Authentication Context Parameters
New parameters have been introduced in the authorization flow to help contextualize each authorization request.
These parameters are not part of any standard OIDC specification and are specific to Corppass.
authentication_context_type
Yes
A value from a predefined list describing the type of transaction for which the user is authenticating. This context is used by Corppass for risk assessment and anti-fraud monitoring.
Validation:
Must be one of the supported types configured for your specific client application.
Values not allow-listed for your client ID will be rejected.
The list of supported values is provided below.
authentication_context_message
No
Optional. A string providing context on the purpose of the authentication request.
Note on usage: While currently optional, this value is slated for future enhancements where it will be displayed directly to the user during login. It is strongly advised to provide a clear, user-comprehensible message.
Validation:
Must contain only alphanumeric characters and spaces
Maximum length of 100 characters.
Supported authentication_context_type values
Currently, Corppass only supports one possible value:
General authentication
APP_AUTHENTICATION_DEFAULT
Additional values may be added in the future as new use cases arise.
Guidance on authentication_context_type usage
authentication_context_type usageIf none of the predefined use cases above accurately describe your transaction, use the default value
APP_AUTHENTICATION_DEFAULTfor the general authentication use case.For general authentication to an e-service that performs a variety of actions, use the default value:
APP_AUTHENTICATION_DEFAULT. This is expected to cover the majority of e-services.For more sensitive or transaction-specific actions that require step-up verification, a more specific
authentication_context_typeshould be used.
Last updated