FAQ – Frequently Asked Questions?

The Public Digital Identity System (SPID) is a digital identity consisting of a pair of strictly personal credentials (username and password), with which it is possible to access online services of the public administration and private members. Simple, safe and fast, you can use SPID from any device: computer, tablet and smartphone every time you find the “Enter with SPID” button on a site or service app.

The Public Digital Identity System consists of different actors:

  • digital identity provider (or IdP), private entities authorized by AgID for the creation and management of users' digital identities;
  • service providers (or SP), public or private organizations, which by enabling access to their online services through digital identity allow fast, safe and secure use of services;
  • users (citizens and businesses) who have their own digital identity, certified by one or more managers, to access online services of the Public Administration and private members.
FOR THE CITIZEN
To obtain SPID you need a valid Italian identification document (identity card, passport, driving license), social security card (tessera sanitaria/tesserino del codice fiscale) or the tax number (codice fiscale) or the respective attribution certificates, an email address and a personal mobile number. It is not necessary that the email address and mobile phone number are registered in the name of the person requesting SPID, but they must represent strictly personal use tools, also for security checks. Therefore, a different mobile number and email address must be used for each SPID identity registered in the name of a different person. In addition, we do not recommend using work email addresses and business telephone numbers, as the loss of access to these tools (e.g. termination of an employment relationship) can lead to problems in using SPID.
If your identity document has expired, contact your identity provider to find out the appropriate procedure for updating your data. We also remind you that, following the law n.159 of November 27, 2020, the validity of identity documents expired from January 31, 2020 has been further extended until 30 September 2021. For any problem you can contact the various Identity Providers directly through the assistance services on the site at the Get assistance from Identity Providers page.
To obtain your SPID credentials, you can contact one of the identity managers (called identity providers) accredited by the Agency for Digital Italy (AgID). At the moment there are 9 identity managers: Aruba PEC SpA, In.Te.S.A. SpA, InfoCert SpA, Lepida ScpA, Namirial SpA, Poste Italiane SpA, Register SpA, Sielte SpA and TI Trust Technologies Srl. Each provider offers different ways to request and obtain SPID: choose the one that best suits your needs. For all information on where and how to request your SPID credentials go to the page How to activate SPID.
The use of SPID for citizens is free, but you can activate it by choosing between free or paid methods, described on the page How to choose between digital identity providers. Once obtained, no costs or fees will be required.
The time required to issue credentials changes according to the identity manager and the chosen recognition methods. You can consult the timing foreseen by each service provider for each of the different recognition methods on the website spid.gov.it.
Personal data disclosed to the identity providers won't be used for commercial purposes. Identity Providers cannot use the user's personal data or transfer them to third parties without the user's authorization. At the time of registration, the necessary data to obtain the SPID digital identity will be explicitly distinguished from the information - not mandatory - that the identity provider may possibly request. Your privacy is guaranteed and compliance with the data processing rules is supervised by AgID and the Guarantee for the protection of personal data.
The first level allows access to online services through the SPID credentials (username and password). The second level - necessary for services that require a higher degree of security - allows access through SPID credentials and the generation of a temporary OTP (one time password) access code or the use of an app that can be used through a device , such as a smartphone. The third level provides, in addition to the SPID credentials, the use of additional security solutions and any physical devices (e.g. smart cards) that are supplied by the identity provider.
A public administration must ensure the use of SPID or CIE for the identification and access to services that can be used by non-Italian citizens residing in Italy. Public administrations must guarantee identification and access to services by non-Italian citizens who are not residents in Italy and who have an eIDAS identity. Public administrations may continue to identify and ensure access to services by non-Italian citizens - who may not have a SPID, CIE or eIDAS identity - with different identification and access systems.
To date, SPID can be requested by those who have reached the age of 18. Operational guidelines are currently being issued for the release of SPID to minors and the related methods of use for access to online services.
To date, no legal/regulatory framework of reference has been defined for the use of SPID/CIE by/on behalf of a physical person who is subject to protection or administration support.
Who can request SPID?
