In this guide, you will deploy a local PayID server, create a PayID, sign and verify the PayID, and test it using calls to the PayID Admin API. If you want to use base PayID without verification, see Getting Started.
For more information about Verifiable PayID, see Enhance Security With Verifiable PayID.
Before you begin:
- Deploy a PayID server locally. See Getting Started: Deploy a PayID Server.
- Install PayID CLI. You will use the command line to perform the tasks in this tutorial.
- Open the command line. Enter
payid. You can now enter commands in interactive mode.
- See the available commands: enter
help. Note the commands related to signing and verifying PayIDs.
- Create an empty PayID:
- Add a crypto address:
crypto-address add XRPL TESTNET rDk7FQvkQxQQNGTtfM2Fr66s7Nm3k87vdS. This command specifies the relevant
addressfor your ledger.
- Generate a user identity key:
keys generate. This key is stored locally at the specified location. Make sure you keep the key in a safe place.
- Sign the PayID with the user identity key to create a verified PayID and address payload:
- Remove the unverified crypto address:
crypto-address remove rDk7FQvkQxQQNGTtfM2Fr66s7Nm3k87vdS. The output payload should have this format:
- Upload the verified PayID. If you are using the PayID Admin API version from 2020-08-25 or later, POST the payload from Step 7 to the Admin API endpoint. See PayID API Reference. As mentioned, you must have a PayID server deployed to use this API.
If you use the PayID Admin API version from before 2020-08-25, then you must modify this payload.
identityKeyshould have the contents of the
protectedfield in Step 7.
verifiedAddressesshould be the un-stringified JSON contents of the
payloadfield in Step 7.
identityKeySignatureshould be the
signaturefield in Step 7. The payload for older versions of the PayID Admin API appears as follows:
Retrieve and verify the verified PayID using PayID CLI. These commands do not use interactive mode.payid load verifiabledemo$127.0.0.11payid inspectpayid verify
Verify the PayID from the PayID Public API endpoint with GET. See API Reference. You can also use a JWS library like
joseto verify the
If operating through a trust on first use (TOFU) model, safely store the identity key after successful verification, and use this key to verify subsequent addresses retrieved from the same PayID.