Digital Identity Guidelines: Authentication and Lifecycle Management [including updates as of 12- 01-2017]

Published: December 01, 2017


Paul A. Grassi, Ray A. Perlner, Elaine M. Newton, Andrew R. Regenscheid, William E. Burr, Justin P. Richer, Naomi B. Lefkovitz, Jamie M. Danker, Mary F. Theofanos


These guidelines provide technical requirements for federal agencies implementing digital identity services and are not intended to constrain the development or use of standards outside of this purpose. These guidelines focus on the authentication of subjects interacting with government systems over open networks, establishing that a given claimant is a subscriber who has been previously authenticated. The result of the authentication process may be used locally by the system performing the authentication or may be asserted elsewhere in a federated identity system. This document defines technical requirements for each of the three authenticator assurance levels. This publication supersedes corresponding sections of NIST Special Publication (SP) 800-63-2. [Supersedes SP 800-63B (June 2017): management]
Citation: Special Publication (NIST SP) - 800-63B
Report Number:
Pub Type: NIST Pubs



authentication, credential service provider, digital authentication, digital credentials, electronic authentication, electronic credentials, federation
Created December 01, 2017, Updated November 10, 2018