Authentication Context Parameters

New parameters have been introduced in the authorization flow to help contextualize each authorization request.

These parameters are not part of any standard OIDC specification and are specific to Corppass.

Field
Required
Descriptio

authentication_context_type

Yes

A value from a predefined list describing the type of transaction for which your user is performing the authentication. This is used for anti-fraud purposes. The list of supported values is provided below.

authentication_context_message

No

A string value providing context on what users are performing authentication for. This will be displayed to users during authentication.

Supported authentication_context_type values

You should select the value that best matches your use case.

Below is a list of currently supported authentication_context_type values:

CPF transactions
Event
authentication_context_type Value

Change payment mode

CPF_CHANGE_PAYMENT_MODE

Change daily withdrawal limits

CPF_CHANGE_DAILY_WITHDRAWAL_LIMIT

Profile update

CPF_PROFILE_UPDATE

Link to bank account

CPF_LINK_BANK_ACCOUNT

Funds transfer

CPF_FUNDS_TRANSFER

Banking
Event
authentication_context_type Value

CASA opening

BANK_CASA_OPENING

CASA initial usage

BANK_CASA_INITIAL_USAGE

Debit/Credit card application

BANK_CARD_APPLICATION

Debit/Credit card initial usage

BANK_CARD_INITIAL_USAGE

Loan application

BANK_LOAN_APPLICATION

Successful additional of local recipient

BANK_ADD_LOCAL_RECEIPIENT

Successful additional of overseas recipient

BANK_ADD_OVERSEAS_RECIPIENT

Increase transfer limit

BANK_INCREASE_TRANSFER_LIMIT

Report fraud or suspicious activity

BANK_REPORT_FRAUD_SUSPICIOUS_ACTIVITY

Funds transfer

BANK_FUNDS_TRANSFER_LOCAL

Remit money overseas

BANK_REMIT_MONEY_OVERSEAS

Report lost cards

BANK_REPORT_LOST_CARD

Change of notification method

BANK_CHANGE_NOTIFICATION_METHOD

Increase credit card limit

BANK_INCREASE_CREDIT_CARD_LIMIT

Cash advance

BANK_REQUEST_CASH_ADVANCE

Increased inflow and outflow of funds transfer

BANK_INCREASE_INFLOW_OUTFLOW

Activation of a dormant account

BANK_ACTIVATE_DORMANT_ACCOUNT

Login using a new device

BANK_LOGIN_NEW_DEVICE

Login from an unfamiliar IP

BANK_LOGIN_UNFAMILIAR_IP

User information update

BANK_UPDATE_USER_INFORMATION

New device registration

BANK_NEW_DEVICE_REGISTRATION

Unlock money lock

BANK_UNLOCK_MONEY_LOCK

Google Pay / Apple Pay card onboarding

BANK_GOOGLE_PAY_APPLE_PAY_CARD_ONBOARDING

Other Financial Institutions
Event
authentication_context_type Value

Account opening

FI_ACCOUNT_OPENING

Link bank account

FI_LINK_BANK_ACCOUNT

Increase transfer limit

FI_INCREASE_TRANSFER_LIMIT

Increase withdrawal limit

FI_INCREASE_WITHDRAWAL_LIMIT

Initiate deposit

FI_INITIATE_DEPOSIT

Telcos
Event
authentication_context_type Value

SIM card application

TELCO_SIM_CARD_APPLICATION

Activation of SIM card

TELCO_SIM_CARD_ACTIVATION

Change of account details

TELCO_CHANGE_ACCOUNT_DETAILS

Activate roaming

TELCO_ACTIVATE_ROAMING

Change of notification method

TELCO_CHANGE_NOTIFICATION_METHOD

Others
Event
authentication_context_type Value

General authentication

APP_AUTHENTICATION_DEFAULT

Making a payment

APP_PAYMENT_DEFAULT

Password change

APP_ACCOUNT_PASSWORD_CHANGE_DEFAULT

Password reset

APP_ACCOUNT_PASSWORD_RESET_DEFAULT

Account details change

APP_ACCOUNT_DETAILS_CHANGE_DEFAULT

Note:

  • If none of the predefined use cases accurately describe your transaction, use the default value APP_AUTHENTICATION_DEFAULT for the general authentication use case.

  • Additional values may be added in the future as new use cases arise.

Guidance on authentication_context_type usage

  • For general authentication to an e-service that performs a variety of actions, use the default value: APP_AUTHENTICATION_DEFAULT. This is expected to cover the majority of e-services.

  • For more sensitive or transaction-specific actions that require step-up verification, a more specific authentication_context_type should be used.

PreviousAuthorization EndpointNextToken Endpoint

Last updated