EIC Identity Services

In line with the Singapore Government’s National Digital Identity (NDI), Ecquaria Integration Centre (EIC) comes with a suite of products built for identity management in government systems. It includes Singpass/Corppass (SP/CP) SAML 2.0, Singpass/Corppass OIDC RP, Myinfo, Government Active Directory (GovAD), Document Signing.

One Management Console, Many Identity Add-Ons (E.g. Singpass OIDC, WOG ADFS)

With a single management console installed, agencies can simply add on identity management features required such as Azure Active Directory (Azure AD), Whole-of-Government (WOG) ADFS, Myinfo, Government Enterprise Data Hub (GovEDH), Digital Signing and future government-related identity services.

EIC products are designed to be multi-tenanted and can be deployed as a common service with a single Management Console managing multiple tenant profiles secured with Role-Based Access Control (RBAC).

The cloud-native product is deployable in all Singapore Government environments and supports Linux, Docker Swarm, Kubernetes, and Windows for all. EIC also supports all 3 cloud service providers under the Government Commercial Cloud (GCC) and their relevant container services:

1. Amazon Web Services (AWS): Elastic Kubernetes Service (EKS) on Fargate and EC2, Elastic Container Service (ECS) on Fargate and EC2

2. Azure: Azure Kubernetes Service (AKS)

3. Google Cloud Platform (GCP): Google Kubernetes Engine (GKE)

Fast and Simple Integration with Singpass/Corppass OIDC

EIC is a multi-tenanted solution that can be deployed as an agency-wide common service. With the management console deployed as the agency’s common infrastructure, each government application can onboard Singpass OIDC in as fast as 2 weeks.

Supports Various Singpass OIDC Deployment Scenarios

We understand that with technology, there is no one-size-fits-all approach. EIC supports multiple SP/CP deployments scenarios, be it single project deployment, agency-wide common service or sharing of digital service IDs.

Single Project Integration with Singpass OIDC

EIC OIDC wraps the underlying complexities of encryption, digital signature and certificate exchange into a simple REST call.

Agency-Wide Singpass OIDC Common Service

With EIC OIDC installed in the common integration tier, all applications within the agency can leverage the common service and be onboarded in as fast as 2 weeks.

Sharing of Singpass OIDC Digital Service ID

EIC OIDC supports the scenario where more than one application shares a single SP/CP Digital Service ID. The EIC proxy redirects the request back to the original application.

Cloud-Native Solution for All Your Singpass OIDC Needs

EIC OIDC is a cloud-native solution that is deployable in all Singapore Government environments.

For the Government Commercial Cloud (GCC), EIC supports all 3 Clouds under the Government Commercial Cloud (GCC): Amazon Web Services (AWS), Azure and Google Cloud Platform (GCP) and their relevant container services. 

1. AWS: Elastic Kubernetes Service (EKS) on Fargate and EC2, Elastic Container Service (ECS) on Fargate and EC2

2. Azure: Azure Kubernetes Service (AKS)

3. GCP: Google Kubernetes Engine (GKE)

Linux, Docker Swarm, Kubernetes, and Windows are supported for all environments, be it GCC, Government Private Cloud (GCP), Government Data Centre (GDC) or individual agency’s data centres.

Additional EIC OIDC Features

  • Automated Certificate Rotation

  • Singpass/Corppass Mock Server for Integration Testing

  • Separate Management Console

  • Transaction Logging for Audit Trail

  • Audit Log

  • Central Log

Seamless Integration with WOG AD

EIC GovAD integrates with the various Whole-Of-Government Active Directory (WOG AD) authentication options such as WOG Active Directory Federation Services (WOG ADFS) and Azure Active Directory (Azure AD). EIC GovAD provides the authentication options in a form of RESTful APIs, requiring minimal changes or implementation of complex authentication frameworks on the existing web application.

All intranet applications can leverage the government user accounts centrally managed at WOG AD. All staffing details and changes are effected in a single place regardless of the authentication option.

In the News

Resources

Ecquaria Integration Centre Brochure

DOWNLOAD

EIC SingPass OIDC RP Brochure

DOWNLOAD