Skip to content

Commit

Permalink
Update overview.md (#518)
Browse files Browse the repository at this point in the history
Remove reference to IAL2 noncompliance

Co-authored-by: karenstrother <[email protected]>
  • Loading branch information
mitchellhenke and karenstrother authored Nov 18, 2024
1 parent 871e799 commit e051ace
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion _pages/overview.md
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ Login.gov is a FedRAMP moderate approved multifactor authentication and identity
</figure>

* Once you have successfully integrated your application with the Login.gov environment, users start at your application and are redirected back to Login.gov via [OpenID Connect (OIDC)]({{ site.baseurl }}/oidc/) or [SAML]({{ site.baseurl }}/saml/) protocols.
* The attributes you pass into your application request will determine if the request will be processed at Identity Assurance Level 1 (IAL1) or as an identity proofed account. Identity proofed accounts require the user to complete additional steps to verify their identity in addition to the Multifactor Authentication (MFA). Login.gov continues to work toward achieving certification of compliance with [NIST’s IAL2](https://pages.nist.gov/800-63-3-Implementation-Resources/63A/ial2remote/){:class="usa-link--external"} standard from a third-party assessment organization.
* The attributes you pass into your application request will determine if the request will be processed at Identity Assurance Level 1 (IAL1) or as an identity proofed account. Identity proofed accounts require the user to complete additional steps to verify their identity in addition to the Multifactor Authentication (MFA).
* New users will create an account corresponding to the identity assurance level requested. Returning users will present their existing Login.gov credentials to authenticate with Login.gov. A new user to your application will consent to their information being shared with your application upon creating an account.
* Upon successful completion of the account creation and authentication, users will be redirected back to your application with the [user attributes]({{ '/attributes/' | prepend: site.baseurl }}) that correspond to their user level.
* With the attributes provided by Login.gov, your application will handle authorization of the user and assign roles and permissions.
Expand Down

0 comments on commit e051ace

Please sign in to comment.