Over the past few months more than 1,000 enterprises with premium subscriptions have issued and verified tens of thousands of verifiable credentials for use across a wide variety of scenarios ranging from remote onboarding at work, collaboration across business boundaries as well as enabling education beyond the campus. Verifiable credentials is a new W3C standard that enables end-users to easily present digital credentials representing their employment, education, or other endorsements in a tamperproof, secure, and verifiable manner. I’m thrilled to announce that we are extending the public preview of verifiable credentials, with extended capabilities, for all Azure Active Directory (Azure AD) Free and Premium users.
“We’ve already identified around 60 different use cases for verifiable credentials. It’s so flexible that it can be used in potentially hundreds of different ways throughout an organization.” - Read the full customer story from Avanade here
We are grateful for the feedback from customers and the decentralized identity community to help refine the experience for end-users, administrators, and developers. Today, we are excited to share these updates to the platform and can’t wait to see the new scenarios as more customers and developers can issue and verify credentials at scale, with confidence.
What’s new
Verifiable credentials in Azure AD are now available to everyone with an Azure AD subscription and a full list of platform updates are on our “What’s New” documentation page, but here’s a quick read of the highlights:
Privacy respecting status check
We have further extended privacy capabilities for verifiable credentials users by adding support for the W3C status list standard that allow privacy preserving status checks for users, issuers, and relying party. Detailed documentation available here.
Delivering a top-notch developer experience
Our APIs keep evolving. In the past year, we deprecated our Node.js SDK to bring a richer developer experience with the new Request Service API that can be used to create solutions for issuers and verifiers of verifiable credentials. We’ll continue in our API-first journey as well as plan to integrate with the larger set of Azure APIs so developers can interact with verifiable credentials as a first-class citizen of the stack. You can get started by trying any of our sample applications or test our API directly using Postman.
Improved compliance in Europe
The data for Azure AD Verifiable Credentials will now be processed in the EU for tenants located in that region. Learn more about data residency in Azure and our commitment to protecting customer data as part of the Microsoft EU Data Boundary program.
And this is just the beginning!
In future iterations we look forward to including a low-code, no-code experience to issue and verify credentials based on directory attributes as well as custom data sources, APIs to integrate the administrator experience as part of your workflow that will allow for simplified discovery of trusted issuers across the verifiable credentials in Azure AD Verifiable Credentials Network, and much more!
All Azure AD subscribers now have access to create, issue, and verify credentials so check out our get started resources below:
Get started:
- Public preview of verifiable credentials in Azure AD
- Full list of updates: See what’s new in the public preview release
As always, we’d love to hear any feedback or suggestions you may have. Please let us know what you think in the comments below, on Twitter (@AzureAD) or in the Azure Feedback Forum.
Learn more about verified credentials and decentralized identity
What exactly are verifiable credentials? Each verifiable credential is a signed container of identity data from an authoritative source (Issuer) that an individual or entity (Holder) can choose to share with another entity (Verifier). As a service capability in Azure AD, we make it easy for you to issue and verify verifiable credentials that represent proof of employment, education, or any other claim, so that the holder of such a credential can decide when, and with whom, to share their credentials. This enables a new kind of identity verification that is better at protecting your privacy and security, and is also reusable, making it more convenient for you!
If you want to learn more, check out these additional resources:
- Get customer stories and verifiable credentials resources at aka.ms/verifyonce
- Understand the basics of decentralized identity via our five-part blog series
- Learn more about the decentralized identity movement at aka.ms/ownyouridentity
- Get involved with http://identity.foundation , the industry working group for all things Decentralized ID (DID)
- Quick overview: http://aka.ms/didexplained
- Documentation for developers: http://aka.ms/didfordevs
Learn more about Microsoft identity:
- Return to the Azure Active Directory Identity blog home
- Join the conversation on Twitter and LinkedIn
- Share product suggestions on the Azure Feedback Forum