Myinfo v4

Integrating with Myinfo requires your application to invoke 3 different APIs as part of the OAuth2.1 authorization code flow:

1. Authorize API

This API triggers the Singpass authentication process, followed by presenting a consent page to the user to obtain explicit consent from the user to allow his/her personal details to be released to your application.

Our system will return a short-lived "authorization code(authcode)" at the end of this process.

This API is triggered over the browser via the 302 redirect.

2. Token API

Your application server invokes this API to obtain an access_token, which can be used to call the /person API for the actual data. Your application needs to provide a valid authorization code(authcode) from the /authorize API in exchange for the access_token.

The access_token will be valid for 30 minutes.

This API is a server-to-server call (does not go through the browser)

3. Person API

This API returns a JSON response with the personal data that was requested. Your application must provide a valid access_token from the /token API in exchange for the person data.

Once your application receives the person data, you can use this data to populate the online form on your application.

This API is a server-to-server call (does not go through the browser)

PreviousKey Principles NextDifference between v3 and v4

Last updated 3 months ago

Was this helpful?