A method is provided for remote identification of a subject to a verifier using a third-party cryptographic credential. To create the credential, JavaScript code originating from the credential issuer generates a key pair using a cryptographic library, the Web Cryptography API or a FIDO2 authenticator, obtains from the issuer a disclosable portion of the credential containing the public key and subject attributes, and registers a service worker with the browser. To identify the subject, the verifier redirects a login request to a URL in the scope of the service worker, which intercepts the redirected request and dynamically generates a credential presentation page that sends the disclosable portion of the credential to the verifier and proves knowledge of the private key.