FrejaEIDAuthStatusValve

Checks the status of a authentication request. Typically used with the authentication API module.  Because of this, the data used is expected to come from the request. Not an item.

The valve will create an item if none is present.

For more detailed information see https://frejaeid.com/rest-api/Signature%20Service.html

Properties

Name Description Default value Mandatory Supports property expansion
keystoreID The id of the keystore in configuration Yes No
mode Decides the target endpoint to send the request to. Allowed values are 'test_personal_auth,production_organisation_auth,production_personal_auth,test_organisation_auth,test_personal_auth'. Only one value is allowed. Yes No
relyingPartyId Defines the relying party ID. Used with partner certificate which is allowed to be used for multiple customers. No Yes
customer Used for event logging to add differentiator if desired. No No

Example Configuration

{
      "name" : "FrejaEIDAuthStatusValve",
      "config" : {
        "keystoreID" : "93f5e7e1-c3f4-436b-9bbc-0b94d454a352",
        "mode" : "production_personal_auth"
      }
    }

Requirements

  • The server trusts the Freja e-ID backend TLS certificate.
  • A client certificate & private key (keystore) thsat is issued by Freja e-ID is present in the configuration.

Request parameters

The incoming request must contain the following parameters:

  • authRef - The identifier of an auth request

Example request

{
   "authRef":"112233445566778899"
}

Response

Status and authRef is always returned. 

If approved,  ssn, givenName, sn, mail, organisationIdIdentifier is returned. Depending on the initiating request some attributes may be empty.

In addition the entire response is found in attribute fullResponse, Base64 encoded.