Hosted CoreID
Introduction to Assently Hosted CoreID (SAML)
Hosted CoreID is a SAML Gateway that act as a SAML Identity Provider. It is a proxy service utilizing the CoreID Server and translates the JWT Identity Tokens issued by the CoreID Server to SAML.
Getting Started
- Contact Assently to sign up for Hosted CoreID.
- Download the Test IdP metadata from https://eid-gateway-test.assently.com/metadata.
- Send the following information to support@assently.com:
- your Test Service Provider metadata, and
- a URL to a publicly available logotype that you want to use on the Test IdP landing page.
- Test and integrate.
- Download the Production IdP metadata from https://eid-gateway.assently.com/metadata.
- Send the following information to support@assently.com:
- your Production Service Provider metadata, and
- a URL to a publicly available logotype that you want to use on the Production IdP landing page, if different than the URL used in test.
- Done!
SAML Assertions
All endpoints and SAML Assertions are described in the metadata.
subject.client.ip
Description
IP Address of the client.Example
"78.123.5.19"
subject.nationalidnumber
Description
The subject’s national ID number. The format can vary depending on eID Provider.Example
"198001011234"
subject.serialnumber
Description
The subject’s serial number. The format can vary depending on eID Provider.
subject.commonname
Description
Full name of the subject. Includes first name(s) and last name(s). The format can vary depending on eID Provider.Example
"Frank Miller"
subject.givenname
Description
Given name of the subject. Some providers also include middle name(s).Example
"Frank"
subject.surname
Description
Last name, surname or family name of the subject.Example
"Miller"
subject.country
Description
The subject’s country code. The format can vary depending on eID Provider.
validation.ocsp.response
Description
Base64 encoded OCSP response, if available from the eID provider.
provider
Description The name of the eID Provider that was used for the authentication.
Example
"se-bankid"
provider.payload
Description
All personal information related to the subject as received from the eID Provider. This is usually an x.509 certificate that we send along in its raw form encoded as a base64 string.Format
base64 encoded string
transactionid
Description
The unique identifier of the transaction.Example
"66619e7a-e34b-4f76-85df-71634328d3g1"
Configuration
You can configure the CoreID Client behaviour when using Hosted CoreID.
Default eID Provider
If you want to set the default eID provider to be used for the authentication, you can either
- set a parameter to the
SingleSignOnService
endpoint, e.g.
https://eid-gateway.assently.com/saml/signon?provider=provider_name&SAMLRequest=...
or,
- set the provider in the SAML
RequestedAuthnContext
to the specified eID provider.