Appearance
Resolver Parameters
The Universal Resolver supports various advanced DID Resolution features using DID parameters and resolution error codes.
Instead of using DID parameters, these features can also be configured via the Resolver Configuration.
See https://github.com/decentralized-identity/did-spec-extensions for more information about DID parameters and resolution error codes.
checkValidDidDocument
This DID parameter is used to check if a DID document is valid, i.e. conformant with the DID data model. Possible values are ignore, warn, error.
The error code invalidDidDocument is returned in case of an error.
Request
bash
curl -H "Authorization: Bearer b082c420-df67-4b06-899c-b7c51d75fba0" \
-X GET "https://api.godiddy.com/1.0.0/universal-resolver/identifiers/did:indy:danube:63Nrjz6ARjXLNva5kY6WxC?checkValidDidDocument=error"1
2
2
Response
json
{
"@context": "https://w3id.org/did-resolution/v1",
"content": null,
"dereferencingMetadata": {
"error": "invalidDidDocument",
"errorMessage": "Error invalidDidDocument from resolver: Invalid DID document",
"validationProblems": [
{
"value": "id",
"error": "there must be one 'id' in 'service'"
}
]
},
"contentMetadata": {}
}1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
2
3
4
5
6
7
8
9
10
11
12
13
14
15
checkMethod
This DID parameter is used to check if the DID method is not allowed, based on an allow-list and deny-list. Possible values are ignore, warn, error.
The error code notAllowedMethod is returned in case of an error.
Request
bash
curl -H "Authorization: Bearer b082c420-df67-4b06-899c-b7c51d75fba0" \
-X GET "https://api.godiddy.com/1.0.0/universal-resolver/identifiers/did:indy:danube:63Nrjz6ARjXLNva5kY6WxC?checkMethod=error"1
2
2
Response
json
{
"@context": "https://w3id.org/did-resolution/v1",
"didDocument": null,
"didResolutionMetadata": {
"error": "notAllowedMethod"
},
"didDocumentMetadata": {}
}1
2
3
4
5
6
7
8
2
3
4
5
6
7
8
checkKeyType
This DID parameter is used to check if the DID document contains a key type that is not allowed, based on an allow-list and deny-list. Possible values are ignore, warn, error.
The error code notAllowedKeyType is returned in case of an error.
Request
bash
curl -H "Authorization: Bearer b082c420-df67-4b06-899c-b7c51d75fba0" \
-X GET "https://api.godiddy.com/1.0.0/universal-resolver/identifiers/did:indy:danube:63Nrjz6ARjXLNva5kY6WxC?checkType=error"1
2
2
Response
json
{
"@context": "https://w3id.org/did-resolution/v1",
"didDocument": null,
"didResolutionMetadata": {
"error": "notAllowedKeyType"
},
"didDocumentMetadata": {}
}1
2
3
4
5
6
7
8
2
3
4
5
6
7
8
checkVerificationMethodType
This DID parameter is used to check if the DID document contains a verification method with a type that is not allowed, based on an allow-list and deny-list. Possible values are ignore, warn, error.
The error code notAllowedVerificationMethodType is returned in case of an error.
Request
bash
curl -H "Authorization: Bearer b082c420-df67-4b06-899c-b7c51d75fba0" \
-X GET "https://api.godiddy.com/1.0.0/universal-resolver/identifiers/did:indy:danube:63Nrjz6ARjXLNva5kY6WxC?checkVerificationMethodType=error"1
2
2
Response
json
{
"@context": "https://w3id.org/did-resolution/v1",
"didDocument": null,
"didResolutionMetadata": {
"error": "notAllowedVerificationMethodType"
},
"didDocumentMetadata": {}
}1
2
3
4
5
6
7
8
2
3
4
5
6
7
8
checkLocalDerivedKey
This DID parameter is used to check if derived keys have been detected in the DID document, e.g. an X25519 key derived from an Ed25519 key. Possible values are ignore, warn, error.
The error code notAllowedLocalDerivedKey is returned in case of an error.