All citizens over 18, in possession of a valid Italian document, can activate SPID by contacting one of the digital identity providers authorized by AgID and choosing between different recognition methods.
You must be in possession of a valid Italian identification document (identity card, passport, driving license) and a tax number (codice fiscale), an email address and a personal mobile number. On the website of the Revenue Agency (Agenzia per le Entrate) you can check the appropriate procedure for obtaining the tax number. You can contact one of the digital identity providers authorized by the Agency for Digital Italy. You can find all the activation procedures on the Request SPID page, recognizable by the “EU” or “world” icon and available on the page How to activate SPID along with all the information on the different recognition methods.
You must be in possession of a valid Italian identification document (such as ID card/carta d’identità) and a tax number (codice fiscale), an email address and a personal mobile number. If you have a residence permit (permesso di soggiorno), you can apply for an Italian ID card (carta d’identità) and submit it during the SPID activation phase. On the website of the Revenue Agency (Agenzia per le Entrate) you can check the appropriate procedure for obtaining the tax number.
How to activate SPID
You can contact one of the 9 digital identity providers authorized by the Agency for Digital Italy and available on the page How to activate SPID along with all the information on the different recognition methods. There are various ways to request SPID: - in person at the offices of the digital identity providers; - via webcam with operator made available by the provider or with an audio-video selfie along with the payment by bank transfer (a symbolic amount used only for identity verification); - with an Electronic Identity Card (Carta d'Identità Elettronica/CIE) or an electronic passport, identifying through the app of the providers downloadable from the stores; - with CIE (Carta d’Identità Elettronica), National Service Card (Carta Nazionale dei Serevizi/CNS) - it is also possible to use the social security card (tessera sanitaria), or with digital signature with the aid of a reader (e.g. smart card) and the relative pin. There are free or paid activation methods that are better to confirm before choosing the provider. Once obtained, the use of SPID for citizens is free of charge, no cost or fee will be required.
SPID is strictly personal, therefore for each SPID identity registered to a different person you must use a different mobile number and email address. It is not necessary that the email address and mobile number are in the name of the same person requesting SPID, but for security checks they must represent tools for personal use. Furthermore, there is the possibility to request SPID online and to assist the person to identify themselves through one of the methods made available by the identity providers. You can request more than one digital identity - even with different levels of security - by contacting different digital identity providers.
At the moment, the project is in the design and definition phase. The Simplification Decree introduces a new delegation management system that in the future will allow a person to grant a proxy (delegating) to another entity (delegate) in possession of a digital identity (SPID or CIE) to access online public services. For example, the system will allow seniors who do not have a digital identity to delegate a family member to access public administration services, such as INPS or the Revenue Agency (Agenzia delle entrate), helping to reduce the digital gap. The proxy may be acquired online or at public counters and may concern one or more public services. The solution is also designed to solve a widespread practice, which often sees people unable to use digital services communicate their access credentials to a third party who uses them instead, with obvious risks of security and protection of the person. The initiative is entrusted to the responsibility of the Department for Digital Transformation of the Presidency of the Council of Ministers. L’Istituto Poligrafico e Zecca will be responsible for the implementation, management and maintenance of the system of delegation management.
The SPID credentials issued by Aruba PEC SpA, In.Te.S.A. SpA, InfoCert SpA, Lepida ScpA, Namirial SpA, Poste Italiane SpA, Register SpA, Sielte SpA and TI Trust Technologies Srl are the same. You can freely choose the entity that allows you to complete the registration procedure in the easiest way for you: all the information is on the page How to choose between digital identity providers.
Yes, any entity that fulfils the requirements established by the regulations can apply for accreditation to AgID.
