Choose the level of identity confidence for your service
Using identity proving functionality is optional. If your service needs identity proving, you’ll need to choose the level of identity confidence your service needs.
You may need different levels of identity confidence at different points in your user journey. You can set the level of identity confidence your service needs for each request you make to GOV.UK One Login. Find out when and why to check someone’s identity in the guidance about how to prove and verify someone’s identity, also known as ‘GPG 45’.
GOV.UK One Login uses ‘Vectors of Trust’. Your service can use Vectors of Trust to request the right level of identity confidence for your users to gain access to the relevant parts of your service. You’ll include your vector in the query string as part of the request to the /authorize endpoint you make when you integrate with Authorization Code Flow.
| Levels of identity confidence | Vector value | Description of the levels of identity confidence |
|---|---|---|
| No identity confidence | P0 |
By default, GOV.UK One Login will not return a level of identity confidence. |
| Low identity confidence | P1 |
A basic level of identity confidence, which reduces your service’s risk of accepting impostors or fake identities with fabricated credentials, otherwise known as ‘synthetic identities’. |
| Medium identity confidence | P2 |
A higher level of identity confidence to further reduce your service’s risk of accepting imposters or fake identities with fabricated credentials, otherwise known as ‘synthetic identities’. To request a medium level of identity confidence ( P2), you must have specified Cl.Cm (the medium level of authentication) when you chose the level of authentication for your service. |
Now you’ve chosen your level of identity confidence, you can generate a key pair.