Validating identity

To do this, they have to look at a range of evidence and different methods to reach the required level of confidence, so that someone can't easily pretend to be you using just one or two pieces of evidence.

As part of the process of verifying a user's identity, identity providers will ask users to provide evidence that it's really them.

We will be working with other government departments and agencies to expand the range of documents we can allow identity providers to validate.

The ID tokens are in JSON Web Token (JWT) format, the specification for which can be found here: https://org/html/rfc7519.

More information about Okta's ID tokens can be found in the OIDC & OAuth 2.0 API Reference The ID Token is a security token granted by the Open ID Provider that contains information about an End-User.

We will now cover the terms used in this document, and an explanation of why you should use ID tokens.

A high-level overview of Open ID Connect can be found here.

Instead, people will be able to verify their identity entirely digitally.

How the document checking service will work The user will enter their details from their documents in the identity provider’s service.

Open ID Connect (OIDC) is an authentication protocol built on top of OAuth 2.0.

With OAuth 2.0, a user can authenticate with an authorization server and get you an access token that authorizes access to some server resources.

This post is an introduction to the document checking service, part of GOV. If you're interested in the different documents and methods certified companies can use to verify you, you can read more in this post.

----- In previous posts we've explained how identity assurance works; a certified company (also known as an identity provider) will undertake a set of checks to establish to a defined level of confidence that it's really you.

It can be used by your client both for authentication and as a store of information about that user.

Tags: , ,