Källa: Freja | Överenskommelse | Registrering | Onboarding | Testmiljö | TLS |
Skapa projektnr >> Överenskommelse >> Integration >> Testperiod >> Produktion >> Support
Målet är att kunna logga in på en wordpress site, och använda Freja för att verifiera och validera identitet.
Relationer och ansvar mellan aktörer
Vilken roll har du eller din organisation gentemot Freja
In addition, in the e-mail, please let us know whether you want to be registered as:
An Integrated RP: you will not manage your own client SSL certificate for connecting to Freja eID; instead, your service is provided by an Integrator RP already connected to Freja eID. If so, we need to let us know the RP Identifier of your Integrator RP.
Integratör
A Standalone RP: you will manage your own client SSL certificate for connecting to Freja eID, and will connect your own service to Freja eID;
An Integrator RP: you will manage your own client SSL certificate for connecting to Freja eID, but rather than having your own, you are hosting a common service for one or more Integrated RPs; or
Jidoka [RP] => Freja
Jidoka har avtalat med Freja att använda deras tjänst och agera både som [Integreated RP] för att kunna logga in på egen webbplats, och som Integratör [Integrator RP] för att hantera andra domäners inloggnin
Freja => Jidoka [RP]
Freja har godkänt att Jidoka kan inleda testfas för att integrera Freja identitetshantering på test
Innehållsförteckning
Ansvar (roller)
Intressenter inblandade för att erbjuda inloggning ed identitetshantering
Integratör: RP (Relying Party)
Roller som kan var i flera nivåer beroende på behörighet.
a) Webadministratör
b) System administratör
c)
Juridisk organisation som ansvar för inloggningsprocedur: Organisationsnummer
Rättigheter
We differentiate between 3 types of users based on assurance of the user’s identity.
- Basic – for users who have only registered with an email address
- Extended – for users whose identity was verified with an ID document
- Plus – for users whose identity was further verified with a physical meeting in addition to an ID document (only available in Sweden)
Integration Steps OpenID Connect
Förutsättning IT miljö
Använda domän https://solarXbike.se/labbet/webfinger som har en wordpress installation som hostas av Mebo webhotell. Webbhotellet använder cPanel för att administrera webbplatsen
Designbeslut
Val som är gjorda som utgångspunkt för hur tjänsten ska fungera
Registrerings uppgifter
Data att skickas till Freja för att läggas in
| Item | English | Swedish | Description |
|---|---|---|---|
| RP name | Jidoka Innovation AB | Jidoka Innovation AB | The name of your company (100 characters maximum). The RP name of RP is shown in Freja eID mobile app as part of login transaction and in My Pages web app in section for managing services and previewing transaction history. |
| RP URL | The URL you wish to be displayed to users in FrejaeID e.g. your website or login page. | ||
| RP description | A digital ID service that frees you from being just a personal identification number in a banking system. Here, your human identity is at the center – relationships, place and community take precedence. Unlike BankID, this ID is built on trust, consent and local anchoring. It makes it possible to operate in systems where people, not markets, set the framework. For those who want to be recognized in communities that have the right to organize themselves on their own grounds. Communities know their resources, needs and limitations better than external actors. Increased legitimacy and compliance When rules are created locally and jointly, people are more likely to follow them. Reduced conflict Direct dialogue and joint decision-making reduce misunderstandings and power struggles. Stronger long-term sustainability Local systems have often been shown to outperform both state and private systems in preserving resources over time. Resilience and flexibility Self-organized systems can adapt faster to changes in the outside world. Strengthened social bonds and trust Participation in decisions and responsibilities builds trust and strengthens community. People – when they are given the right to organize themselves – often find better solutions through collaboration. In a context (digital ID with local anchoring): This means that users: Get greater control over their identity Can build self-governing communities Get a technical solution that supports human, ecological and social needs – not just economic ones. | En digital ID-tjänst som frigör dig från att bara vara ett personnummer i ett banksystem. Här står din mänskliga identitet i centrum – relationer, plats och gemenskap får företräde. Till skillnad från BankID bygger detta ID på tillit, samtycke och lokal förankring. Det gör det möjligt att verka i system där människor, inte