Search
To date, no legal/regulatory framework of reference has been defined for the use of SPID/CIE by/on behalf of a physical person who is subject to protection or administration support.
To date, SPID can be requested by those who have reached the age of 18. Operational guidelines are currently being issued for the release of SPID to minors and the related methods of use for access to online services.
A public administration must ensure the use of SPID or CIE for the identification and access to services that can be used by non-Italian citizens residing in Italy. Public administrations must guarantee identification and access to services by non-Italian citizens who are not residents in Italy and who have an eIDAS identity. Public administrations may continue to identify and ensure access to services by non-Italian citizens – who may not have a SPID, CIE or eIDAS identity – with different identification and access systems.
No, public administrations that have implemented SPID or CIE for identification and access to services are not obliged to implement CNS as well.
Taking into account the eIDAS Regulation, public administrations may allow access to provided services in a closed system and directed to a specific group of people, identified in advance, with the specifically issued credentials, in case the service is provided exclusively to a defined number of participants, and where the provision (or non-provision) produces immediate effects only on the individual who is part of the defined group.
To date, public administrations are not obliged to exclude the use of systems other than SPID and CIE to allow access to online services by businesses and professionals. Therefore, they may allow access to services provided to employees of third party entities, professionals, business representatives, in the performance of their duties or professional activities, with identification and access systems other than SPID and CIE.
Access to services is possible at any time, on a site or a service app. there is the “Enter with SPID” button. Access to services is safe and secure, also thanks to additional security checks, such as sending a temporary password (the so-called OTP – one time password) during authentication.
The use of SPID for companies is subject to a fee: you can see the costs in the table.
Access to online services takes place through the service provider’s choice of one of three incremental levels of security: level 1, with the user’s SPID credentials (username and password); level 2, with SPID credentials and the generation of a temporary OTP access code (one time password) or the use of an APP accessible through a device, such as a smartphone; level 3, with SPID credentials and the use of additional security solutions or any physical devices (e.g. smart cards) that are provided by the identity manager.
Available online on the GitHub Italy website, you can use it to pre-test your implementation and simulate AgID control, in order to obtain a technically compliant implementation independently and quickly.
Public administrations or private individuals that offer third parties (aggregate subjects) the possibility to make their services accessible through SPID.
Public or private entities that need external support to join the SPID system.
All subjects registered in IPA (the index of digital addresses of Public Administrations), in relation to public services that they are required to provide.
The regulation (EU No. 679/2016) on the protection of individuals with regard to the processing and circulation of personal data.
The eIDAS Regulation (EU N ° 910/2014), relating to electronic identification and trust services for electronic transactions in the internal market, aims to promote cross-border cooperation and interoperability of national electronic identification (eID) systems in order to facilitate the access of citizens and businesses to digital public services in the different Member States.
Registration Authority Officer: the public offices in charge of verifying the personal identity of citizens who want to obtain SPID.
Standard IT Security Assertion Markup Language 2.0 protocol, that allows an application to request or invite a user to authenticate.
A temporary code, valid for making a single access section, generated via SMS, app or physical device. It can be used as the single authentication factor, or in addition to another factor, for example the user’s chosen password.
Spreadsheets in OpenDocument format: a type of file created to provide a free and “universal” alternative to proprietary formats.
The Italian eIDAS node allows the cross-border interoperability of digital identity systems (eID) and the circularity of eIDs in the member states of the European Union, to increase the efficiency of cross-border digital transactions.
Private entities authorized by AgID that, in compliance with the rules issued by the Agency, provide digital identities and manage user authentication.
Individuals who have the power to certify qualifications and personal status, such as Professional Orders and Colleges, Bars, Chambers of Commerce, National Councils, and public administrations.
Public or private entities that make their online services accessible through SPID.
Digital signature for PDF documents.
The computer equivalent of a traditional handwritten signature on paper, to guarantee the identity of the signer and give full legal value to the signed document, ensuring that it has not been altered after signing.
National Service Card (Carta Nazionale dei Servizi). A device (e.g. a Smart Card or a USB key) that contains a “digital certificate” of personal authentication for the consultation of personal data made available by the public administrations directly on the website.
Electronic Identity Card (Carta d’Identità Elettronica). An identification document that can be used to access digital services of the public administrations and private entities.
The platform for free consultation of official information about your company filed at the Chambers of Commerce and other public administrations.
