Disclosed are methods and systems for securely providing identity attributes. A server computer may receive, from a relying entity, a request for identity attributes associated with a target entity, wherein the request for identity attributes includes a session identifier associated with the target entity and an identifier of the relying entity. The server computer may validate the request based on the session identifier. The server computer may identify, based on the identifier of the relying entity, a package defining types of identity attributes for the relying entity and a data access token associated with the package. Based on validating the request, the server computer may transmit, to a digital identity provider, a request for a set of identity attributes corresponding to the package, the request comprising the data access token. The server computer may receive, from the digital identity provider, the set of identity attributes.