Authentication Context Parameters
New parameters have been introduced in the authorization flow to help contextualize each authorization request.
These parameters are not part of the standard OpenID Connect (OIDC) specification and are specific to the Corppass Login.
authentication_context_type
Yes
A value from a predefined list describing the type of transaction for which the user is authenticating. This context is used by Corppass for risk assessment and anti-fraud monitoring.
Validation:
Must be one of the supported types configured for your specific client application.
Values not allow-listed for your client ID will be rejected.
This parameter is applicable only for Corppass Login application. If provided for Myinfo Business application, the request will be rejected.
The list of supported values is provided below.
authentication_context_message
No
Optional. A string providing context on the purpose of the authentication request.
Validation:
Must contain only alphanumeric characters and spaces
Maximum length of 100 characters.
This parameter is applicable only for Corppass Login application. If provided for Myinfo Business application, the request will be rejected.
Supported authentication_context_type values
Currently, Corppass only supports one possible value:
General authentication
APP_AUTHENTICATION_DEFAULT
Additional values may be added in the future as new use cases arise.
Guidance on authentication_context_type usage
authentication_context_type usageIf none of the predefined use cases above accurately describe your transaction, use the default value
APP_AUTHENTICATION_DEFAULTfor the general authentication use case.For general authentication to an e-service that performs a variety of actions, use the default value:
APP_AUTHENTICATION_DEFAULT. This is expected to cover the majority of e-services.For more sensitive or transaction-specific actions that require step-up verification, a more specific
authentication_context_typeshould be used.
Last updated