Skip to main content
Identity in Nuggets establishes who or what an actor is. It does not, on its own, determine whether actions are allowed. Nuggets uses open, interoperable identity standards so that actor identities can be verified across systems, clouds, and organisations - without vendor lock-in or centralised control. For how identity is used at runtime to evaluate authority and produce proof, see Key Concepts.

Why Identity Standards Matter

Autonomous systems operate across organisational, cloud, and jurisdictional boundaries. In these environments, identity must be:
  • Verifiable without relying on a single authority
  • Portable across platforms and ecosystems
  • Compatible with existing enterprise identity infrastructure
  • Suitable for both human and non-human actors
Closed or proprietary identity models introduce lock-in, limit interoperability, and create fragility as systems evolve. Nuggets adopts open standards to ensure that identities remain verifiable, durable, and neutral, regardless of where actions occur.

W3C Decentralized Identifiers (DIDs)

Nuggets uses Decentralized Identifiers (DIDs), a W3C standard for globally unique, cryptographically verifiable identifiers. DIDs enable:
  • Identity without central registration authorities
  • Cryptographic verification of control
  • Independence from any single platform or vendor
Each DID can represent a:
  • Human
  • Organisation
  • Machine or service
  • AI agent
DIDs provide a stable identity anchor that can be verified anywhere, without requiring shared databases or centralised identity providers.

Verifiable Credentials (VCs)

Verifiable Credentials (VCs) are a W3C standard for cryptographically signed statements about an identity. In Nuggets, VCs are used to represent attributes, relationships, and assurances associated with an identity. Verifiable Credentials enable:
  • Cryptographic proof of identity attributes
  • Selective disclosure of information
  • Portability across systems and organisations
  • Independent verification by relying parties
Credentials can be verified without contacting the issuer, reducing dependency on central services and improving resilience.

Interoperability and Vendor Neutrality

By building on W3C identity standards, Nuggets ensures:
  • Interoperability across identity providers, clouds, and ecosystems
  • Compatibility with emerging standards and frameworks
  • Avoidance of proprietary lock-in
  • Long-term durability of issued identities
This allows organisations to adopt Nuggets without restructuring existing identity architecture or committing to closed ecosystems.

Integration with Enterprise Identity Systems

Open standards allow Nuggets to integrate cleanly with existing enterprise environments.
  • OIDC and OAuth 2.0 can be used for human authentication
  • Existing IAM and IdPs remain the source of login and access control
  • Decentralised identity complements - rather than replaces - enterprise identity systems
This enables organisations to extend existing identity infrastructure into autonomous, agent-driven environments without disruption.

Identity as a Foundation - Not a Decision

It is important to be explicit about the role of identity in Nuggets. Identity standards provide:
  • Attribution
  • Accountability
  • Verifiability
They do not provide:
  • Permission to act
  • Policy enforcement
  • Runtime authorisation
Those decisions are made when actions occur, based on authority, intent, policy, and consent, as described in Key Concepts.

Why This Matters

Using open identity standards ensures that Nuggets can support:
  • Cross-cloud and cross-organisation deployments
  • Regulated and high-assurance environments
  • Long-lived autonomous systems
  • Independent audit and verification
Identity standards are a foundational building block - enabling trust without centralisation, and interoperability without compromise.