Domain Verification

Verify your domain ownership for enhanced security and increased user trust.

Domain Verification service is a security feature of Affinidi Trust Network that enables developers to verify the domain ownership displayed in the Affinidi Vault’s consent screen. It empowers users to decide whether to share their data with the requesting domain.

Benefits of Domain Verification

Enhanced Security: Domain Verification provides proof of control over the domain. It adds the Verified by Affinidi checkmark on the consent page, which informs users that they are securely sharing their data to the correct website.
Increased User Trust: Domain Verification strengthens user confidence in the website as Affinidi verifies the developer’s domain ownership, leading to better user engagement and data sharing.

How Domain Verification Works

sequenceDiagram
    actor Developer
    participant Affinidi Portal
    participant Domain Verification
    participant Website

    Developer->>Affinidi Portal: Verify Domain
    Affinidi Portal->>Domain Verification: Configured domain value
    Domain Verification->>Domain Verification: Generates a did:web document based on configured domain
    Domain Verification->>Affinidi Portal: Respond with the did:web document
    Affinidi Portal->>Developer: Downloads the did:web document
    Developer-->>Website: Upload the did:web document to the specified location
    Developer->>Affinidi Portal: Clicked on "I've hosted it"
    Affinidi Portal->>Domain Verification: Initiate verification of the did:web document
    Domain Verification->>Website: Parse the did:web document on the specified path
    Domain Verification->>Domain Verification: Verifies that the did:web document is valid
    Domain Verification->>Affinidi Portal: Respond with the verification status
    Affinidi Portal->>Affinidi Portal: Update the Login Configuration with verified domain

Using the Domain Verification service in the Affinidi Portal, the service will generate a did:web document that developers must upload to the hosting server in the following path - https://[DOMAIN]/.well-known/did.json. After the file is hosted on the specified location, the service will parse the did:web document to validate the content and update the domain as verified if successful.

Once the configured domain is verified, users will see a checkmark on the Consent flow when sharing their data to ensure they share it with the verified domain.

To verify the domain configured on the Login Configuration, go to the Affinidi Login page of Affinidi Portal.

Note

The domain must be secured by a TLS/SSL certificate (e.g. HTTPS) to successfully verify it.

Open the Login Configuration if you would like to have the domain verified.
Click on the Verify button in the Configuration Details section.

Confirm that the domain value is correct and click on Continue button.

If you need to update the value, click on the Login Configuration Detail link and update the Origin URL field.

The service will generate the required did:web document (as an example below). Download the did:web document.

{
  "id": "did:web:mywebsite.com",
  "@context": "https://w3id.org/security/v2",
  "publicKey": [
    {
      "id": "did:web:mywebsite.com#primary",
      "type": "Secp256k1VerificationKey2018",
      "publicKeyHex": "0338e112f1ebefb3114e7b8d41d6f5068e063b0a86345a455af952285987hyfr69",
      "controller": "did:web:mywebsite.com"
    }
  ],
  "verificationMethod": [
    {
      "id": "did:web:mywebsite.com#primary",
      "controller": "did:web:mywebsite.com",
      "type": "Secp256k1VerificationKey2018",
      "publicKeyHex": "0338e112f1ebefb3114e7b8d41d6f5068e063b0a86345a455af952285987hyfr69"
    }
  ],
  "authentication": [
    "did:web:mywebsite.com#primary"
  ],
  "assertionMethod": [
    "did:web:mywebsite.com#primary"
  ]
}

Upload the downloaded did:web document in the .well-known directory of your website and ensure the file name is did.json.

For example, if you specified the domain as https://mywebsite.com, you must upload the did:web document in the location https://mywebsite.com/.well-known/did.json.

Once you upload the did.json file, go back to the Affinidi Portal - Domain Verification page and click on I’ve hosted it button to start the verification.

Once successful, the Login Configuration will be updated with a verified domain, and the same verified tag will be reflected on Affinidi Vault’s consent page when users share their data.

If the verification fails, ensure that you have uploaded the did.json file to the correct path - https://[DOMAIN]/.well-known/did.json and the path is publicly accessible, then click on the Retry button.

Once Affinidi verifies the domain, users will see a verified checkmark on the Consent screen of the Affinidi Vault when sharing their data, increasing user trust and providing better user experience.

Guides to Verify Domain on Different Platforms

Follow the guides below to verify your domains hosted on different platforms and get a verified checkmark on the Affinidi Vault consent screen when users share their data.

Verify Domain with Shopify Website

If you use a Shopify website and want to verify your domain, this guide will help you publish a did:web document on your Shopify site. By default, Shopify sites won’t allow store owners to publish any document/file at a specific path. However, following the steps below, you can host the did:web document.

Download the DID Document

If you haven’t yet downloaded your did:web document, follow the steps here to download did.json.

Upload the did.json File as a Content File
- Go to your Shopify Admin portal and select your store.
- Click on Content > Files in the menu on the bottom left side.
- Upload your did.json file by clicking the Upload files button on the right side of the page.
- Copy the file link in the screenshot once the document is uploaded.

Domain Verification - Shopify Upload File

Add a Redirection Rule
- Click on the Sales Channels > Online Store > Navigation in the menu on the bottom left side.
- Click on the View URL redirects button on the right side of the page.
- Click on Create URL redirect button to create a new redirection rule with the following details:
  - Set Redirect from to /.well-known/did.json
  - Set Redirect to to the Content file URL copied from the previous step.
  - Click on Save redirect button to save the rule.

Domain Verification - Shopify redirect rule

Verify the Redirection
Ensure the redirection works by opening your did:web document URL, e.g., https://[DOMAIN]/.well-known/did.json.
Complete Domain Verification
Return to the Affinidi Portal - Domain Verification page and click the I’ve hosted it button to start the verification.

By following these steps, you should be able to successfully publish and verify your did:web document on your Shopify website.

Once Affinidi verifies the domain, users will see a verified checkmark on the Consent screen of the Affinidi Vault when sharing their data, increasing user trust and providing a better user experience.

Was this page helpful?

Glad to hear it! Please tell us how we can improve more.

Sorry to hear that. Please tell us how we can improve.

Thank you for sharing your feedback so we can improve your experience.