Digital Administration Code (Codice dell’Amministrazione Digitale). A single text that brings together and organizes the rules concerning the digitalization of the Public Administration in relations with citizens and businesses.
The Registry of Italian Resident Abroad (AIRE / L’Anagrafe degli Italiani Residenti all’Estero) contains the data of Italian citizens who reside abroad for a period longer than twelve months. It is managed by the Municipalities on the basis of data and information from the Consular Representations abroad.
AgID (Agency for Digital Italy / Agenzia per l’Italia Digitale) is the technical agency of the Presidency of the Council of Ministers that has the task of guaranteeing the achievement of the objectives of the Italian Digital Agenda.
Aggregators are public entities, for example local public administrations, such as small municipalities, that turn to aggregators to enable SPID service providers, since they do not find it convenient to enable access to their digital services with SPID independently.
The legal head of an organization (company, entity, enterprise, etc.) can apply for and use their digital identity to access online services. For this purpose it is also possible to equip employees with digital identities for the professional use of the legal entity. The issuing of a digital identity for professional use by the legal entity is subject to verification of the applicant’s personal identity and the legitimacy of the request. applicant and the legitimacy of the request by one of the digital identity providers authorized by the Agency for Digital Italy, in compliance with the procedures and controls provided […]
Yes, in the following cases: If it decides to provide new services for which it wants to rely on an Aggregator; If it wants to move one or more services to one or more Aggregators; If it wants to move all of the services to one or more Aggregators; in this case it will have to give up the agreement and its service provider metadata.
Yes, an entity may apply to multiple aggregators for different services. For example, a municipality may entrust the service of enrolling in kindergarten to a certain aggregator and the service of issuing certificates to another aggregator.
The list is available on the AgID institutional website on the Aggregators page.
If you represent a Public Administration that cannot directly join SPID, you can contact aggregators to enable access to their online services through the SPID digital identity. Aggregators of public services are public administrations or private individuals that offer public entities, aggregated by them, the possibility to make their services accessible through SPID.
If you represent a Public Administration (as indicated in SPID Notice n. 28) that wants to enable access to its services through SPID, follow the procedure described on the page Become a service provider. Pay attention to what is described in the two phases: the technical one and the administrative one. After the positive outcome of the testing procedure you will have to sign the agreement with AgID. In addition, you can enable access to services with SPID through an aggregator.
If you don’t find the answers you were looking for and you need support in adapting your systems to SPID, write to spid.tech@spid.gov.it
The services accessible via SPID are indicated on the dedicated page. The spid.gov.it site is updated according to the list of services of service providers and Aggregators. The SPID conventions require that the service provider and aggregators communicate the updated list of services to AgID by filling in a special “ods” file, published on the conventions page to enter the SPID federation.
The “Public Service Providers”, that is all subjects, other than Public Administrations, who need to directly provide Public Administration services online can join SPID by signing an agreement as an Aggregating Entity of public services, or by joining a Public Service Aggregator entity. To this end, these must be registered in the index of digital domiciles of Public Administrations and public service providers (IPA) in one of the remaining types compared to those indicated for Public Administrations.
Aggregators of public services are public administrations or private individuals that offer public entities, their aggregates, the possibility to make their services accessible through SPID. A public administration can become an aggregator or an aggregate subject, while a company can become only an aggregator. The procedure to follow in order to become an aggregator and the list of aggregators are available on AgID institutional website on the page Aggregators.
During the administrative phase you will have to sign the agreement with AgID. Then: fill in and sign the agreement you will receive from AgID with an electronic signature qualified by the administrative contact; send the agreement via PEC to Protocol@pec.agid.gov.it .; when you receive the agreement countersigned by the AgID General Manager, your SPID will be in production. See all the details of the administrative phase.
During the technical phase, check the requirements of your SPID implementation and your metadata. Then: consult the SPID documentation (technical regulations, notices, etc.); implement authentication to services with SPID; verify the accuracy of the metadata and insert the “Log in with SPID” button on the pages of your site; request metadata testing. See all the details of the technical phase.
If you want to make your online services accessible through SPID, with the support of AgID, you can start the procedure to become a service provider. Pay attention to what is described in the two phases: the technical one and the administrative one. Upon successful completion of the testing procedure, you will need to sign the agreement with AgID.
If you can’t find the answers you were looking for and you have a specific complaint to make, send a request to online support for SPID.
