Microsoft Entra with "Web" trust system showing "did:ion" subject

Raúl Piracés Alastuey 20 Reputation points
2023-07-11T10:58:37.8966667+00:00

Hello,

I have set up Microsoft Entra for my AD and configured all correctly with "Web" trust system (not "ION").

Then I have followed a simple sample from "Azure-Samples" GitHub at https://github.com/Azure-Samples/active-directory-verifiable-credentials-dotnet (the first one).

All goes great and my did.json and other files are identified well, nevertheless my verified credential has always a subject from "ION", see the following screenshot:
User's image

Why is this happening? I´m currently using Microsoft Authenticator and the dotnet sample only... How can I only rely on web?

Thank you on advance.

Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,987 questions
0 comments No comments
{count} votes

Accepted answer
  1. Daniel Krzyczkowski 481 Reputation points MVP
    2023-07-12T08:40:25.1933333+00:00

    Hello,

    This is expected behavior.

    The authority setup to issue and verify credentials is using did:web, but the Microsoft Authenticator and the Wallet Library uses a long form did:ion for it's DID method. This is because wallets DID wouldn't be resolvable otherwise (there is no web-server for you wallet to host the did.json file if the wallet would use did:web).
    I hope this clarifies a bit.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.