Account And Consent¶
This page is for end users signing in with SigID.
Your SigID account¶
Your SigID account can be reused across tenant applications. Each tenant sees a tenant-local profile and subject, not your full global account by default.
This separation helps prevent unrelated applications from correlating your identity unless you choose to share information through consent or an organization workflow.
Sign-in methods¶
Depending on the tenant application, you may be able to sign in with email and password, passkey, magic link, OTP, social login, enterprise SSO, SIWE wallet login, or anonymous access. For all supported methods, see Product Reference.
Use a passkey when available. Passkeys are phishing-resistant and reduce the risk of password reuse.
Connected apps and consent¶
When an application requests access, SigID shows what it wants to know or do. You can approve or deny the request. If the application later asks for more access, SigID asks again.
Examples of consented data:
| Data | Meaning |
|---|---|
| Email address | The app can identify or contact you |
| Profile fields | The app can display or personalize your profile |
| Organization membership | The app can use your organization context |
| Wallet availability | The app can know whether wallet capabilities are available |
| Delegated access | An agent or service can act with limited authority |
Consent is specific to the application, tenant, scopes, and requested data. A different application may ask for different access.
Agents acting for you¶
Some applications may ask you to let an AI agent or automation act for you. SigID should show what the agent is allowed to do and for how long.
Before approving delegated access, check:
- which application or tenant is requesting access
- which agent will act
- what actions it can perform
- whether it can use third-party tools
- whether it can access wallet or payment capabilities
- how to revoke the access later
Decline the request if the wording is unclear or broader than the task you are trying to complete.
Manage connected tenants¶
Use the identity portal to review applications and tenants connected to your account. Remove connections you no longer use.
Review:
- active applications
- granted scopes
- delegated agent access
- linked social or enterprise accounts
- wallet connections
- third-party tool connections
Removing a connection can stop future access, but an application may retain data it already received according to its own policy and legal obligations.
Sessions¶
You can review active sessions and sign out sessions you do not recognize. Tenants may require fresh login or MFA for sensitive actions.
Sign out sessions when:
- you lose a device
- you used a shared computer
- you see a location, browser, or device you do not recognize
- an organization asks you to rotate access after an incident
Account security¶
Recommended account setup:
- Add a passkey.
- Enable MFA if available.
- Keep recovery email and phone information current.
- Save backup codes in a secure place.
- Review connected applications periodically.
- Remove old sessions and unused tenant connections.
Recovery¶
Keep recovery email, phone, passkeys, and MFA backup options current. If you use enterprise SSO, your organization's identity provider may control some recovery steps.
If you cannot sign in:
- Try another configured sign-in method.
- Use account recovery if available.
- Contact the tenant application's support team if the issue is tenant access.
- Contact your organization administrator if SSO is required.
- Contact SigID account support if the issue affects your global account.
Privacy expectations¶
Tenants should receive only the data needed for their application. Your global SigID account can support many tenant relationships without exposing every relationship to every tenant.
You remain responsible for reviewing consent screens and connected applications, especially when a request includes delegated access, wallet capabilities, or third-party tool connections.