If you experience access difficulties related to the authentication level or your SPID digital identity, you should refer to the assistance of the identity provider with whom you activated it. The support contacts of all identity providers are available on the Get assistance from Identity Providers page. If your problem was due to the necessary password renewal, each provider offers a credential recovery procedure. If the problem depends on the provision of the service and not on access with SPID (and access with SPID to other services) you must refer to the assistance service of the administration that provides it.
All contact information of the SPID identity managers is available on the Get assistance from Identity Providers page.
The activation package is a protected file that contains the personal data you provided during the recognition in person, at one of the administrations active and adhering to the public RAO model. You will need to provide it to one of the enabled identity providers to prove your identity and complete the recognition process and obtain SPID.
The Identity Verification Officer – Registration Authority Office RAO – is a Public Administration that can verify in person at its offices your personal identity, to allow you to activate SPID. Discover the already active administrations. Public offices authorized to issue SPID are increasing. You can find the complete list on the page The PAs to obtain SPID.
Yes. Several administrations are enabling their offices to verify your personal identity and allow you to obtain SPID. After the verification you will receive by email a file (called activation package) that you can use online to complete the recognition and obtain SPID, choosing one of the identity providers that have joined the new mode.
Yes, your digital identity can be certified by more than one provider. You can request more than one digital identity – even with different levels of security – with the opportunity to contact different digital identity providers.
Yes, at any time you can cancel the registration procedure initiated with each identity provider without any kind of obligation or consequence. For specific information on the procedure to follow, you can contact the individual identity provider. In any case, you can request your digital identity to another identity provider even without waiting for the cancellation of the previous registration.
Not a problem, it is always possible to recover the credentials. – If you have requested SPID from Aruba follow the recovery procedure here: http://guide.pec.it/spid/recupero-dati/procedure-di-recupero-dati-smarriti.aspx – If you have requested SPID from Infocert follow the recovery procedure here: https://my.infocert.it/selfcare/#/recoveryPin – If you have requested SPID from Namirial follow the recovery procedure here: https://portale.namirialtsp.com/private/user/spid_reset.php – If you have requested SPID from Intesa follow the recovery procedure here: https://spid.intesa.it/area-privata/forgot-password.aspx – If you have requested SPID from Poste follow the recovery procedure here: https://posteid.poste.it/recuperocredenziali.shtml – If you have requested SPID from Register follow the recovery procedure here: (forgotten username) https://spid.register.it/selfcare/recovery/username (forgotten password) https://spid.register.it/selfcare/recovery/password […]
Yes, any entity that fulfils the requirements established by the regulations can apply for accreditation to AgID.
The SPID credentials issued by Aruba PEC SpA, In.Te.S.A. SpA, InfoCert SpA, Lepida ScpA, Namirial SpA, Poste Italiane SpA, Register SpA, Sielte SpA and TI Trust Technologies Srl are the same. You can freely choose the entity that allows you to complete the registration procedure in the easiest way for you: all the information is on the page How to choose between digital identity providers.
At the moment, the project is in the design and definition phase. The Simplification Decree introduces a new delegation management system that in the future will allow a person to grant a proxy (delegating) to another entity (delegate) in possession of a digital identity (SPID or CIE) to access online public services. For example, the system will allow seniors who do not have a digital identity to delegate a family member to access public administration services, such as INPS or the Revenue Agency (Agenzia delle entrate), helping to reduce the digital gap. The proxy may be acquired online or at […]
SPID is strictly personal, therefore for each SPID identity registered to a different person you must use a different mobile number and email address. It is not necessary that the email address and mobile number are in the name of the same person requesting SPID, but for security checks they must represent tools for personal use. Furthermore, there is the possibility to request SPID online and to assist the person to identify themselves through one of the methods made available by the identity providers. You can request more than one digital identity – even with different levels of security – […]
You can contact one of the 9 digital identity providers authorized by the Agency for Digital Italy and available on the page How to activate SPID along with all the information on the different recognition methods. There are various ways to request SPID: – in person at the offices of the digital identity providers; – via webcam with operator made available by the provider or with an audio-video selfie along with the payment by bank transfer (a symbolic amount used only for identity verification); – with an Electronic Identity Card (Carta d’Identità Elettronica/CIE) or an electronic passport, identifying through the […]
You must be in possession of a valid Italian identification document (such as ID card/carta d’identità) and a tax number (codice fiscale), an email address and a personal mobile number. If you have a residence permit (permesso di soggiorno), you can apply for an Italian ID card (carta d’identità) and submit it during the SPID activation phase. On the website of the Revenue Agency (Agenzia per le Entrate) you can check the appropriate procedure for obtaining the tax number.
