# Quick Start ## CIBA Onboarding Guide ### Overview CIBA (Client-Initiated Backchannel Authentication) onboarding is currently available only to **Government agencies** and is assessed on a case-by-case basis. ### Typical CIBA Flow For a call-centre use case: 1. A call-centre agent verifies the caller’s identity 2. The agent initiates a CIBA request via Singpass 3. A push notification is sent to the user’s Singpass app 4. The user reviews and approves the request 5. The transaction proceeds upon successful authentication ### Onboarding Steps #### 1. Create a Staging App Create a staging app via the Singpass Developer Portal (SDP): ; Configuration: * Select openid as the only scope * Use dummy values for fields not applicable (e.g. Site URL, Redirect URL) * Configure your JWKS endpoint #### 2. Submit Use Case for Assessment Share the following details via Partner Support: * Description of your CIBA use case * When is CIBA triggered? * Why is CIBA required? * Expected monthly transaction volume * Systems that will integrate with Singpass #### 3. Evaluation by Singpass The Singpass Product and Security teams will assess: * Alignment with CIBA policy * Authentication assurance requirements * User journey and risk controls * Availability of fallback flows > We may follow up with clarifications during this stage. #### 4. Whitelisting & Testing If the use case is approved: * Your use case will be whitelisted * Your team can proceed with testing in staging #### 5. Production Setup Once testing is complete: 1. Submit a Production App Request via SDP 2. Indicate that the app is for CIBA 3. Include your User Journey (UJ) 4. Singpass will whitelist your client ID for CIBA usage --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.developer.singpass.gov.sg/docs/client-initiated-backchannel-authentication-ciba/quick-start.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.