Scopes

Scopes define what access a client is requesting from the user. In the context of Corppass, scopes determine the types of identity and entity information that are included in the issued tokens.

When initiating an OpenID Connect flow, clients must include the appropriate scope parameter in the authorization request.

Usage

Example

https://id.corppass.gov.sg/mga/sps/oauth/oauth20/authorize
?client_id=example_client
&response_type=code
&scope=openid authinfo business_profile.email
&redirect_uri=https://example.com/callback
&state=xyz123
&nonce=abc456

When requesting scopes in the authorization URL, include them as a space-separated list in the scope parameter

Supported Scopes

Login

Scope
Claim
Data Field
Data Source

openid

(Required for ALL requests)

  • sub

  • userInfo

  • entityInfo

  • amr

  • nonce

  • aud

  • exp

  • iat

  • iss

OpenID Connect flow

Corppass

business_profile.email

  • email

  • email_verified

User's email address that is tied to their Corppass profile

Corppass

person_profile.uinfin

  • uinfin

User's unique identification number (e.g. NRIC) that is tied to their Corppass profile

Corppass

Authorization Info

Scope
Claim
Data Field
Data Source

authinfo

  • AuthInfo

User Authorization Information

Corppass

tpauthinfo

  • TPAuthInfo

User Third-Party Authorization Information

Corppass

Last updated