You must be in possession of a valid Italian identification document (identity card, passport, driving license) and a tax number (codice fiscale), an email address and a personal mobile number. On the website of the Revenue Agency (Agenzia per le Entrate) you can check the appropriate procedure for obtaining the tax number. You can contact one of the digital identity providers authorized by the Agency for Digital Italy. You can find all the activation procedures on the Request SPID page, recognizable by the “EU” or “world” icon and available on the page How to activate SPID along with all the […]
All citizens over 18, in possession of a valid Italian document, can activate SPID by contacting one of the digital identity providers authorized by AgID and choosing between different recognition methods.
The first level allows access to online services through the SPID credentials (username and password). The second level – necessary for services that require a higher degree of security – allows access through SPID credentials and the generation of a temporary OTP (one time password) access code or the use of an app that can be used through a device , such as a smartphone. The third level provides, in addition to the SPID credentials, the use of additional security solutions and any physical devices (e.g. smart cards) that are supplied by the identity provider.
Personal data disclosed to the identity providers won’t be used for commercial purposes. Identity Providers cannot use the user’s personal data or transfer them to third parties without the user’s authorization. At the time of registration, the necessary data to obtain the SPID digital identity will be explicitly distinguished from the information – not mandatory – that the identity provider may possibly request. Your privacy is guaranteed and compliance with the data processing rules is supervised by AgID and the Guarantee for the protection of personal data.
You can freely choose your own username and it can coincide with your email address. You can choose your password too, as long as it meets all the security requirements.
The time required to issue credentials changes according to the identity manager and the chosen recognition methods. You can consult the timing foreseen by each service provider for each of the different recognition methods on the website spid.gov.it.
The use of SPID for citizens is free, but you can activate it by choosing between free or paid methods, described on the page How to choose between digital identity providers. Once obtained, no costs or fees will be required.
To obtain your SPID credentials, you can contact one of the identity managers (called identity providers) accredited by the Agency for Digital Italy (AgID). At the moment there are 9 identity managers: Aruba PEC SpA, In.Te.S.A. SpA, InfoCert SpA, Lepida ScpA, Namirial SpA, Poste Italiane SpA, Register SpA, Sielte SpA and TI Trust Technologies Srl. Each provider offers different ways to request and obtain SPID: choose the one that best suits your needs. For all information on where and how to request your SPID credentials go to the page How to activate SPID.
If your identity document has expired, contact your identity provider to find out the appropriate procedure for updating your data. We also remind you that, following the law n.159 of November 27, 2020, the validity of identity documents expired from January 31, 2020 has been further extended until 30 September 2021. For any problem you can contact the various Identity Providers directly through the assistance services on the site at the Get assistance from Identity Providers page.
To obtain SPID you need a valid Italian identification document (identity card, passport, driving license), social security card (tessera sanitaria/tesserino del codice fiscale) or the tax number (codice fiscale) or the respective attribution certificates, an email address and a personal mobile number. It is not necessary that the email address and mobile phone number are registered in the name of the person requesting SPID, but they must represent strictly personal use tools, also for security checks. Therefore, a different mobile number and email address must be used for each SPID identity registered in the name of a different person. In […]
The Public Digital Identity System (SPID) is a digital identity consisting of a pair of strictly personal credentials (username and password), with which it is possible to access online services of the public administration and private members. Simple, safe and fast, you can use SPID from any device: computer, tablet and smartphone every time you find the “Enter with SPID” button on a site or service app.
The Head of Identity Verification – Registration Authority Office RAO – is the public administration that can verify in person at its offices the citizen’s personal identity, to allow them to activate SPID. At the request of some local public administrations, the AgID has issued the Guidelines for the public RAO model allowing the involved public administrations to carry out this important activity on the territory, typically at public counters. To join the public RAO model it is necessary to follow the procedure indicated on the dedicated page on the AgID website.
The Public Digital Identity System consists of different actors: digital identity provider (or IdP), private entities authorized by AgID for the creation and management of users’ digital identities; service providers (or SP), public or private organizations, which by enabling access to their online services through digital identity allow fast, safe and secure use of services; users (citizens and businesses) who have their own digital identity, certified by one or more managers, to access online services of the Public Administration and private members.