Bluesky expands verification with blue checks and trusted verifiers

Bluesky introduced a new verification system on April 21, 2025, adding visual blue check marks to complement its existing domain-based verification approach. This development comes less than two weeks ago and builds upon the platform's existing verification infrastructure first launched in 2023.

According to the Bluesky team, "Trust is everything. Social media has connected us in powerful ways, but it hasn't always given us the tools to know who we're interacting with or why we should trust them." The platform is implementing a multi-layered verification approach that combines both centralized and distributed trust mechanisms.

The new verification system introduces two distinct visual markers: standard blue checks for accounts verified directly by Bluesky, and scalloped blue checks designating "Trusted Verifiers" – organizations authorized to verify other accounts.

The evolution of Bluesky's verification approach

Bluesky's verification strategy began in April 2023 with domain-based verification, allowing individuals and organizations to set their websites as usernames. According to the Bluesky team, over 270,000 accounts have linked their usernames to their websites since this feature launched.

Emily Liu, who authored Bluesky's original verification documentation, explained the rationale: "The AT Protocol, which the Bluesky app is built upon, was designed to use domains for multiple reasons: Identity, Verification, and Portability." This approach leverages the existing authority of websites while creating consistency across applications built on the AT Protocol.

Domain verification remains the foundation of Bluesky's authentication strategy. The process requires users to add a TXT record to their domain's DNS settings containing their Bluesky DID (Decentralized Identifier). For organizations managing multiple subdomains, Bluesky offers a developer-focused HTTP-based solution that doesn't rely on individual DNS records.

New visual verification layer

While domain verification provides a technical solution, Bluesky acknowledged user feedback requesting more visible indicators of authenticity. According to the platform's announcement, "We've heard from users that a larger visual signal would be useful in knowing which accounts are authentic."

The newly implemented blue check verification system operates on two levels:

1. Proactive verification by Bluesky for "authentic and notable accounts"
2. Distributed verification through the Trusted Verifiers feature

The Trusted Verifiers function creates a federated approach to authentication, empowering selected organizations to issue verifications directly. According to Bluesky, "Blue checks issued by platforms are just one form of trust. But trust doesn't come only from the top down; it emerges from relationships, communities, and shared context."

Technical implementation and user experience

When viewing verified accounts, users can tap on the blue check to view which organizations granted verification. Bluesky has implemented moderation oversight, with the team reviewing "each verification to ensure authenticity."

For those who prefer not to see verification markers, the platform has included customization options. Users can disable the display of verification badges entirely through Settings > Moderation > Verification Settings.

Verification eligibility and process

During the initial phase, Bluesky is not accepting direct verification applications. The company stated it will "launch a request form for notable and authentic accounts interested in becoming verified or becoming trusted verifiers" as the feature stabilizes.

Organizations and high-profile individuals can still self-verify using the domain-based approach. This process involves:

1. Creating a Bluesky account
2. Navigating to account settings
3. Selecting the option to change handle to a domain
4. Adding a TXT record to the domain's DNS configuration
5. Verifying the DNS record through Bluesky

For subdomains, the process requires a slightly different TXT record configuration, with the subdomain included in the domain field. Organizations managing multiple subdomains can implement a HTTP-based solution that resolves handles via a .well-known route.

Market implications and industry context

Bluesky's expanded verification approach positions the platform between centralized models like those historically used by platforms such as Twitter/X and fully decentralized verification systems. By creating a hybrid model that combines platform-based verification with distributed trust through Trusted Verifiers, Bluesky is attempting to balance control with community participation.

For marketers and communication professionals, this development has several significant implications. First, the multi-layered verification system provides new opportunities for establishing brand authenticity in a fragmented social media landscape. Second, the Trusted Verifier mechanism potentially gives industry organizations and professional associations new roles in credentialing.

The timing of this announcement coincides with ongoing discussions about digital identity, platform accountability, and the role of verification in combating misinformation. Bluesky's approach implements a technical foundation that potentially addresses some of these challenges through its combination of domain verification and visual indicators.

For brands and organizations considering their Bluesky strategy, domain verification remains readily accessible and does not require application approval. The documentation explains that domains can be purchased through any ICANN-accredited domain registrar or directly through Bluesky's own domain service.

Technical foundation and future implications

Bluesky's verification approach is built on the AT Protocol, which emphasizes portability and cross-application consistency. According to the platform's documentation, "Identity: Bluesky is just one application built on top of the AT Protocol. Let's say you set your handle to example.com on Bluesky. You'll be able to use that same handle across all applications built on the AT Protocol."

This portability distinguishes Bluesky's verification from platform-specific approaches. Domain-verified identities potentially transfer across any application implementing the AT Protocol, creating consistency across what might eventually become a network of compatible services.

For technically-oriented organizations, the HTTP-based subdomain verification option provides flexibility for managing multiple verified accounts without creating individual DNS records. This implementation requires returning each account's DID from a specific route, with Bluesky noting that "most organizations' tech teams are able to implement this easily."

Long-term verification strategy

Bluesky describes itself as "an initiative to transition the social web from platforms to protocols," positioning these verification developments within a broader vision of decentralized infrastructure. The expanded verification system represents an incremental step toward implementing this vision through practical features.

The platform's documentation emphasizes specific benefits of domain-based verification including identity consistency, trust transfer, and account portability. For users who don't own domains, Bluesky offers traditional username formats (user.bsky.social) while making domain-based verification available as an option.

Bluesky's approach contrasts with both fully centralized verification systems and completely decentralized identity models. By implementing multiple verification layers with varied technical approaches, the platform is creating a hybrid system that balances accessibility with security.

Timeline

• April 28, 2023: Initial domain-based verification system launched
• December 12, 2024: Update allowing users to retain their previous .bsky.social username when switching to domain verification
• April 21, 2025: Introduction of visual verification with blue checks and Trusted Verifiers