Start with Identity
← Guides
Fundamentals · Beginner

What Is Decentralized Identity?

By SWI Community Team · Updated 2026-07-06 · 9 min

Decentralized identity is a model where individuals and organizations hold their own verifiable credentials in a digital wallet and present them directly to whoever needs to check them, without a central identity provider brokering every interaction. It is often called self-sovereign identity (SSI) because the holder, not a platform, controls the credential.

This is a shift away from the federated model most workforce and consumer login runs on today, where an identity provider authenticates you and vouches for you to each application.

The three roles: issuer, holder, verifier

Every decentralized identity interaction has the same three parties, known as the trust triangle:

  • Issuer signs and gives out a credential (a university issues a degree, a government issues an ID, an employer issues a proof of employment).
  • Holder stores the credential in a wallet and decides when and to whom to present it.
  • Verifier receives a presentation and checks the signature, the issuer, and the status, without needing to call the issuer in real time.

Because the credential is cryptographically signed, the verifier trusts the math and the issuer's public key rather than a live connection to the issuer. See issuer, holder, verifier for the model in detail.

The building blocks

Decentralized identity rests on two W3C standards plus a presentation layer:

Privacy: selective disclosure and zero-knowledge proofs

A key advantage is that holders can reveal the minimum needed. With selective disclosure and formats like SD-JWT, you can prove you are over 18 without showing your birth date or full ID. Zero-knowledge proofs and BBS signatures push this further, proving a statement is true without revealing the underlying data.

Where it is being used

Decentralized vs federated identity

Federated identity (SAML, OIDC) is mature, centralized, and excellent for enterprise SSO, but the identity provider is a single point of control and failure. Decentralized identity removes the runtime dependency on that provider and gives the holder portability and privacy, at the cost of a younger ecosystem and wallet adoption still in progress. The two will coexist: expect identity fabrics to bridge federated and decentralized credentials.

Where to start

Read what is self-sovereign identity for the philosophy and history, the Verifiable Credentials standard for the data model, and compare tools in top decentralized identity platforms and the decentralized identity vendor directory. When you are ready to choose, see best decentralized identity platforms.

Frequently asked questions

What is decentralized identity?
Decentralized identity is a model where people and organizations hold their own credentials in a digital wallet and present them directly to whoever needs to verify them, without depending on a central identity provider to broker every login.
How is decentralized identity different from federated identity?
In federated identity a central provider such as an IdP authenticates you and vouches for you to each service. In decentralized identity you hold cryptographically signed credentials yourself and present them peer to peer, so the verifier can check them without calling the issuer.
Is decentralized identity the same as blockchain?
No. Some decentralized identifier methods anchor to a distributed ledger, but the core standards (W3C DIDs and Verifiable Credentials) do not require a blockchain. Many production deployments use did:web and standard signatures with no ledger at all.
What are the main standards behind decentralized identity?
The core standards are W3C Decentralized Identifiers (DIDs), the W3C Verifiable Credentials Data Model, and the OpenID for Verifiable Credentials family (OpenID4VCI and OpenID4VP) for issuance and presentation.