Register Your Application
Last updated
Last updated
First off, you will need to register a client on the sgID Developer Portal. This will provide you with the OAuth 2.0 credentials necessary to authenticate your client with sgID, as well as a private key to decrypt user data.
Click the link below to visit the developer portal and start the registration process!
To register your client, you need to:
Before you can register your client, you will have to log in to the sgID Developer Portal using your Singpass mobile app.
To be eligible for Singpass, you must be at least 15 years old and one of the following (i) Singapore Citizen (ii) Permanent Resident (iii) Foreign Identification Number (FIN) Holder If you fulfill these requirements, you can register for Singpass here.
Before you can register your client, you will have to verify your email address (preferably your work email).
Upon login, you will be presented with this view:
Click on the "Register new client" button. When registering a client, you will be prompted to fill in the following details.
You will still be able to edit these fields even after registering your client.
Name
Your client display name. This will be displayed to the end user when they are logging in to your app with the Singpass mobile app.
Description
A brief description of the purpose of your client application. This will be displayed to the end user when they are logging in to your app with the Singpass mobile app.
Scopes
Redirect URLs
The redirect URLs that sgID will be allowed to redirect to after the end user authenticates with the Singpass mobile app. This should be the endpoint of your own application. If you are following along with the Framework Guides, please refer to the respective pages for the redirect URL to register.
Please note that if you are not a public sector employee, you will only have access to two data fields: OpenID and NAME. If you require additional user data fields, please fill out this request form. Any additional data fields that are requested must adhere to our privacy and data protection policies. We will then review your request and get back to you as soon as possible.
After completing registration, your client credentials will be generated. Download these credentials and store them in a safe place. The fields in the credentials are as follows.
id
This is your client ID and it is a unique string that identifies your client.
secret
This is your client secret and it is a 32-character string used for exchanging the authorization code for a token.
scopes
publicKey
The RSA-2048 Public Key used by sgID to encrypt data to be sent to your application
privateKey
The RSA-2048 Private Key that will be used by your application to decrypt received data
The maximum list of that your app will be authorized to access. Please refer to the for the full list of scopes offered by sgID.
The maximum list of that your app is authorized to access.
