Provisioning Service Use Policy

This use.id Provisioning Service Use Policy (PSUP) is designed (1) to ensure that both the expectations and rights of the end users are fulfilled when he or she creates a use.id account via the app of the Customer and (2) to avoid abuse.

On the one hand, the user has certain expectations when s/he creates an account at an application. Examples of expectations that the User has and the requirements in this document aim to avoid:

  • Expectations regarding where an account is created. One should avoid that the User receives a use.id account via an app without the user knowing that s/he has a use.id account with his/her data in it.
  • Expectations regarding the kind of use.id account that is created. One should avoid that the User receives a non-standard use.id account without the user knowing. For example, the app should not have access to
    resources that the User did not expect, the User has an authorisation agent that s/he did not expect, ...

On the other hand, the User has certain rights when s/he creates an account at an application. For example, according to the GDPR, the user should be informed about who is data controller.

To ensure these expectations and rights are met, the Customer agrees to and implements the requirements in this document in its application that relies on the use.id Provisioning Service.

1. Requirements for creating a Vanilla Personal Account via the use.id Provisioning Service.

When the Customer relies on the Provisioning Service to create Vanilla Personal Accounts, the Customer shall make sure that all of the following conditions are met:

  • The terms and conditions and privacy policy are clearly visible to the User
  • The User is asked to agree with the terms and conditions and privacy policy
  • The name and logo of use.id is clearly visible when the User creates a use.id account
  • The User is able to choose his or her own use.id username or to alter a username that is proposed in a pre-filled field.

2. Requirements for creating a Non-Vanilla Personal Account via the use.id Provisioning Service.

When the Customer relies on the Provisioning Service to create Non-Vanilla Personal Accounts, the Customer shall make sure that all of the following conditions are met:

  • Every condition mentioned in Section 1.
  • Make sure that the User understands in which way the Non-Vanilla Personal Account is different from a Vanilla Personal Account before the User proceeds with creating the account.

3. Email lookup and use of lookup data

When using the Provisioning Service, the Customer has the possibility to look up whether there already exists a WebID that is associated with a certain email address. To ensure that this functionality is not abused, the Customer agrees to all of the following:

  • The Lookup Service may only be used for Users who explicitly intent to sign up and only at the moment when the User intents to sign up. The Lookup Service may not be used for Users who do not clearly intent to sign up or at other moments in time.
  • The data or information that the Customer retrieves from the Lookup Service may only be used for one purpose: to determine whether the user already has a use.id WebID when signing up. The data may not be used for any other purpose.

4. Fair use

The Customer has access to two environments: the actual use.id Production environment and the use.id Sandbox environment. The functionality of the Sandbox environment is identical to the one of the Production environment. The Production environment is designed for production purposes while the Sandbox environment is designed for testing purposes.

The Customer agrees with the following terms regarding the use.id Production and Sandbox environments:

  • On the Production environment, the Customer will, to its best of its abilities, ensure that it only creates use.id accounts for actual people.
  • On the Production and Sandbox environment, the Customer shall not perform excessive requests or do any load-testing.

5. Naming

We don't allow names that use another developer’s or entity's brand, title, logo, or name in a manner that may result in misleading users. Impersonation can occur even if there isn't an intent to deceive, so please be careful when referencing any brands that do not belong to you.

We don't allow names that mimic or interfere with device or Digita product functionality. Examples of prohibited names include:

  • Names intended to mimic system notifications or warnings.
  • Names to pretend to be use.id or Digita

6. Definitions

  • Vanilla Personal Account is a use.id account with the same characteristics of an account that the user would have gotten if the account would have been created using the use.id website.
  • Non-Vanilla Personal Account is a use.id account that has different characteristics than a Vanilla Personal Account.
  • User The person or entity for whom the use.id account is created.
  • Lookup Service The service to check whether there already exists a use.id account for a given email address. If there exists such a use.id account, the service will provide the use.id username that is associated with the email address.