SithsEidAuthenticateValve
Note
Trigger SITHS eID authentication. Used in the context of the HTTP API.
On successful execution, a new item will be added with the SITHS eID orderRef, autostarttoken, qrStartToken and qrStartSecret values as properties.
Properties
| Name | Description | Default value | Mandatory | Supports property expansion |
|---|---|---|---|---|
| keyStore | ID of the stored p12 keystore used to be able to communicate with SITHS eID backend. | Yes | No | |
| sithseidURL | SITHS eID service backend root URL. | Yes | No | |
| rfc2253Issuers | List of trusted SITHS eID issuers. | [ "CN=TEST SITHS e-id Person HSA-id 3 CA v1,O=Inera AB,C=SE", "CN=TEST SITHS e-id Person ID 3 CA v1,O=Inera AB,C=SE", "CN=TEST SITHS e-id Person ID Mobile CA v1,O=Inera AB,C=SE", "CN=CGI Test Root CA,OU=Test,O=CGI,ST=Jamtland,C=SE", "CN=SITHS Type 1 CA v1,O=Inera AB,C=SE", "CN=SITHS Type 1 CA v1 PP,O=Inera AB,C=SE" ] | No | No |
| checkRevocation | Check if certificate has been revoked (true/false). | true | No | No |
| enhancedAuthentication | Enhanced authentication enabled (true/false). | true | No | No |
| personalIdentifier | Value to bind authentication to a specific user (should resolve to a personal number in format yyyyMMddxxxx. | No | Yes | |
| organizationName | Organization name that will be displayed in SITHS eID client during authentication. | Testportalen | No | No |
Example Configuration
{
"name": "SithsEidAuthenticateValve",
"config": {
"keyStore": "5ca8fb2f-bb98-48eb-a1fd-f1e89879fd50",
"sithseidURL": "https://secure-authservice.idp.ineratest.org",
"organizationName": "PhenixID",
"personalIdentifier": "{{request.personalIdentifier}}"
}
}
Requirements
Keystore (p12 format) file used to authenticate to the SITHS eID service. The keystore must have been uploaded to PhenixID Authentication Server.
Add trust to HTTPS SSL certificates using this instruction.
SITHS eID client (for testing).
Adding trust to production SITHS CAs
Configure the rfc2253Issuers parameter to trust production SITHS CAs:
"rfc2253Issuers": [
"CN=SITHS e-id Person ID 3 CA v1,O=Inera AB,C=SE",
"CN=SITHS e-id Person ID Mobile CA v1,O=Inera AB,C=SE"
]