How to manage my digital identity
Not a problem, it is always possible to recover the credentials. - If you have requested SPID from Aruba follow the recovery procedure here: http://guide.pec.it/spid/recupero-dati/procedure-di-recupero-dati-smarriti.aspx - If you have requested SPID from Infocert follow the recovery procedure here:  https://my.infocert.it/selfcare/#/recoveryPin - If you have requested SPID from Namirial follow the recovery procedure here:  https://portale.namirialtsp.com/private/user/spid_reset.php - If you have requested SPID from Intesa follow the recovery procedure here:  https://spid.intesa.it/area-privata/forgot-password.aspx - If you have requested SPID from Poste follow the recovery procedure here:  https://posteid.poste.it/recuperocredenziali.shtml - If you have requested SPID from Register follow the recovery procedure here: (forgotten username) https://spid.register.it/selfcare/recovery/username (forgotten password) https://spid.register.it/selfcare/recovery/password - If you have requested SPID from Sielte follow the recovery procedure here: (forgotten password) https://myid.sieltecloud.it/profile/recovery/forgotPassword - If you have requested SPID from Tim follow the recovery procedure here: (forgotten username) https://login.id.tim.it/mps/fu.php (forgotten password) https://login.id.tim.it/mps/fp.php - If you have requested SPID from Lepida follow the recovery procedure here:  https://id.lepida.it/idm/app/recupero_credenziali.jsp
Yes, at any time you can cancel the registration procedure initiated with each identity provider without any kind of obligation or consequence. For specific information on the procedure to follow, you can contact the individual identity provider. In any case, you can request your digital identity to another identity provider even without waiting for the cancellation of the previous registration.
Yes, your digital identity can be certified by more than one provider. You can request more than one digital identity - even with different levels of security - with the opportunity to contact different digital identity providers.
Access to services is possible at any time, on a site or a service app. there is the “Enter with SPID” button. Access to services is safe and secure, also thanks to additional security checks, such as sending a temporary password (the so-called OTP - one time password) during authentication.
Recognition in Public Offices
Yes. Several administrations are enabling their offices to verify your personal identity and allow you to obtain SPID. After the verification you will receive by email a file (called activation package) that you can use online to complete the recognition and obtain SPID, choosing one of the identity providers that have joined the new mode.
The Identity Verification Officer - Registration Authority Office RAO - is a Public Administration that can verify in person at its offices your personal identity, to allow you to activate SPID. Discover the already active administrations. Public offices authorized to issue SPID are increasing. You can find the complete list on the page The PAs to obtain SPID.
The activation package is a protected file that contains the personal data you provided during the recognition in person, at one of the administrations active and adhering to the public RAO model. You will need to provide it to one of the enabled identity providers to prove your identity and complete the recognition process and obtain SPID.
Assistance Requests
All contact information of the SPID identity managers is available on the Get assistance from Identity Providers page.
If you experience access difficulties related to the authentication level or your SPID digital identity, you should refer to the assistance of the identity provider with whom you activated it. The support contacts of all identity providers are available on the Get assistance from Identity Providers page. If your problem was due to the necessary password renewal, each provider offers a credential recovery procedure. If the problem depends on the provision of the service and not on access with SPID (and access with SPID to other services) you must refer to the assistance service of the administration that provides it.
If you can't find the answers you were looking for and you have a specific complaint to make, send a request to online support for SPID.
FOR SERVICE PROVIDERS
If you want to make your online services accessible through SPID, with the support of AgID, you can start the procedure to become a service provider. Pay attention to what is described in the two phases: the technical one and the administrative one. Upon successful completion of the testing procedure, you will need to sign the agreement with AgID.
During the technical phase, check the requirements of your SPID implementation and your metadata. Then:
  • consult the SPID documentation (technical regulations, notices, etc.);
  • implement authentication to services with SPID;
  • verify the accuracy of the metadata and insert the "Log in with SPID" button on the pages of your site;
  • request metadata testing.
See all the details of the technical phase.
During the administrative phase you will have to sign the agreement with AgID. Then:
  • fill in and sign the agreement you will receive from AgID with an electronic signature qualified by the administrative contact;
  • send the agreement via PEC to Protocol@pec.agid.gov.it .;
  • when you receive the agreement countersigned by the AgID General Manager, your SPID will be in production.
See all the details of the administrative phase.
Access to online services takes place through the service provider's choice of one of three incremental levels of security:
  • level 1, with the user's SPID credentials (username and password);
  • level 2, with SPID credentials and the generation of a temporary OTP access code (one time password) or the use of an APP accessible through a device, such as a smartphone;
  • level 3, with SPID credentials and the use of additional security solutions or any physical devices (e.g. smart cards) that are provided by the identity manager.
