Token Endpoint

Endpoint to obtain an ID token and access token. The ID token is a signed JWT that contains user information in the sub claim, and is signed by Singpass ASP. RPs will be able to verify the ID token’s JWT signature with our JWKS endpoint. RPs are expected to validate the ID token as per OpenID connect specs.

For the OIDC authentication flow, only the following grant(s) is supported:

• authorization_code (see the Authentication using the Authorization Code Flow in the OpenID connect specs for more details)

In the below sections, we are going to describe the API contract.

• Authorization Code Grant

• Client JWK Requirements