": "array",
"items": {
"type": "object",
"required": [
"id",
"type",
"publicKeyJwk"
],
"properties": {
"id": {
"type": "string"
},
"type": {
"type": "string"
},
"controller": {
"type": "string"
},
"publicKeyJwk": {
"type": "object",
"required": [
"kty",
"crv",
"x",
"y"
],
"properties": {
"kty": {
"type": "string"
},
"crv": {
"type": "string"
},
"x": {
"type": "string"
},
"y": {
"type": "string"
}
}
}
}
}
},
"authentication": {
"type": "array",
"items": {
"type": "string"
}
},
"capabilityInvocation": {
"type": "array",
"items": {
"type": "string"
}
},
"assertionMethod": {
"type": "array",
"items": {
"type": "string"
}
}
}
}
2.2 DID DOCUMENT EXAMPLE
This section is non-normative
Below is a non-normative, illustrative example of a valid DID document.
{
"@context": [
"https://www.w3.org/ns/did/v1",
"https://w3id.org/security/suites/jws-2020/v1",
"https://w3id.org/dspace-dcp/v1.0/dcp.jsonld",
"https://w3id.org/dspace/2025/1/context.jsonld"
],
"id": "did:web:example.com/sub/path",
"service": [
{
"type": "CredentialService",
"serviceEndpoint": "https://credential-service-example.com",
"id": "did:web:example.com#CredentialService"
},
{
"type": "DataService",
"serviceEndpoint": "https://subdomain.provider-domain.com/subpath/.well-known/dspace-version",
"id": "did:web:provider-domain.com#dsp-agent-1"
}
],
"verificationMethod": [
{
"id": "did:web:example.com#keys-82of94hf-j20f-8fn4-9fj3-93hjv0384nfl",
"type": "JsonWebKey2020",
"controller": "did:web:example.com",
"publicKeyJwk": {
"kty": "EC",
"crv": "secp256k1",
"x": "9jnfg6e4fK97rfvJo975ojkdxsy6qmcvk69Djkdf56e",
"y": "8bdtb734civgR49tiDS4ax9klbZ45dsh832nchfhRv2"
}
},
{
"id": "did:web:example.com#keys-93uwifie-9x33-9fn4-cv93-89f19bmnqxod",
"type": "JsonWebKey2020",
"controller": "did:web:example.com",
"publicKeyJwk": {
"kty": "EC",
"crv": "secp256k1",
"x": "9c29fn9823mxdufw349mxfj49cjtr89mxjr349fxnjf",
"y": "0ymei1920yks129x0mk2390ucm849cfmnj489mxdkew"
}
}
],
"authentication": [
"did:web:example.com#keys-02v9209fmxjfw93c0mjfw30mxf3490fmcx34"
],
"capabilityInvocation": [
"did:web:example.com#keys-0xm10di23fuc9834fumx89fwjxm9342j02hj"
]
}
3 REFERENCES
3.1 NORMATIVE REFERENCES
W3C Decentralized Identifiers [https://www.w3.org/TR/did-core/] W3C DID Document properties [https://www.w3.org/TR/did-spec-registries/#did-document-properties] W3C-CCG did:web method [https://w3c-ccg.github.io/did-method-web/]
3.2 NON-NORMATIVE REFERENCES
This section is non-normative
Not applicable.
3.3 REFERENCE IMPLEMENTATIONS
This section is non-normative
Not applicable.
ANNEXES
FIGURES
This section is non-normative
Not applicable.
TABLES
This section is non-normative
Not applicable.
Legal
Copyright © 2025 Catena-X Automotive Network e.V. All rights reserved. For more information, please visit here.