Developer Docs for Singpass

Validating the payload

As mentioned in the introduction, the response returned from the GET /userinfo endpoint will be a JWS within the payload of a JWE token.

For example, the response typically returns the following JWE token:

eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiYWxnIjoiRUNESC1FUytBMjU2S1ciLCJraWQiOiJ0ZXN0LXJwLWtleS0wMSIsImVwayI6eyJrdHkiOiJFQyIsImNydiI6IlAtMjU2IiwieCI6Ik1RVTBWRnlfUWFUYktzTmJrVTdMZkFnUjJ2Y1FQYW94UzBXM2RLRm9yOU0iLCJ5IjoibkdRam5PRlZ4emdzRERjMUJqQ3otZi1KeUY4VC14WW0xQVp4NjFtZWVCOCJ9fQ.gDvjBmkLqQ42hbNM2ULPwaskGPBlLvslPAqr0XcN2a-OYqOHXKfwvoUUOuoibTfzg_l8rr-WalvY8FY_a8yfHOaL2GLt6ZWj.O_tgtrTbPRbL_p0Y2rvnCQ.38npNWj1nL1AQxS2A3JrxokxHms6GPYT2OFhaFghI7N0QkR48gPuUvKi-m7wPbESTYA-9O-bSHEX9fUXD4FtlztrhjRTpGmdfppooVMn9_bHcLLyHbHnS3_yW5JaybqHNfD6zXCB1pw24vvHfGmRJ7C86CeBgosuYslMk7y7m_rIT6YhVnotN_kRBOppVW9eC3g0upRxXQJ3O10__pR-QcBb_eXKqwm6tcpeTEqBPl0Dbedk6DDoq6KSRV5LzyFLMutAjInQpKGdWYa7FCgfHL3FWNfcwyPq27s3d14ArZJVkIJsOW_VTI_lrnSBzCcdJpbGj9wPe0e2SfslliZlSxYTTpECyV5AZZgwxz0pMaE85Ob7KzrJjMdbZqZZC53HnZmq6pS8RiUce4950IwvsfF0xDUDaZuMxKnISoPcuUX2jHr8FG0SytO8Pr6m3DyOYbQnSkUFdjCRSHiKRqDxlqM15hSkle3jtd9qf-EzuGeHNqaJCjD7XWeviwJgD70fUZDM8lDvCp5mTfl0pcy7mlGEWjVmfR3MB1ohGwkZLeq3H_KrCyhn_FJ-DRPiE4oIaO8oSsFOhRocND4RDlliOIRK_B1XRmw1YpJFBRpn04N2ytnJrxCJ4cZeTEa4QCYkKaJHPqWkN_qvdgxywkwELLB5Tb1sgdKcq3Kh77uHWl7AfZF9iE1L-kgg4hT5KaJSp4qEYz-nbb4TqmrsnZiPbjnzSFrOGZ778OpDWnXhbb5VcXk9ZjejEdBtoqnIJ_vubEWTw-ZeMI4fCmNuiZ4HnY130VKfnU2f19GSNYaeL7GX7bVQWVS_H01mbll6_GUe.g7la6rSFevvuUrEoqVb41SQB1dk4JuTkrl8zwE0fzG4

After decrypting the JWE token, the resultant payload contains a JWS token that looks like this:

eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImNmN2Y5YzQzLWExZWEtNDdjNi04OWJkLWJjMjgzZjc3ZTc0OSJ9.eyJ1aW5maW4iOnsibGFzdHVwZGF0ZWQiOiIyMDIzLTAzLTIzIiwic291cmNlIjoiMSIsImNsYXNzaWZpY2F0aW9uIjoiQyIsInZhbHVlIjoiUzkwMDAwMDFCIn0sIm5hbWUiOnsibGFzdHVwZGF0ZWQiOiIyMDIzLTAzLTIzIiwic291cmNlIjoiMSIsImNsYXNzaWZpY2F0aW9uIjoiQyIsInZhbHVlIjoiVEVTVCBVU0VSIn0sInN1YiI6InM9UzkwMDAwMDFCLHU9ZDQ1ZDhmMjEtNjE3OC00NzEzLWI5NjItODYzNWVkMmE5NDVhIiwiaXNzIjoiaHR0cHM6Ly9zdGctaWQuc2luZ3Bhc3MuZ292LnNnIiwiYXVkIjoiYmFiMDNkNDA0ZWJkZjQyOTMwZTk0Y2YyMjBhZDI2Y2QifQ.7qz0_cv4easPMNWhk6Pa2lEsu4PlECVpk_tJRvjFmD8-aAGNCw7na4zhA_KCWhd8n28WFCwZtegzfbGdYU43pw

Where the payload (if the following scopes: name, email, and mobileno were requested) is:

{
    "name": {
        "value": "TAN XIAO HUI",
        "classification": "C",
        "source": "1",
        "lastupdated": "2019-03-26"
    },
    "email": {
        "value": "test@gmail.com",
        "classification": "C",
        "source": "1",
        "lastupdated": "2019-03-26"
    },
    "mobileno": {
        "prefix": {
            "value": "+"
        },
        "areacode": {
            "value": "65"
        },
        "nbr": {
            "value": "66132665"
        },
        "classification": "C",
        "source": "1",
        "lastupdated": "2019-03-26"
    },
    "sub": "s=S3000470A,u=499bb4c4-7462-0716-41ac-71fcb021a548",
    "iss": "https: //stg-id.singpass.gov.sg",
    "aud": "https: //stg-id.singpass.gov.sg/userinfo"
}

PreviousRequesting UserinfoNext.well-known Endpoints

Last updated