marknader, sätter ramarna. För dig som vill erkännas i gemenskaper som har rätt att organisera sig på egna grunder. Gemenskaper känner sina resurser, behov och begränsningar bättre än externa aktörer. Ökad legitimitet och efterlevnad När regler skapas lokalt och gemensamt är människor mer benägna att följa dem. Minskad konflikt Direkt dialog och gemensamt beslutsfattande minskar missförstånd och maktkamp. Starkare långsiktig hållbarhet Lokala system har visat sig ofta överträffa både statliga och privata system i att bevara resurser över tid. Resiliens och flexibilitet Självorganiserade system kan anpassa sig snabbare till förändringar i omvärlden. Stärkta sociala band och tillit Deltagande i beslut och ansvar bygger förtroende och stärker gemenskap. Människor – när de får erkänd rätt att organisera sig själva – ofta hittar bättre lösningar genom samarbete. I en kontext (digitalt ID med lokal förankring): Det innebär att användare: Får större kontroll över sin identitet Kan bygga självstyrda gemenskaper Får en teknisk lösning som stödjer mänskliga, ekologiska och sociala behov – inte bara ekonomiska. | A brief description of your company, (500 characters maximum). This description is shown to end-users in the service preview section of Freja eID My Pages web application. |
| RP logo | The logo of your company, ideally in SVG format, alternatively PNG, no larger than 1.5MB. The logo helps end-user identify what service they are authenticating to or signing for when prompted so in their Freja eID mobile application, and also to easier identify actions in the action history of Freja eID My Pages web application. |
Sign a contract with Freja eID to use OpenID Connect
Provide the following to partnersupport@frejaeid.com:
- The name of your company (100 characters maximum)
- The logo of your company – the ideal format would be SVG, alternatively PNG (1.5MB maximum)
- A brief description of your company/the services you offer both in English and Swedish (500 characters maximum)
- The URL you wish to be displayed to users in Freja eID e.g. your website
- The redirect URI where your users will land after a successful authentication
The min registration level of a user required when approving transaction, will be used for all transactions, if it is not set in request.
We differentiate between 3 types of users based on assurance of the user’s identity.
Basic – for users who have only registered with an email address
Extended – for users whose identity was verified with an ID document
Plus – for users whose identity was further verified with a physical meeting in addition to an ID document (only available in Sweden)
Källa: Freja Support
Skapa en publik SSL/TLS nyckel
obtain a client SSL/TLS certificate
To be able to access Freja eID service points you need to obtain a client SSL/TLS certificate. A client certificate authenticates your application when it tries to communicate with Freja eID services. Additionally, Freja eID uses your Client certificate to identify you in its system when you try to send an authentication or signing request. Separate certificates are needed to access the Testing Environment and the Production Environment.
Källa: Freja Support
Aktivera Testmode i Appen
Test Mode
Test Mode is an environment where Freja eID can be tested prior to/during integration. In order to activate Test Mode:
- Download and launch the app
- On the Privacy screen, toggle the ’General Terms and Conditions’ button six times to enter Test Mode.
- Tap Start Test Mode to confirm that you want to use the Freja eID mobile application in Test Mode.
Whether you are in Test Mode or not should be apparent as the header in the app will turn orange, accompanied by an animation that says ’TEST’. The application will stay in Test Mode until you delete it from the device.
Källa: Freja Support
Ange Uppgifter (secrets etc) från ID leverantör
Client ID: [från Freja]
Client Secret Key: [från Freja]
OpenID Scope: (Authentication Signing Organizational ID Temporary Device] ska det vara mellanrum mellan org_ID och Temp_device
Login Endpoint URL: [ https://oidc.prod.frejaeid.com/oidc/authorize ]
Userinfo Endpoint URL: [https://oidc.prod.frejaeid.com/oidc/userinfo]
Token Validation Endpoint URL: [https://oidc-ct.test.frejaeid.com/oidc/token ]
End Session Endpoint URL: [https://oidc-ct.test.frejaeid.com/oidc/logout]
ACR values: [optional]
Identity Key: [preferred_username] ?
- Redirect/Callback URL is populated with your website URL (this can be changed in the paid version of the plugin)
- App Name should be Freja eID
- ClientID and Client secret are unique identifiers of Relying Parties that you get from Freja eID when you integrate with our system
- Scope field populate with: openid profile email
- Authorize Endpoint values:
- Authorize Endpoint token values: