How to Set Up a Verified Nostr Address
It's all about NIP-05!
You may have recently started using Nostr and realized that your profile ID looks super ugly. It’s a long string of letters and numbers, starting with npub.
That’s your Nostr Public Key! It’s used to recognize who you are on the network.
By design, your Public Key is supposed to be a bunch of letters and numbers. That’s basic cryptography at work. The good news is, you can represent your identity with something much more human-readable. That’s where NIP-05, or Internet Identifiers, come into play.
How does it work?
NIP-05 exists as a way to map your Nostr key to an email-like address. In fact, it works very similarly to a Webfinger address in the Fediverse: a client checks the /.well-known/ part of a domain name to look for a nostr.json document, like so:
GET https://wedistribute.org/.well-known/nostr.json?name=news
A JSON response comes back to the client, matching up the name with a hex-formatted version of your Public Key.
{
 "names": {
   "news": "715dc06230d7c6aa62b044a8a764728ae6862eb100f1800ef91d5cc9f972dc55"
 }
}In other words, this creates a complete circle. Your Nostr account points to the NIP-05 value on your server, which matches the name, which points back to your Nostr account. Everything is validated!
How do I get one?
There are a few different ways you can set up one of these addresses: through a provider, through an integration, or by setting it up yourself manually. We’ll cover each approach below.
Before we begin, please note that you will need to convert your Nostr Public Key to hexadecimal for the process to work correctly. Damus provides a key converter to make this easy.
Using a Provider
The easiest and fastest approach is to use a third-party provider for an address. There are a number of services across Nostr that either offer this for free, or at a low price. It’s important to note: when doing this, you do not own the domain yourself.
Alby provides an easy-to-use integration that only requires your key. All you need to do is navigate to Dashboard > Settings > Nostr Address, and fill out the form.
Most providers are going to work in the same way, and will require you to put your hex-converted key into a field. Some might be more flexible, and offer you to customize your address name, but others will default to whatever your username is on that platform.
Using an Integration
Some platforms, such as WordPress, offer plugins that make this process incredibly easy. If you’re hosting WordPress on your own domain, you can easily provide your domain name as part of the handle.
For this example, we’ll be using Nostr Verify.
Go to your plugin settings, and provide the name you want to use and the converted key you created earlier. That’s all you need to do here!
Manual Setup
If you’re feeling really adventurous, you can try setting it up yourself on your server. First, we’ll create a simple JSON file called nostr.json that looks like this:
{
 "names": {
   "news": "715dc06230d7c6aa62b044a8a764728ae6862eb100f1800ef91d5cc9f972dc55"
 }
}If you want, you can expand your profile to include your preferred relays:
{
"names": {
"news": "715dc06230d7c6aa62b044a8a764728ae6862eb100f1800ef91d5cc9f972dc55"
},
"relays": {
"715dc06230d7c6aa62b044a8a764728ae6862eb100f1800ef91d5cc9f972dc55": [
"wss://relay.nos.social",
"wss://relay.nostr.band",
"wss://relay.snort.social",
"wss://relay.damus.io"
]
}
}You can also choose to set up additional names and relays for other Nostr accounts:
{
"names": {
"news": "715dc06230d7c6aa62b044a8a764728ae6862eb100f1800ef91d5cc9f972dc55",
"podcast": "fb45f982d24c6ddaaed012e28c2514ba7207a08cd738d52e27a5ef6827667900"
},
"relays": {
"715dc06230d7c6aa62b044a8a764728ae6862eb100f1800ef91d5cc9f972dc55": [
"wss://relay.nos.social",
"wss://relay.nostr.band",
"wss://relay.snort.social",
"wss://relay.damus.io"
],
"fb45f982d24c6ddaaed012e28c2514ba7207a08cd738d52e27a5ef6827667900": [
"wss://eden.nostr.land",
"wss://relay.nos.social",
"wss://relay.nostr.wine"
],
}
}After you’ve finished creating the file, you’ll need to set up your webserver to allow access. Below are examples for two of the most popular webservers: Nginx and Apache.
After setting everything up, we recommend testing your CORS headers with this tool.
💡 Note: These examples are designed to serve singular files with CORS headers. Depending on your setup, you will probably need to make adjustments.
Nginx
If you’re using Nginx, add this snippet to whatever configuration file you use to serve your domain.
location /.well-known {
default_type “application/jsonâ€;
root /var/www/.well-known;
if ($request_method = ‘GET’) {
add_header ‘Access-Control-Allow-Origin’ ‘*’;
}
}Put your nostr.json file in /var/www/.well-known, and reload your Nginx server to reflect the changes.
Apache
If you’re running Apache, you’ll need to first navigate to your public_html directory, and create a .well-known/ directory inside of it. Navigate into .well-known/, and put your nostr.json file in there.
Afterwards, create this .htaccess file in the same directory.
<Files "nostr.json">
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods: "GET"
</Files>Your NIP-05 identifier should now be accessible from your domain!
Putting It All Together
The final puzzle piece we need is to point our Nostr profile back to the address we made. Most Nostr clients let you set this up easily. For reference, here’s what this looks like in the Web UI for Primal: go to your profile, click Edit Profile, and scroll down to Verified Nostr Address (NIP-05).
After you’ve saved your changes, take a look at your profile. Now, there’s your verified address! You can use this to help people find you on the network, as it’s a lot easier to remember than your Public Key!
What if the place where I host the .well-known folder is on a sub-domain ?
in this case my blog, https://blog.rmendes.net/.well-known/nostr.json
I can’t get it to work on nostr as it is, it seems it does not see it :/
any tip ?
Thank you! Among all articles online, yours was the one that pushed the trigger for me 🙂