TL;DR: Your existing URLs used to integrate with Corppass will not be blocked from 1 Jun 2024 onwards even if it contains the words 'singpass', 'corppass' or 'myinfo'.
As part of our ongoing effort to fight the scam and educate the public, we will no longer allow new URLs to be registered if it contains the words 'singpass', 'corppass' or 'myinfo'.
We are requesting partners with existing URLs to remove the words 'singpass', 'corppass' or 'myinfo' which can be done even after 1 Jun 2024.
If you are handling the transition after 1 Jun 2024, we recommend the following approaches:
- Register your new callback URLs through by submitting a Service Request. Test with your new callback URL. Once tested and working, proceed to request for removal through the same service request channel.
- Create a new JWKS URL which contains the same key as your existing JWKS URL. Continue with your internal testing to utilise the same keys from the new JWKS URL and proceed to request for update to the new JWKS URL once the testing is complete.
Comments
0 comments
Please sign in to leave a comment.