Please take a look at this other thread - it should point you to the right documentation for using OCAPs with did:key or did:pkh (through blockchain wallets). Let me know if that’s helpful?
It’s a good question about an OCAP that only allows editing specific fields. I’m tagging @paul to see if he has any suggestions here.