Centre for Digital Public Infrastructure
english
english
  • THE DPI WIKI
    • ๐ŸŽ‰About the DPI Wiki
    • ๐Ÿ”†What is DPI?
    • โœจDPI Overview
    • ๐Ÿ“DPI Tech Architecture Principles
      • ๐Ÿ”—Interoperability
      • ๐ŸงฑMinimalist & Reusable Building Blocks
      • ๐Ÿ’กDiverse, Inclusive Innovation
      • ๐Ÿ’ Federated & Decentralised by Design
      • ๐Ÿ”Security & Privacy By Design
    • ๐ŸŽฏDPI Implementation & Execution Guidance
    • ๐Ÿ†šDPG and DPI
    • โ“What DPI can I build?
    • ๐Ÿฅ‡First use case for DPI
    • ๐Ÿ“˜Inputs for designing a DPI informed digital transformation strategy
    • ๐Ÿ’ฐHow much does it cost to build DPI?
    • ๐Ÿ“ขIs my system a DPI?
      • TL; DR - Is my system a DPI?
  • Mythbusters and FAQs
    • ๐Ÿ”ฏDPI and Mandating Adoption
    • ๐Ÿ”ฏDPI and Private Competition
    • ๐Ÿ”ฏDPI and Privacy / Security
    • ๐Ÿ”ฏDPI and the Digital Divide
  • Technical Notes
    • ๐Ÿ†”Identifiers & Registries
      • Digital ID
        • Capabilities on ID system
        • ID-Auth
        • Face Authentication
        • eKYC/ Identity profile sharing
        • Single Sign On (SSO)
        • QR Code for Offline ID
    • ๐Ÿ“‚Data Sharing, Credentials and Models
      • A primer to personal data sharing
      • Data standards
      • Verifiable Credentials
      • Building Data Analytics Pipelines
      • eLockers
      • Non-personal Anonymised Datasets
    • ๐Ÿ”Trust Infra
      • Digital Signatures and PKI
      • eConsent
      • eSign
    • ๐Ÿ›’Discovery & Fulfilment
      • Platforms to Protocols
    • ๐Ÿ’ธPayments
      • Financial Address
      • Interoperable QR Code
      • Interoperable Authentication
      • Interoperable Bill Payments
      • Cash in Cash Out (CICO)
      • Financial Address Mapper (G2P Connect)
      • G2P Payments
  • Initiatives
    • ๐ŸŒDPI advisory
    • ๐Ÿš€DPI as a Packaged Solution (DaaS)
      • ๐Ÿ’กWhy do we need DaaS?
      • ๐ŸŽฏDaaS in a nutshell
      • ๐Ÿ“ฆPre-packaged DaaS kits
      • โ™ป๏ธReusable DaaS Artefacts
      • 3๏ธโƒฃA 3-step process from idea to implementation!
      • ๐Ÿ“ˆFunded DaaS Program overview
      • ๐Ÿ‘ฉโ€๐Ÿ’ปCohort 1: DaaS Offerings
        • Digital authentication
        • Digital credentials
        • ID Account Mapper
      • ๐Ÿ–ฅ๏ธCo-create with us!
      • ๐Ÿ’ฌUpcoming DaaS cohorts
        • Functional Registries
        • AI Assistant
      • โ“FAQs on DaaS
        • Country x DPG MOU /LoI FAQs
        • Ecosystem Participation Terms FAQs
    • ๐Ÿ“‘DPI Residents Program
    • โš–๏ธDPI-CPA
    • ๐Ÿ’ธG2P Connect
    • ๐Ÿ“จUser Centric Credentialing & Personal Data Sharing
    • โš•๏ธDPI for Health
    • ๐ŸŒAgri Connect (forthcoming)
  • References
    • Glossary
    • Curated Specifications
  • Additional Info
    • ๐ŸคLicensing
    • โœ๏ธContact Us
Powered by GitBook
On this page
Export as PDF
  1. Technical Notes
  2. Identifiers & Registries
  3. Digital ID

Single Sign On (SSO)

PreviouseKYC/ Identity profile sharingNextQR Code for Offline ID

Last updated 1 year ago

Most governments offer a variety of services to their citizens. It is costly and redundant to have each service provider maintain a separate list of authenticated users and their passwords.

Single sign-on is an authentication scheme that can be integrated into multiple applications to allows a user to access services. It enables an user to log in with a single ID to any of several related, yet independent, software systems.

Having a digital ID-based SSO will drastically simplify the service delivery while reducing the dependence on 3rd party SSO providers. End users can identify themselves in order to avail of online services and also share their profile information.

ID-based SSO can be connected to any ID that provides a mechanism to authenticate the users.

How does this work?

  1. The user visits the service provider and chooses to login with ID-based SSO option

  2. The user has to authenticate their identity via any of the provided modes.

  3. Upon authentication, the userโ€™s explicit consent is sought to share profile data fields.

  4. The service provider can authenticate a userโ€™s identity against data stored on any identity system via SSO.

Any ID-based SSO should provide multiple modes of user authentication including OTP-based, biometrics or even wallet-linked authentication.

Benefits of SSO:

  1. By providing as a secure, efficient log-in mechanism, ID-based SSO increases the ease of doing business for individuals and businesses, Along with increasing digital economic activity, this also presents a potential revenue stream for the governemnt.

  2. This can be used for consented data sharing of ID profile fields or for eKYC needs of different applications. An applicationโ€™s authentication request can also ask for details needed for profile setup or eKYC compliance, which can be shared upon explicitly receiving user consent.

References:

๐Ÿ†”
https://docs.mosip.io/1.2.0/integrations/e-signet