Singpass Developer Docs
CIBA
CIBA
  • Step-up Authentication using Push Notifications
    • Backchannel Authentication Endpoint
    • Token Endpoint
    • .well-known Endpoints
  • Staging and Production Endpoints
  • Error Response
Powered by GitBook
On this page

Was this helpful?

Step-up Authentication using Push Notifications

Client-Initiated Backchannel Authentication (CIBA)

NextBackchannel Authentication Endpoint

Last updated 2 months ago

Was this helpful?

Introduction

This guide illustrates the Step-up Authentication (Push Notifications) Flow and the APIs that Relying Parties (RP) need to integrate with.

The Step-up authentication feature can be employed in use-cases where RPs require their users to perform an additional layer of authentication before proceeding on with a high-risk transaction. This kind of authentication is done by triggering a push notification to the user’s Singpass Mobile Application.

RPs who are looking to opt-in for Step-up Authentication are required to integrate with Singpass operating in the Client-initiated Backchannel Authentication (CIBA) Poll Mode (see ). Refer to this diagram for an overview of the CIBA authentication flow between an RP, Singpass and its dependencies.

CIBA specs
CIBA Authentication Flow between RP, Singpass and its dependencies