login.gov user accounts are either proofed (IAL2) or self-asserted (IAL1), corresponding to NIST 800-63-3 Identity Assurance Level (IAL).
Here are the possible attributes that can be requested at a given IAL. This table contains the available user attributes, the IAL they are associated with, and how they can be accessed in OpenID Connect and SAML.
Attribute | IAL1 | IAL2 | OpenID Connect | SAML |
---|---|---|---|---|
UUID |
|
|
|
|
Email |
|
|
Requires the |
|
First name |
|
Requires |
|
|
Last name |
|
Requires |
|
|
Address |
|
The address claim, containing |
|
|
Phone |
|
Requires the |
|
|
Date of birth |
|
Requires |
|
|
Social security number |
|
Requires the |
|
|
Verification timestamp |
|
|
Seconds since the Unix Epoc Requires the |
|
x509 |
|
|
Requires the |
n/a |
x509 Subject |
|
|
Requires the |
|
x509 Presented |
|
|
Requires the |
|