Digital Identity Guidelines [including updates as of 12-01-2017]

Published: December 01, 2017


Paul A. Grassi, James L. Fenton, Michael E. Garcia


These guidelines provide technical requirements for federal agencies implementing digital identity services and are not intended to constrain the development or use of standards outside of this purpose. The guidelines cover identity proofing and authentication of users (such as employees, contractors, or private individuals) interacting with government IT systems over open networks. They define technical requirements in each of the areas of identity proofing, registration, authenticators, management processes, authentication protocols, federation, and related assertions. This publication supersedes NIST Special Publication 800-63-2. [Supersedes SP 800-63-3(June 2017):]
Citation: Special Publication (NIST SP) - 800-63-3
Report Number:
Pub Type: NIST Pubs



authentication, authentication assurance, authenticator, assertions, credential service provider, digital authentication, digital credentials, identity proofing, federation, passwords, PKI
Created December 01, 2017, Updated November 10, 2018