corda / / IdentityService


@DoNotImplement interface IdentityService

An identity service maintains a directory of parties by their associated distinguished name/public keys and thus supports lookup of a party given its key, or name. The service also manages the certificates linking confidential identities back to the well known identity.

Well known identities in Corda are the public identity of a party, registered with the network map directory, whereas confidential identities are distributed only on a need to know basis (typically between parties in a transaction being built). See NetworkMapCache for retrieving well known identities from the network map.



abstract val caCertStore: CertStore


abstract val trustAnchor: TrustAnchor


abstract val trustRoot: X509Certificate



abstract fun assertOwnership(party: Party, anonymousParty: AnonymousParty): Unit

Asserts that an anonymous party maps to the given full party, by looking up the certificate chain associated with the anonymous party and resolving it back to the given full party.


abstract fun certificateFromKey(owningKey: PublicKey): PartyAndCertificate?

Resolves a public key to the well known identity PartyAndCertificate instance which is owned by the key.


abstract fun getAllIdentities(): Iterable<PartyAndCertificate>

Get all identities known to the service. This is expensive, and partyFromKey or partyFromX500Name should be used in preference where possible.


abstract fun partiesFromName(query: String, exactMatch: Boolean): Set<Party>

Returns a list of candidate matches for a given string, with optional fuzzy(ish) matching. Fuzzy matching may get smarter with time e.g. to correct spelling errors, so you should not hard-code indexes into the results but rather show them via a user interface and let the user pick the one they wanted.


abstract fun partyFromKey(key: PublicKey): Party?

Converts an owning PublicKey to the X500Name extended Party object if the Party has been previously registered with the IdentityService either as a well known network map identity, or as a part of flows creating and exchanging the identity.


abstract fun requireWellKnownPartyFromAnonymous(party: AbstractParty): Party

Resolve the well known identity of a party. Throws an exception if the party cannot be identified. If the party passed in is already a well known identity (i.e. a Party) this returns it as-is.


abstract fun verifyAndRegisterIdentity(identity: PartyAndCertificate): PartyAndCertificate?

Verify and then store an identity.


abstract fun wellKnownPartyFromAnonymous(party: AbstractParty): Party?

Resolves a (optionally) confidential identity to the corresponding well known identity Party. It transparently handles returning the well known identity back if a well known identity is passed in.

open fun wellKnownPartyFromAnonymous(partyRef: PartyAndReference): Party?

Resolves a (optionally) confidential identity to the corresponding well known identity Party. Convenience method which unwraps the Party from the PartyAndReference and then resolves the well known identity as normal. It transparently handles returning the well known identity back if a well known identity is passed in.


abstract fun wellKnownPartyFromX500Name(name: CordaX500Name): Party?

Resolves a party name to the well known identity Party instance for this name. Where possible well known identity lookup from name should be done from the network map (via NetworkMapCache) instead, as it is the authoritative source of well known identities.

Extension Functions


fun Any.contextLogger(): Logger

When called from a companion object, returns the logger for the enclosing class.