Hosted CoreID

• Introduction to Assently Hosted CoreID (SAML)
  • Getting Started
  • SAML Assertions
    • subject.client.ip
    • subject.nationalidnumber
    • subject.serialnumber
    • subject.commonname
    • subject.givenname
    • subject.surname
    • subject.country
    • validation.ocsp.response
    • provider
    • provider.payload
    • transactionid
• Configuration
  • Default eID Provider

---

Introduction to Assently Hosted CoreID (SAML)

Hosted CoreID is a SAML Gateway that act as a SAML Identity Provider. It is a proxy service utilizing the CoreID Server and translates the JWT Identity Tokens issued by the CoreID Server to SAML.

Getting Started

1. Contact Assently to sign up for Hosted CoreID.
2. Download the Test IdP metadata from https://eid-gateway-test.assently.com/metadata.
3. Send the following information to support@assently.com:
   • your Test Service Provider metadata, and
   • a URL to a publicly available logotype that you want to use on the Test IdP landing page.
4. Test and integrate.
5. Download the Production IdP metadata from https://eid-gateway.assently.com/metadata.
6. Send the following information to support@assently.com:
   • your Production Service Provider metadata, and
   • a URL to a publicly available logotype that you want to use on the Production IdP landing page, if different than the URL used in test.
7. Done!

SAML Assertions

All endpoints and SAML Assertions are described in the metadata.

subject.client.ip

Description
IP Address of the client.

Example
"78.123.5.19"

subject.nationalidnumber

Description
The subject’s national ID number. The format can vary depending on eID Provider.

Example
"198001011234"

subject.serialnumber

Description
The subject’s serial number. The format can vary depending on eID Provider.

subject.commonname

Description
Full name of the subject. Includes first name(s) and last name(s). The format can vary depending on eID Provider.

Example
"Frank Miller"

subject.givenname

Description
Given name of the subject. Some providers also include middle name(s).

Example
"Frank"

subject.surname

Description
Last name, surname or family name of the subject.

Example
"Miller"

subject.country

Description
The subject’s country code. The format can vary depending on eID Provider.

validation.ocsp.response

Description
Base64 encoded OCSP response, if available from the eID provider.

provider

Description The name of the eID Provider that was used for the authentication.

Example
"se-bankid"

provider.payload

Description
All personal information related to the subject as received from the eID Provider. This is usually an x.509 certificate that we send along in its raw form encoded as a base64 string.

Format
base64 encoded string

transactionid

Description
The unique identifier of the transaction.

Example
"66619e7a-e34b-4f76-85df-71634328d3g1"

Configuration

You can configure the CoreID Client behaviour when using Hosted CoreID.

Default eID Provider

If you want to set the default eID provider to be used for the authentication, you can either

• set a parameter to the SingleSignOnService endpoint, e.g.
  https://eid-gateway.assently.com/saml/signon?provider=provider_name&SAMLRequest=...

or,

• set the provider in the SAML RequestedAuthnContext to the specified eID provider.