Created by Marija Ristin Sremcevic, last modified on 07.February.2020
Table of contents
Related pages
Introduction to Integrator Relying Party Management
Identification of Relying Parties towards Freja eID services is achieved through SSL with client authentication. This, however, may present an issue for Relying Parties that act on behalf of their own customers, i.e. other organisations, with their own branding and the requirement that the end users, consuming their services, are aware of the organisation they are interacting with.
In order to avoid the complexities of having such Relying Parties manage multiple SSL certificates, one per customer organisation, Freja eID allows annotation of such Relying Parties as "Integrators". Integrator Relying Parties are allowed to act on behalf of their customer organisations by utilisingĀ a single SSL client certificate while passing the identity of the customer organisation as a parameter to API calls. Consequently, given the branding and presentation requirements towards end users within Freja eID, organisations on whose behalf Integrator Relying Parties act on must be registered with Freja eID as ''Integrated RPs''. They cannot make use of Freja eID services directly but rather through the Integrator RP they are associated with.
For each Integrated Relying Party, as well for the Integrator Relying Party itself, Freja eID generates a unique identifier called relyingPartyId. The Integrator Relying Party needs to pass this identifier as an additional POST parameter. This can be done only by passingĀ relyingPartyId as part of the request.
For detailed information and examples of implementations of Freja eID Client library for Relying Parties, please use the links provided below.