=== how to verify your identity on nostr ===

You can verify your identity easily if you have a domain and can write to the root directory. The guide on https://nostr.com/verify-your-identity explains it nicely, I only had the issue that I used the npub format for the public and that does not work, it has to be in hex format.

First you have to create a file on your webserver in the URL /.well-known/nostr.json, if you do it for a single user or a small number of users, you can use a static file

I use the following:
<code>
{
  "names": {
    "alexlehm": "abcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcd"
  }
}
</code>
Now add a CORS header to the httpd config for your vhost (this is usually <VirtualHost> for the https domain
<code>
  <Location "/.well-known/nostr.json">
           header add Access-Control-Allow-Origin: *
  </Location>
</code>

this way the CORS header is set for the file only, you can verify that with curl, the url https://yourdomain.com/.well-known/nostr.json has to be accessible without redirects.

<code>
# curl -i https://lehmann.cx/.well-known/nostr.json?name=dummy
HTTP/2 200
content-type: application/json
access-control-allow-origin: *

{
  "names": {
    "alexlehm": "abcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcd"
  }
}
</code>

This url will be queried by other clients when they want to check if your identity is correct.

Now, you can add your username and the username@domain.com address in the NIP-05 field, e.g. on astral.ninja

When supporting multiple users it would be possible to use a PHP script to send the JSON file if there are a lot of users, if there are only a few, it is enough to put them all in a static file.