Digital Identity Verification

Getting Started

To get started with an integration you’ll need to do the following.

  • Sign up for an ID.me developer account.
  • Register one organization for your company.
  • Register an application for each website property that will need access to Digital Identity Verification data.
  • Contact partnersupport@id.me to enable the appropriate policies associated with verification and set up UAT/sandbox integrations.
  • Place our ‘Verify with ID.me’ button on your site to allow users to begin authentication and verification.
  • Once users complete verification at ID.me, the partner sends a request to ID.me’s API to retrieve user attributes.

By default, your application will be set up for OAuth. Upon registration, you will immediately have access to the application details page which will list the client_id and client_secret for your OAuth client.


Leveraging the ID.me IDP SAML service will vary depending on the product that is used to implement the federation relationship. Currently, we do not support creating SAML SP profiles automatically through the portal, please contact partnersupport@id.me for assistance in the process.


SAML Metadata

Once an account is created, SAML metadata (along with keys) must be exchanged to ensure proper configuration of the endpoints.


A copy of the current, full metadata is always available at https://api.id.me/saml/metadata/provider


Sandbox environment metadata can be found at https://api.idmelabs.com/saml/metadata/provider

Note that preserving formatting and whitespace is important when importing any XML metadata.

The metadata document describes the IDP to a SP, including the following elements:

  • The endpoint addresses for communication
  • The X.509 certificates being used to sign and encrypt SAML assertions
  • The SAML bindings supported by the service provider

SAML Bindings

The ID.me IDP SAML service supports HTTP POST and HTTP Redirect bindings.

Name Identifier

The ID.me IDP SAML service supports the following NameID formats:

urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
urn:oasis:names:tc:SAML:2.0:nameid-format:persistent

Authentication Context

The ID.me IDP SAML service supports invoking different authentication and verification policies on a per-application or per-request basis. The policy name is required to be passed along within the element. For more information about available policies and support for setting these up, please contact partnersupport@id.me

Waves