Invoke Authorization Endpoint
This section demonstrates how to invoke the authorization endpoint for Singpass to begin the authentication process. First, you will need to create a Singapss Login button to trigger the redirection. Once the user has been authenticated, your application will be redirected to the redirect URL that has been set up in the Application configuration with the authorization code.
Authorization endpoint for different environments:
Step 1: Create Login Button
Create a new file in your application for the login button. For the demo singpass application, app.js contains the Login button code. You may also copy the logic needed to create a simple login button from the code panel below.
Step 2: Update request parameters
Update request parameters accordingly for the authorization endpoint with the following attributes:
scope
Supported value is openid
.
response_type
The authorization processing flow to be used. Supported value is code
for the Authorization Code Flow.
client_id
redirect_uri
nonce
state
Maximum of 255 characters. Must match regexp
pattern of [A-Za-z0-9/+_\-=.]+
Create attributes for all the request parameters and update them accordingly. This URL will be triggered once the user triggers the login button. For the demo singpass application, update all the following fields within the app.js file.
Step 3: Run the Application and Test
Run the application and click on the login button. You should be redirected to the Singpass staging login page. The authentication type will be based on the configuration of the Application.
For QR Authentication
There will only be a QR displayed, use the Staging Singpass Mobile App to scan the QR and approve to get authenticated.
For 1FA Authentication
Select Singpass App or Password Login. If the Singpass App is selected, the process flow is the same as QR Authenticated.
For 2FA Authentication
Once the user has authenticated via any of the 3 authentication methods, verify that Singpass redirects you to your application registered redirect_uri along with the
code
andstate
parameters like the following example.
If you have received the code and state successfully, your application is ready for the next steps.
Next steps
Last updated
Was this helpful?