Difference between v3 and v4
The diagram below highlights the end to end flow of v4 APIs with key changes:
Myinfo v4 APIs bring about improved security posture, standards and features.
For the comprehensive list of changes, refer to our API Specs Release notes.
-
Proof of Key Code Exchange (PKCE) (Reference : PKCE)
Improve security posture between /authorize and /token by protecting against authcode injection
X.509 Certificate public keys
JSON Web Key Store (JWKS) (Reference : JWKS)
Enable minimal disruption on key rotations
PKI Base string signing
Client Assertions (Reference : Client Assertions)
Alignment to international standards
-
Demonstration of Proof-of-Possesion (DPoP) (Reference : DPoP)
Improve security posture between /token and /person by proving legitimacy of possession for access token before data can be released
Last updated
Was this helpful?