Centre for Digital Public Infrastructure
english
english
  • THE DPI WIKI
    • πŸŽ‰About the DPI Wiki
    • πŸ”†What is DPI?
    • ✨DPI Overview
    • πŸ“DPI Tech Architecture Principles
      • πŸ”—Interoperability
      • 🧱Minimalist & Reusable Building Blocks
      • πŸ’‘Diverse, Inclusive Innovation
      • πŸ’ Federated & Decentralised by Design
      • πŸ”Security & Privacy By Design
    • 🎯DPI Implementation & Execution Guidance
    • πŸ†šDPG and DPI
    • ❓What DPI can I build?
    • πŸ₯‡First use case for DPI
    • πŸ“˜Inputs for designing a DPI informed digital transformation strategy
    • πŸ’°How much does it cost to build DPI?
    • πŸ“’Is my system a DPI?
      • TL; DR - Is my system a DPI?
  • Mythbusters and FAQs
    • πŸ”―DPI and Mandating Adoption
    • πŸ”―DPI and Private Competition
    • πŸ”―DPI and Privacy / Security
    • πŸ”―DPI and the Digital Divide
  • Technical Notes
    • πŸ†”Identifiers & Registries
      • Digital ID
        • Capabilities on ID system
        • ID-Auth
        • Face Authentication
        • eKYC/ Identity profile sharing
        • Single Sign On (SSO)
        • QR Code for Offline ID
    • πŸ“‚Data Sharing, Credentials and Models
      • A primer to personal data sharing
      • Data standards
      • Verifiable Credentials
      • Building Data Analytics Pipelines
      • eLockers
      • Non-personal Anonymised Datasets
    • πŸ”Trust Infra
      • Digital Signatures and PKI
      • eConsent
      • eSign
    • πŸ›’Discovery & Fulfilment
      • Platforms to Protocols
    • πŸ’ΈPayments
      • Financial Address
      • Interoperable QR Code
      • Interoperable Authentication
      • Interoperable Bill Payments
      • Cash in Cash Out (CICO)
      • Financial Address Mapper (G2P Connect)
      • G2P Payments
  • Initiatives
    • 🌐DPI advisory
    • πŸš€DPI as a Packaged Solution (DaaS)
      • πŸ’‘Why do we need DaaS?
      • 🎯DaaS in a nutshell
      • πŸ“¦Pre-packaged DaaS kits
      • ♻️Reusable DaaS Artefacts
      • 3️⃣A 3-step process from idea to implementation!
      • πŸ“ˆFunded DaaS Program overview
      • πŸ‘©β€πŸ’»Cohort 1: DaaS Offerings
        • Digital authentication
        • Digital credentials
        • ID Account Mapper
      • πŸ–₯️Co-create with us!
      • πŸ’¬Upcoming DaaS cohorts
        • Functional Registries
        • AI Assistant
      • ❓FAQs on DaaS
        • Country x DPG MOU /LoI FAQs
        • Ecosystem Participation Terms FAQs
    • πŸ“‘DPI Residents Program
    • βš–οΈDPI for Child Rights
    • πŸ’ΈG2P Connect
    • πŸ“¨User Centric Credentialing & Personal Data Sharing
    • βš•οΈDPI for Health
    • DPI for Taxation
    • 🌍Agri Connect (forthcoming)
  • References
    • Glossary
    • Curated Specifications
  • Additional Info
    • 🀝Licensing
    • ✍️Contact Us
Powered by GitBook
On this page
Export as PDF
  1. Technical Notes
  2. Identifiers & Registries
  3. Digital ID

Single Sign On (SSO)

Most governments offer a variety of services to their citizens. It is costly and redundant to have each service provider maintain a separate list of authenticated users and their passwords.

Single sign-on is an authentication scheme that can be integrated into multiple applications to allows a user to access services. It enables an user to log in with a single ID to any of several related, yet independent, software systems.

Having a digital ID-based SSO will drastically simplify the service delivery while reducing the dependence on 3rd party SSO providers. End users can identify themselves in order to avail of online services and also share their profile information.

ID-based SSO can be connected to any ID that provides a mechanism to authenticate the users.

How does this work?

  1. The user visits the service provider and chooses to login with ID-based SSO option

  2. The user has to authenticate their identity via any of the provided modes.

  3. Upon authentication, the user’s explicit consent is sought to share profile data fields.

  4. The service provider can authenticate a user’s identity against data stored on any identity system via SSO.

Any ID-based SSO should provide multiple modes of user authentication including OTP-based, biometrics or even wallet-linked authentication.

Benefits of SSO:

  1. By providing as a secure, efficient log-in mechanism, ID-based SSO increases the ease of doing business for individuals and businesses, Along with increasing digital economic activity, this also presents a potential revenue stream for the governemnt.

  2. This can be used for consented data sharing of ID profile fields or for eKYC needs of different applications. An application’s authentication request can also ask for details needed for profile setup or eKYC compliance, which can be shared upon explicitly receiving user consent.

References:

  1. https://docs.mosip.io/1.2.0/integrations/e-signet

PreviouseKYC/ Identity profile sharingNextQR Code for Offline ID

Last updated 1 year ago

πŸ†”