Developer Docs
sgID v2
sgID v2
  • Introduction
    • Overview
    • Getting Started
      • Register Your Application
      • Integrating With sgID
  • Integrations with sgID
    • TypeScript / JavaScript
      • Framework Guides
        • Express (with Single-Page App frontend)
        • Next.js (client-side rendering)
        • Next.js (server-side rendering)
      • API Reference
    • Python
      • Framework Guides
        • Flask (with Single-Page App frontend)
      • API Reference
    • Custom Integration
    • API Documentation
    • Troubleshooting
  • Learn the basics
    • Protocols
      • OAuth 2.0 and OpenID Connect
      • sgID
        • White Paper
    • Integration Patterns
      • Web Server and SSR Frontend
      • Backend for Single-Page App (SPA) Frontend (BFF)
  • Important Updates
    • User Migrations
      • TypeScript SDK v2.0 Major Release
  • Data Catalog
  • FAQ (Developers)
  • FAQ (Users)
  • Contact
Powered by GitBook
On this page
  • General
  • Compliance
  • Privacy & Security
  • Technical
Export as PDF

FAQ (Developers)

Frequently asked questions

PreviousData CatalogNextFAQ (Users)

Last updated 2 months ago

If you have any questions that aren't answered here, please contact us at this !

General

Is sgID a government product?

Yes, sgID is run by , a GovTech subsidiary.

How is sgID different from Singpass?

sgID exists as a module in the Singpass mobile app. sgID login uses a different protocol from the usual Singpass login. The sgID protocol is end-to-end encrypted which means that the government cannot see which businesses or government agencies you're communicating with, and what data you're sending to them.

Head to learn more about the sgID protocol!

What are the data fields that are available via sgID?

You can see a full detailed list of data fields that are currently available via sgID in our .

We are in the process of adding more data fields to sgID, so please let us know if there are any particular data fields that you would like to see in sgID via this !

Where does sgID get its data from?

sgID gets its data from , a government-verified data source on Singapore residents.

sgID will also support third-party data sources in the future, so if there is a data source which you would like to access, please let us know via this !

Does sgID support username and password login?

sgID does not support username-password logins.

To login with sgID, you will need:

  1. A Singpass account

  2. The Singpass mobile app installed on your mobile device

Compliance

Is sgID compliant with PDPA (Personal Data Protection Act 2012)?

Yes. The PDPA requires businesses to be compliant with clauses by 1 September 2019, surrounding consent obligation, purpose limitation obligation, and notification obligation, all of which are built into sgID.

Privacy & Security

What privacy and security measures do sgID provide?

sgID employs end-to-end encryption, and does not store any of your data that passes through our servers. Even in the case of a data breach, your data will never be compromised because it remains safely on your phone, in your control.

Technical

How can I access user data in plaintext?

The user data that sgID clients receive are encrypted with a block key, which is in turn encrypted with the public key associated with that client.

To access the data in plaintext, clients will need to:

  1. Decrypt the encrypted block key with their own private key to receive the block key

  2. Use the block key to decrypt the encrypted user data

Can I register more than one redirect URI for my client?

Yes, you can register up to 5 redirect URIs for each client.

You can add new redirect URIs at any time in the developer portal.

Please visit the for more information on the legislation, guidelines, exemption, and enforcement of the PDPA.

You can learn more about how to do this in the section on .

form
Open Government Products
here
Data Catalog
contact form
MyInfo
contact form
PDPC site
Custom Integration
decrypting the userinfo payload