2. Token Endpoint

All Login and Myinfo apps must follow Singpass' FAPI 2.0-compliant authentication API by 31 Dec 2026.

The specifications on this page apply to you only if you are maintaining an existing Login / Myinfo (v5) integration. We encourage you to migrate early to avoid service disruptions.

Endpoint to obtain an ID token and access token. The ID token is a signed JWT that contains user information in the sub claim, and is signed by Singpass ASP. RPs will be able to verify the ID token’s JWT signature with our JWKS endpoint. RPs are expected to validate the ID token as per OpenID connect specs.

For the OIDC authentication flow, only the following grant(s) is supported:

authorization_code (see the Authentication using the Authorization Code Flow in the OpenID connect specs for more details)

In the below sections, we are going to describe the API contract:

Authorization Code Grant
Client JWK Requirements

PreviousFor Mobile Developers NextAuthorization Code Grant

Last updated 9 days ago

Was this helpful?