EBSI DID JWT library

Usage no npm install needed!

<script type="module">
  import cefEbsiDidJwt from 'https://cdn.skypack.dev/@cef-ebsi/did-jwt';




DEPRECATED: use did-jwt with @cef-ebsi/ebsi-did-resolver instead.

This library is an extension of https://github.com/decentralized-identity/did-jwt.

It allows you to sign and verify JSON Web Tokens (JWT) using ES256K, ES256K-R and Ed25519 algorithms for EBSI.

Public keys are resolved using the Decentralized ID (DID) of the signing identity of the claim, which is passed as the iss attribute of the encoded JWT.

Table of Contents

  1. Installation
  2. Examples
  3. Library Test
  4. Licensing


npm install @cef-ebsi/did-jwt

or if you use yarn

yarn add @cef-ebsi/did-jwt


Verify an EBSI JWT

const { verifyEbsiJWT } = require("@cef-ebsi/did-jwt");

const verifiedJwt = await verifyEbsiJWT("eyJ0eXAiOiJ...", {
  didRegistry: "https://api.test.intebsi.xyz/did-registry/v2/identifiers",
  audience: "did:ebsi:recipient", // DID of the recipient of the JWT
  proofPurpose: "authentication",

console.log(JSON.stringify(verifiedJwt, undefined, "  "));

  "payload": {
    "iat": 1618826224,
    "iss": "did:ebsi:zub5ZZUfHLLptCduwEy8xRj",
    "prop": "val",
    "aud": "did:ebsi:recipient"
  "didResolutionResult": {
    "didResolutionMetadata": {
      "contentType": "application/did+ld+json"
    "didDocument": {
      "@context": "https://www.w3.org/ns/did/v1",
      "id": "did:ebsi:zub5ZZUfHLLptCduwEy8xRj",
      "verificationMethod": [
          "id": "did:ebsi:zub5ZZUfHLLptCduwEy8xRj#keys-1",
          "type": "Secp256k1VerificationKey2018",
          "controller": "did:ebsi:zub5ZZUfHLLptCduwEy8xRj",
          "publicKeyHex": "044490262f40c4f6e9dd16f4d365a44320b48f7c6f55ee87b4a3484b2231df381ed8deb985954e323fd02165e5c2be2e159b2b968d053406eeba2cd4dacbf54c5a"
      "authentication": [
      "assertionMethod": [
    "didDocumentMetadata": {}
  "issuer": "did:ebsi:zub5ZZUfHLLptCduwEy8xRj",
  "signer": {
    "id": "did:ebsi:zub5ZZUfHLLptCduwEy8xRj#keys-1",
    "type": "Secp256k1VerificationKey2018",
    "controller": "did:ebsi:zub5ZZUfHLLptCduwEy8xRj",
    "publicKeyHex": "044490262f40c4f6e9dd16f4d365a44320b48f7c6f55ee87b4a3484b2231df381ed8deb985954e323fd02165e5c2be2e159b2b968d053406eeba2cd4dacbf54c5a"
  "jwt": "eyJ0eXAiOiJ..."

Other examples

You can find more example of what you can do with this library on the original repository: https://github.com/decentralized-identity/did-jwt#example. Examples include "Create a did-JWT", "Decode a did-JWT", and "Verify a did-JWT".

Library Test

Create an .env file using .env.example and update the env variables.

# unit tests
$ yarn test:unit

# e2e tests
$ yarn test:e2e

# all the tests
$ yarn test


Copyright (c) 2019 European Commission Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in compliance with the Licence. You may obtain a copy of the Licence at:

Unless required by applicable law or agreed to in writing, software distributed under the Licence is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the Licence for the specific language governing permissions and limitations under the Licence.

Library based on did-jwt library licensed under Apache 2.0 Copyright 2020 decentralized identity.