Singpass Developer Docs
Developer Docs for Singpass
Developer Docs for Singpass
  • INTRODUCTION
    • Overview of Singpass
    • Understanding the basics of OIDC
  • Products
    • Login
      • Introduction
      • Key Principles
      • User Journey
      • Logo Download and Brand Guidelines
      • Singpass Button Guidelines (For developers and designers)
    • FAQ
      • Login
      • Myinfo
    • Myinfo
      • Introduction
      • Key Principles
      • User Journey
      • Logo Download and Brand Guidelines
      • Data Display Guidelines
      • Scheduled Downtimes
  • GETTING STARTED
    • Onboarding Checklist
    • User Journey
    • Create Singpass Application
    • Start Integration - Demo App
  • Technical Specifications
    • Singpass Authentication API
      • Overview of Singpass Flow
      • 1. Authorization Endpoint
        • Redirection on success
        • For Mobile Developers
      • 2. Token Endpoint
        • Authorization Code Grant
        • Client JWK Requirements
      • 3. Userinfo Endpoint
        • Requesting Userinfo
        • Validating the payload
      • .well-known Endpoints
        • OpenID Discovery Endpoint
        • JWKS Endpoint
      • Error Response
      • Frame busting for web views
    • Staging and Production URLs
  • Singpass Developer Portal (SDP)
    • User Guide
      • Obtain Access to SDP
      • Login to SDP
      • Toggle Staging vs Production
      • Create Staging App
      • Edit Staging App
      • Create Staging Test Account
      • Create Production App
      • Edit Production App
      • Consent to Singpass Service Agreement
      • View Singpass Service Agreement
      • Updating Billing Contact Information
      • Deactivate Production App
      • Activate Production App
      • How to View Production App Transactions
    • Understanding the App Config Fields
      • App Name
      • App Description
      • Site URL
      • Support Emails
      • Allowed Scopes
      • Redirect URL
      • Token-based Authentication
  • Data Catalog (Myinfo)
    • Understanding the Data
      • Local Registered Birth Records and Sponsored Child Records
      • CPF Contribution History (up to 15 months)
      • Notice of Assessment (Basic)
      • Notice of Assessment (Detailed)
    • Catalog
      • Personal
      • Finance
      • Education and Employment
      • Family
      • Vehicle and Driving Licence
      • Property
      • Government Scheme
  • TESTING
    • Testing with Singpass App
    • Myinfo Test Personas
  • MORE INFORMATION
    • Contact
Powered by GitBook
On this page

Was this helpful?

  1. INTRODUCTION

Overview of Singpass

NextUnderstanding the basics of OIDC

Last updated 1 month ago

Was this helpful?

Singpass is Singapore's national digital identity authentication provider using the protocol. It stores users' identity information and authenticates them for transactions with government agencies and private organizations online.

How Singpass OIDC Works?

OpenID Provider (OP) is the party that issues the ID token. In this case, Singpass serves as the OpenID provider.

Relying Party (RP) is the party that requests the ID token from Singpass, which in this context refers to your mobile or web application.

offers various authentication flows for integrating an OpenID Provider (OP) and a Relying Party (RP). Singpass as the OpenID Provider supports only the authorization code flow. This flow is the most widely used OpenID Connect authentication method, ideal for web applications and native applications that employ a client/server architecture. In this more secure and confidential flow, instead of returning the ID and access tokens directly to the Relying Party, an authorization code is provided. The Relying Party can then exchange the code for the necessary tokens to complete the authentication flow. The token will be used for information exchange if user info is required. The relying Party is required to manage the parsing of JWT used in JWT assertion, as detailed in our guide.

OpenID Connect 1.0
OpenID Connect 1.0
Singpass flow