Explore our available policy configurations to enable access to the ID.me Digital Wallet, Credential Broker, and Attribute Exchange. You can also review the standard OAuth/OIDC scope values and SAML AuthnContext values used by applications to request specific user data. These policies are designed to simplify and secure your integration process.
Application configurations define how your application behaves, from user experience settings like language and session duration to security controls such as token expiration and authorization rules. Proper configuration is key to delivering a seamless user experience while maintaining performance, security, and compliance.
OAuth 2.0 and OpenID Connect integrations require a configured redirect_uri, which must be passed to the authorization endpoint to initiate the authentication flow
Developers are encouraged to implement localization in their applications, allowing users to complete verification in their preferred language
Streamline experiences by allowing users to opt in to your company’s privacy policy and terms of service during the consent process
Critical for balancing security and user convenience, authorization duration defines how long granted access remains valid
A time-based mechanism that limits how long a token remains valid and reduces the risk of unauthorized access
Session length, or session timeout, defines how long a member’s session remains active after they sign in
Policy configurations are essential for managing your application. They define rules and settings that control user access, security measures, multi-factor authentication options, user attributes, and guidance URLs. Proper policy configurations help you maintain precise control, ensuring both robust security and a smooth user experience.