Browse all topics
All guidesGlossary
Microsoft Entra (Identity)

Microsoft Entra Verified ID

Entra Verified ID is Microsoft's decentralised identity / verifiable credential service. Here's the model and the use cases.

Microsoft Entra Verified ID is Microsoft's implementation of verifiable credentials — a W3C standard for cryptographically signed, decentralised digital credentials. It lets your organisation issue credentials (employee ID, certification, degree, training completion) and verify credentials presented by others, with no central authority required at verification time.

The model

A verifiable credential is a digital, cryptographically signed claim about a subject — for example, "Acme Corporation certifies that John Doe was employed from 2020 to 2024." The model has three roles:

  • Issuer — the organisation creating credentials (Acme issues employment credentials).
  • Holder — the subject who stores credentials in a wallet (John holds the credential).
  • Verifier — anyone presented with a credential who needs to confirm its authenticity (Acme's next employer verifies it).

Verification is cryptographic — the verifier checks the issuer's signature using public keys published on a decentralised identifier (DID) infrastructure. No call to Acme is required at verification time, and Acme can't see who's verifying.

What Entra Verified ID provides

  • An issuance service for creating credentials based on data in Entra ID, custom inputs, or both.
  • A verification service for accepting and validating credentials in your apps.
  • Microsoft Authenticator as the default wallet — users store and present credentials there.
  • Integration with Entra ID Conditional Access so verified credentials can gate access to resources.
  • Connectors and SDKs for issuance / verification.

Real-world use cases

  • Onboarding from a previous employer — the new employer accepts an employment credential issued by the prior employer, skipping reference checks.
  • Education verification — universities issue degree credentials; employers verify them in seconds.
  • Industry certifications — issuers like Microsoft Learn, AWS, professional bodies issue certifications as verifiable credentials.
  • Partner onboarding — accept a verifiable credential proving the partner organisation has the right compliance certifications.
  • Customer KYC — accept government-issued ID credentials where the legal framework supports them.
  • Internal employee re-verification — for high-security roles, re-confirm employee identity periodically.

Privacy and data minimisation

A key property: verifiers can request just the claim they need. Asking "is this person an Acme employee?" doesn't reveal John's salary or job title — only the specific employment claim. This selective disclosure is one of the main reasons verifiable credentials are interesting from a privacy perspective.

Where it's mature

The technology is solid; the ecosystem is where Verified ID's value depends on adoption. As of 2026, several industries (higher education, IT certifications, healthcare credentialing) have growing real-world deployments. For most general business scenarios, Verified ID is a "watch the space" rather than "deploy today."

Licensing

Verified ID issuance and verification are billed by transaction volume, with monthly free quotas. For low-volume use, the costs are negligible.

For organisations issuing credentials others will want to verify — academia, IT vendors, training providers — getting on the standard early is the strategic move.