Leave Your SGFinDex Authentication and Authorization Needs
to i-Sprint

Singapore Financial Data Exchange (SGFinDex), developed by the Monetary Authority of Singapore (MAS) and the Smart Nation and Digital Government Group (SNDGG), is the world’s first public infrastructure to use a national digital identity and centrally managed online consent system to enable individuals to access and view information held across different government agencies, financial institutions, The Central Depository (CDP) and Insurers (coming soon).

SGFinDex Efficient and Standardized

Efficient and Standardized

Centralized gateway for efficient data sharing based on common data and API standards.

SGFinDex Secure Infrastructure

Secure Infrastructure

A Singapore government-owned and operated infrastructure that uses National Digital Identity (SingPass) authentication and consent framework.

SGFinDex Consent-driven retrievals

Consent-driven Retrievals

Financial data can be retrieved only through the individual’s explicit consent, whose identity must be verified through SingPass.

SGFinDex Data privacy

Data Privacy

Designed to ensure data protection and privacy of personal financial information. SGFinDex will only transmit but neither store nor read the user’s personal financial data.

SGFinDex Data encryption

Data Encryption

Users’ personal financial data is encrypted when it is retrieved through SGFinDex. Only the financial planning application/website that the user has authorized to receive the data can decrypt it.

Authentication and Authorization Needs of SGFinDex

i-Sprint provides products to help companies that want to implement SGFinDex with the authentication and authorization integration needs. i-Sprint’s AccessMatrix Universal Access Management (UAM) supports OAuth 2.0, OpenID Connect (OIDC), and it stores user granted scope/consent. UAM also provides endpoints to handle or support SGFinDex specific enhancements on top of the standard OAuth 2.0/ OIDC, such as:

  • Provides Access Token in SGFinDex JSON Web Token (JWT) format
  • Provides Token and revocation endpoints to support SGFinDex payload
  • Provides Application Programming Interfaces (APIs) to web service or API Gateway to validate Signature parameter (JWT) and also, to sign and encrypt the response

With i-Sprint expertise, we could help your organization roll out SGFinDex usage in your projects faster and more securely.

If your organizations require more stringent security measures, i-Sprint’s AccessMatrix suite of solutions also support

  • End-To-End-Encryption Authentication (E2EEA) – protecting pins and sensitive data at every stage of the data’s lifecycle
  • Two or Multi-factors Authentication – providing a second layer of authentication to verify user/ access, such as One-time-Password (OTP)


FormCraft - WordPress form builder