Compartir a través de

Kids Passport Implementation Process

  • Artículo

Kids Passport Implementation Process

This topic provides step-by-step instructions for implementing Microsoft® Kids Passport on your site. These instructions assume you have already implemented Microsoft® .NET Passport single sign-in (SSI), which is a prerequisite for Kids Passport.

Step One: Determine Whether Your Site is "General Use" or "Targeted at Kids"

This distinction is made in children's privacy laws, such as the Children's Online Privacy Protection Act (COPPA) and will affect how your site should implement Kids Passport. You should make this determination as early as possible. Consult your legal representative.

Step Two: Provide Additional Site Information on the .NET Services Manager

Register your site on the .NET Services Manager Web site and provide the following information:

  • Account Data Page URL
    The URL for a page from which a parent can view and edit any data you store for a child.
  • Account Removal Page URL
    The URL for a page from which a parent can delete the data you store for a child.
  • Consent Needed
    The consent level, limited or full, that your site requires.

Step Three: Modify Authentication Calls to Include the KPP Parameter

Modify existing calls to the AuthURL2 and LogoTag2 methods of Passport Manager to include the KPP parameter. The behavior of the Login server, including whether it displays consent-gathering page, is determined by the value of the KPP parameter.

Step Four: Add Code That Checks for Consent Status

In areas of your site that must comply with children's privacy laws, such as COPPA, add code that checks for consent and adjusts the behavior of your site accordingly. To check for consent, use the HaveConsent method.

Step Five: Provide Means for Parents to Edit or Delete Kids' Data

If your site collects data about users who are under the age of 13 and are residents of the United States, you must provide pages on your site that enable parents to edit or delete this data. You provided URLs to these pages, Account Data and Account Removal, when you registered your site. The Kids Passport Web site provides a list of all sites to which consent is granted. This list includes links to the Account Data and Account Removal pages of each site.

Step Six: Update Your Site's Privacy Statement

All .NET Passport participating sites must have a posted privacy statement. You provided the URL for your privacy policy page when you registered your site for .NET Passport SSI. Update your site's privacy policy page to include a section that describes your privacy policy for users of the Kids Passport service and users covered by children's privacy laws, such as COPPA.

Step Seven: Provide Links to Kids Passport Services

Provide links to the Kids Passport site or Kids Passport services, such as Parents Point and Kids Corner, if you like. For more information, see the Microsoft Kids Passport Web site at https://kids.passport.net .

Step Eight: Make Sure Your Cobranding Material is Available by HTTPS

Kids Passport pages are served securely using the HTTPS protocol. If your cobranding material is not available by HTTPS, your Kids Passport pages will cause Web browsers to display mixed-security content warnings, resulting in a poor user experience.

See Also

Account Data Page | Account Removal Page | Registering Your .NET Passport Site | Kids Passport Overview | Checking for Consent | Single Sign-In Overview | Manager.AuthURL2 | Manager.LogoTag2 | Manager.HaveConsent