Singpass Developer Docs
Developer Docs for Singpass
Developer Docs for SingpassCIBALegacy Myinfo v3/v4Verify API (legacy)
Developer Docs for Singpass
Developer Docs for SingpassCIBALegacy Myinfo v3/v4Verify API (legacy)
  • INTRODUCTION
    • Overview of Singpass
    • Understanding the basics of OIDC
  • Products
    • Login
      • Introduction
      • Key Principles
      • User Journey
      • Logo Download and Brand Guidelines
      • Singpass Button Guidelines (For developers and designers)
    • FAQ
      • Login
      • Myinfo
    • Myinfo
      • Introduction
      • Key Principles
      • User Journey
      • Logo Download and Brand Guidelines
      • Data Display Guidelines
      • Scheduled Downtimes
  • GETTING STARTED
    • Onboarding Checklist
    • User Journey
    • Create Singpass Application
    • Start Integration - Demo App
  • Technical Specifications
    • Singpass Authentication API
      • Overview of Singpass Flow
      • 1. Authorization Endpoint
        • Redirection on success
        • For Mobile Developers
      • 2. Token Endpoint
        • Authorization Code Grant
        • Client JWK Requirements
      • 3. Userinfo Endpoint
        • Requesting Userinfo
        • Validating the payload
      • .well-known Endpoints
        • OpenID Discovery Endpoint
        • JWKS Endpoint
      • Error Response
      • Frame busting for web views
    • Staging and Production URLs
  • Singpass Developer Portal (SDP)
    • User Guide
      • Obtain Access to SDP
      • Login to SDP
      • Toggle Staging vs Production
      • Create Staging App
      • Edit Staging App
      • Create Staging Test Account
      • Create Production App
      • Edit Production App
      • Consent to Singpass Service Agreement
      • View Singpass Service Agreement
      • Updating Billing Contact Information
      • Deactivate Production App
      • Activate Production App
      • How to View Production App Transactions
    • Understanding the App Config Fields
      • App Name
      • App Description
      • Site URL
      • Support Emails
      • Allowed Scopes
      • Redirect URL
      • Token-based Authentication
  • Data Catalog (Myinfo)
    • Understanding the Data
      • Local Registered Birth Records and Sponsored Child Records
      • CPF Contribution History (up to 15 months)
      • Notice of Assessment (Basic)
      • Notice of Assessment (Detailed)
    • Catalog
      • Personal
      • Finance
      • Education and Employment
      • Family
      • Vehicle and Driving Licence
      • Property
      • Government Scheme
  • TESTING
    • Testing with Singpass App
    • Myinfo Test Personas
  • MORE INFORMATION
    • Contact
Powered by GitBook
On this page

Was this helpful?

  1. Technical Specifications
  2. Singpass Authentication API

2. Token Endpoint

PreviousFor Mobile DevelopersNextAuthorization Code Grant

Last updated 16 hours ago

Was this helpful?

Endpoint to obtain an ID token and access token. The ID token is a signed JWT that contains user information in the sub claim, and is signed by Singpass ASP. RPs will be able to verify the ID token’s JWT signature with our . RPs are expected to validate the ID token as per .

For the OIDC authentication flow, only the following grant(s) is supported:

  • authorization_code (see the in the OpenID connect specs for more details)

In the below sections, we are going to describe the API contract:

JWKS endpoint
OpenID connect specs
Authentication using the Authorization Code Flow
Authorization Code Grant
Client JWK Requirements