Contact
Department of Internal Affairs
Government Enterprise Architecture
Authentication Standards
The Authentication Standards are being updated. They promote best practice design of authentication components, and consistency in the way identity is validated.
Authentication Standards framework
The original framework was published between 2006-2009 and much of the advice has been superseded. The information listed as ‘current standards, guidance and tools’ in the following table is the best advice that we have available at the moment.
Note:
Several of these standards will be superseded by the new Identification Management Standards.
If you are implementing authentication services you should consult with the GEA team to make sure you are referencing the correct services, documents, NZ and international standards, and cabinet mandates.
Current standards, guidance and tools | Currency | Compliance requirement |
---|---|---|
Evidence of Identity Standard (EOI) | To be superseded by the new Identification management standards. |
Standard This is applicable to all services, regardless of whether or not they are delivered through an online channel. |
Replaced the Government Logon Service and the Identity Verification Service. |
Services that support the Evidence of Identity Standard. Agencies are required to use the RealMe system rather than developing new authentication systems. |
|
New Zealand Security Assertion Messaging Standard v1.0 | Current |
Standard for RealMe integration. For OAuth and OpenIDConnect guidance refer to the Part B of the API standard. |
Replaced: Password Standard The new standards will replace this Password Standard, which is still relevant for organisations not subject to compliance with the New Zealand Information Security Manual. |
Standard | |
To be superseded by the new identification management standards. | Standard | |
To be superseded by the new identification management standards. | Standard | |
New Zealand Government OASIS CIQ Profiles | Current |
New Zealand Government OASIS CIQ Profiles Guidance on representation of customer names, addresses, roles and relationships. For JSON representations of these elements contact GEA@dia.govt.nz |
Related advice
Have your say about this page
Is there something wrong with this page?
Last Updated
Page last updated: