To get started with an integration you’ll need to do the following.
By default, your application will be set up for OAuth. Upon registration, you will immediately have access to the application details page which will list the client_id and client_secret for your OAuth client.
Leveraging the ID.me IDP SAML service will vary depending on the product that is used to implement the federation relationship. Currently, we do not support creating SAML SP profiles automatically through the portal, please contact partnersupport@id.me for assistance in the process.
Once an account is created, SAML metadata (along with keys) must be exchanged to ensure proper configuration of the endpoints.
A copy of the current, full metadata is always available at https://api.id.me/saml/metadata/provider
Sandbox environment metadata can be found at https://api.idmelabs.com/saml/metadata/provider
The metadata document describes the IDP to a SP, including the following elements:
The ID.me IDP SAML service supports HTTP POST and HTTP Redirect bindings.
The ID.me IDP SAML service supports the following NameID formats:
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
The ID.me IDP SAML service supports invoking different authentication and verification policies on a per-application or per-request basis. The policy name is required to be passed along within the