Aggregators of public services are public administrations or private individuals that offer public entities, their aggregates, the possibility to make their services accessible through SPID. A public administration can become an aggregator or an aggregate subject, while a company can become only an aggregator. The procedure to follow in order to become an aggregator and the list of aggregators are available on AgID institutional website on the page Aggregators.
The "Public Service Providers", that is all subjects, other than Public Administrations, who need to directly provide Public Administration services online can join SPID by signing an agreement as an Aggregating Entity of public services, or by joining a Public Service Aggregator entity. To this end, these must be registered in the index of digital domiciles of Public Administrations and public service providers (IPA) in one of the remaining types compared to those indicated for Public Administrations.
The services accessible via SPID are indicated on the dedicated page. The spid.gov.it site is updated according to the list of services of service providers and Aggregators. The SPID conventions require that the service provider and aggregators communicate the updated list of services to AgID by filling in a special "ods" file, published on the conventions page to enter the SPID federation.
If you don't find the answers you were looking for and you need support in adapting your systems to SPID, write to spid.tech@spid.gov.it
To date, public administrations are not obliged to exclude the use of systems other than SPID and CIE to allow access to online services by businesses and professionals. Therefore, they may allow access to services provided to employees of third party entities, professionals, business representatives, in the performance of their duties or professional activities, with identification and access systems other than SPID and CIE.
FOR PUBLIC ADMINISTRATION
If you represent a Public Administration (as indicated in SPID Notice n. 28) that wants to enable access to its services through SPID, follow the procedure described on the page Become a service provider. Pay attention to what is described in the two phases: the technical one and the administrative one. After the positive outcome of the testing procedure you will have to sign the agreement with AgID. In addition, you can enable access to services with SPID through an aggregator.
If you represent a Public Administration that cannot directly join SPID, you can contact aggregators to enable access to their online services through the SPID digital identity. Aggregators of public services are public administrations or private individuals that offer public entities, aggregated by them, the possibility to make their services accessible through SPID.
Aggregators are public entities, for example local public administrations, such as small municipalities, that turn to aggregators to enable SPID service providers, since they do not find it convenient to enable access to their digital services with SPID independently.
The list is available on the AgID institutional website on the Aggregators page.
Yes, an entity may apply to multiple aggregators for different services. For example, a municipality may entrust the service of enrolling in kindergarten to a certain aggregator and the service of issuing certificates to another aggregator.
Yes, in the following cases:
  • If it decides to provide new services for which it wants to rely on an Aggregator;
  • If it wants to move one or more services to one or more Aggregators;
  • If it wants to move all of the services to one or more Aggregators; in this case it will have to give up the agreement and its service provider metadata.
The Head of Identity Verification - Registration Authority Office RAO - is the public administration that can verify in person at its offices the citizen's personal identity, to allow them to activate SPID. At the request of some local public administrations, the AgID has issued the Guidelines for the public RAO model allowing the involved public administrations to carry out this important activity on the territory, typically at public counters. To join the public RAO model it is necessary to follow the procedure indicated on the dedicated page on the AgID website.
Taking into account the eIDAS Regulation, public administrations may allow access to provided services in a closed system and directed to a specific group of people, identified in advance, with the specifically issued credentials, in case the service is provided exclusively to a defined number of participants, and where the provision (or non-provision) produces immediate effects only on the individual who is part of the defined group.
No, public administrations that have implemented SPID or CIE for identification and access to services are not obliged to implement CNS as well.
FOR COMPANIES
The legal head of an organization (company, entity, enterprise, etc.) can apply for and use their digital identity to access online services. For this purpose it is also possible to equip employees with digital identities for the professional use of the legal entity. The issuing of a digital identity for professional use by the legal entity is subject to verification of the applicant's personal identity and the legitimacy of the request. applicant and the legitimacy of the request by one of the digital identity providers authorized by the Agency for Digital Italy, in compliance with the procedures and controls provided by AgID.
The use of SPID for companies is subject to a fee: you can see the costs in the table.