GDS is building a single sign-on and identity checking solution for government services as part of the One Login for Government programme. Today our product lets central government services authenticate their users using an email, password and optional two-factor authentication. In the future it will let services do identity checks for their users as well.
At the moment the single sign-on product is known as GOV.UK Sign In and we are looking for live services as private beta partners. Use it when your users have to log in to your service. Use it for long application forms where your users save their progress and return to it later. Use it when your department already has an identity and access management (IDAM) system or customer identity management (CIAM) system like Keycloak, AWS Cognito, Forgerock or Azure b2c.
Best of all, it makes things easier for your users. As we add more services we get closer to our long-term goal of One Login for Government because your users will use the same email and password for all services built with our product.
Play around with the product
The easiest way to understand our authentication product is to play around with it and figure out how it works. If your service is funded by central government it’s easy to get started:
- Sign up to use the product. We’ll have a quick chat to understand your service.
- Send us 3 pieces of information. We’ll ask for a public key and two redirect URLs.
- Integrate using our sandbox. We’ll give you the tech docs and client info you need.
Then it’s over to you and your team. Integrate your service to see how our endpoints work. Send people through the login flow to figure out what data you get back. Plug the login account flow into your prototypes and do user research with your real users!
Once you’ve figured out how it works then you can request to be a private beta partner if you want to use the product as part of your live service. We make private beta partner decisions on a case by case basis.
Shape the future of One Login for Government
One Login for Government is a three year programme. The single sign-on product will have features added throughout these three years. We are at the start of this journey.
In the short term our priority is to expand two-factor authentication to include more authentication methods and allow use of other phone numbers beyond UK mobiles. We are working hard to understand how we can improve the service for users with access needs as well.
After this our service will start to include identity checks, aligned to the Good Practice Guide (GPG) 45 framework that allow services to pick the level of identity assurance they need based on the risks associated with their service.
All of these things will be delivered incrementally and in partnership with government partners so we can both ensure that we're delivering things that are genuinely useful but also so we can benefit from continuous early feedback.
Sign up today and you get a front-row seat for these changes. You’ll see new features as we add them. We’ll invite you to take part in research about the future. The support tickets you raise will lead to product improvements. Our product is built for the needs of service teams and the best way to influence it is to take an active part.