Decentralized identifier (DID)
A globally unique identifier that its subject controls directly, without a central registry — resolving to a document of public keys and service endpoints.
A decentralized identifier, or DID, is an identifier that the thing it names controls directly — no central authority issues it or can take it away. It resolves to a DID document that lists the public keys and service endpoints associated with the identity.
DIDs are a W3C standard, and they come in many methods. did:web anchors to a domain; other methods anchor to ledgers or peer-to-peer systems. For AI agents, a DID is the anchor that makes identity verifiable.
What a DID gives you
Control: the subject holds the keys, so it can prove control and rotate them. Verifiability: anyone can resolve the DID and check a signature against the published key. Portability: the identifier isn't tied to one platform's account system.
For an agent, that means a persistent identity it owns, usable across services that understand DIDs.
DID methods
The part after did: names the method — did:web, did:key, did:ion, and others — each defining how the identifier is created and resolved. Mailgent uses did:web because it resolves over plain HTTPS and needs no extra infrastructure.
FAQ
Who issues a DID?
No one. The subject creates and controls it; resolution is defined by the DID method, not a central registry.
What's in a DID document?
Public keys (verification methods) and service endpoints — enough to verify signatures and find related services.
Give your agent an inbox.
A real email address, a vault, 2FA, and an identity in one API call.