Request
bash
curl -H "Authorization: Bearer b082c420-df67-4b06-899c-b7c51d75fba0" \
-X GET "https://api.godiddy.com/1.0.0/universal-resolver/identifiers/did:web:danubetech.com:did:test1?notAllowedLocalDerivedKey=error"1
2
2
Response
json
{
"@context": "https://w3id.org/did-resolution/v1",
"didDocument": null,
"didResolutionMetadata": {
"error": "notAllowedLocalDerivedKey",
"errorMessage": "Error notAllowedLocalDerivedKey from resolver: Not allowed derived local verification methods: did:web:danubetech.com:did:test1#z6LSgCp1mGKMhPZ7VgbNoojE68yG7ubcGj87fBBhco2YP7LP from did:web:danubetech.com:did:test1#z6Mkt4AdazSYghXf69YfaYCms4qcrvwGA3yq7z8AifUzgrQz",
"derivedVerificationMethodId": "did:web:danubetech.com:did:test1#z6LSgCp1mGKMhPZ7VgbNoojE68yG7ubcGj87fBBhco2YP7LP",
"derivingVerificationMethod": "did:web:danubetech.com:did:test1#z6Mkt4AdazSYghXf69YfaYCms4qcrvwGA3yq7z8AifUzgrQz"
},
"didDocumentMetadata": {}
}1
2
3
4
5
6
7
8
9
10
11
2
3
4
5
6
7
8
9
10
11
checkLocalDuplicateKey
This DID parameter is used to check if duplicate keys have been detected in the DID document. Possible values are ignore, warn, error.
The error code notAllowedLocalDuplicateKey is returned in case of an error.
Request
bash
curl -H "Authorization: Bearer b082c420-df67-4b06-899c-b7c51d75fba0" \
-X GET "https://api.godiddy.com/1.0.0/universal-resolver/identifiers/did:web:danubetech.com:did:test2?checkLocalDuplicateKey=error"1
2
2
Response
json
{
"@context": "https://w3id.org/did-resolution/v1",
"didDocument": null,
"didResolutionMetadata": {
"error": "notAllowedLocalDuplicateKey",
"errorMessage": "Error notAllowedLocalDuplicateKey from resolver: Not allowed duplicate local verification methods: did:web:danubetech.com:did:test2#key-2 and did:web:danubetech.com:did:test2#key-1",
"duplicateLocalVerificationMethods": [
"did:web:danubetech.com:did:test2#key-1",
"did:web:danubetech.com:did:test2#key-2"
]
},
"didDocumentMetadata": {}
}1
2
3
4
5
6
7
8
9
10
11
12
13
2
3
4
5
6
7
8
9
10
11
12
13
checkGlobalDuplicateKey
This DID parameter is used to check if duplicate keys have been detected between the DID document and other globally known DID documents. Possible values are ignore, warn, error.
The error code notAllowedGlobalDuplicateKey is returned in case of an error.
Request
bash
curl -H "Authorization: Bearer b082c420-df67-4b06-899c-b7c51d75fba0" \
-X GET "https://api.godiddy.com/1.0.0/universal-resolver/identifiers/did:web:danubetech.com:did:test2?checkGlobalDuplicateKey=error"1
2
2
Response
json
{
"@context": "https://w3id.org/did-resolution/v1",
"didDocument": null,
"didResolutionMetadata": {
"error": "notAllowedGlobalDuplicateKey"
},
"didDocumentMetadata": {}
}1
2
3
4
5
6
7
8
2
3
4
5
6
7
8
checkDns
This DID parameter is used to check if a DID document contains a domain name that cannot be verified via DNS, according to the High Assurance DIDs with DNS specification, based on an allow-list and deny-list. Possible values are ignore, warn, error.
The error code notAllowedDns is returned in case of an error.
Request
bash
curl -H "Authorization: Bearer b082c420-df67-4b06-899c-b7c51d75fba0" \
-X GET "https://api.godiddy.com/1.0.0/universal-resolver/identifiers/did:web:danubetech.com:did:test7?checkDns=error"1
2
2
Response
json
{
"@context": "https://w3id.org/did-resolution/v1",
"didDocument": null,
"didResolutionMetadata": {
"error": "notAllowedDns"
},
"didDocumentMetadata": {}
}1
2
3
4
5
6
7
8
2
3
4
5
6
7
8
checkCertificate
This DID parameter is used to check if a DID document contains a key that cannot be traced back to a trusted certificate authority, based on an allow-list and deny-list. Possible values are ignore, warn, error.
The error code notAllowedCertificate is returned in case of an error.
Request
bash
curl -H "Authorization: Bearer b082c420-df67-4b06-899c-b7c51d75fba0" \
-X GET "https://api.godiddy.com/1.0.0/universal-resolver/identifiers/did:web:danubetech.com:did:test4?checkCertificate=error"1
2
2
Response
json
{
"@context": "https://w3id.org/did-resolution/v1",
"didDocument": null,
"didResolutionMetadata": {
"error": "notAllowedCertificate"
},
"didDocumentMetadata": {}
}1
2
3
4
5
6
7
8
2
3
4
5
6
7
8