​Smart-ID is available in Estonia, Latvia and Lithuania using the Smart-ID app.  

Enable Smart-ID in your services

Smart-ID is available in Estonia, Latvia and Lithuania using the Smart-ID app. To get you started with Smart-ID identification through E-Ident, contact support to enable Smart-ID on your current test configuration or to set up a new test configuration. 

A description on how to get a Smart-ID test account is found on the test user page

More information about Smart-ID:

Information about the end user

​Birth date


Requires scope=profile

​DOB​End user's birth date.
Requires scope=cert
The country from end user's certificate.
​End user certificate


Requires scope=cert

CERTIFICATE​End user's Smart-ID certificate. 
​Certificate policy
Requires scope=cert
​The certicate policy from end user's certificate
​Common name
Requires scope=cert
​The common name from end user's certificate. 
​Distinguished name


Requires scope=cert

DN​Distinguished name from end user's certificate. 
Family name


Requires scope=profile

​SURNAME​End user's surname.
​Given name


Requires scope=profile

​GIVENNAME​End user's first/given name.
​Full name


Requires scope=profile

​FULLNAME​End user's full name.
​Certificate level
Requires scope=cert

The level of the end user's certificate. This is either QUALIFIED or ADVANCED. Note: Qualified is available in all environments, advanced is only available in test for test accounts. 
​Document number
Requires scope=ssn

Requires returnssn=true parameter

​See description below. 
​Smart-ID interaction flow
Requires scope=openid

See the description below.

​smartid_pid / pid
Requires scope=openid

​Unique identifier of user in the E-Ident service.
​Social security number
Requires scope=ssn
Requires returnssn=true parameter
​End user's social security number
SSN issuing country
Requires scope=ssn

Requires returnssn=true parameter

​The user's country. 

The Smart-ID document number is a unique ID consisting of the user's identity type, country code, social security number, random code to identify device and non-qualified or qualified. Here is an example of a document number: 

  • PNO: Identity Type (Personal Number, is the only type supported for now)
  • EE: Country code (Other values supported are LT, LV)
  • 30303039903: SSN (SSN can also contain "-" in between for Latvian country SSN)
  • 8LND: random code to identify device
  • NQ / Q : To identify the type of account/certificate (NQ -> Non-qualified (Advanced) and Q-> Qualified)

Handling of SSN

The social security number (SSN) of an end user will be returned if the SSN scope is set (OIDC) or the returnssn parameter is set to true. The SSN is returned as the ssn claim/attribute and the ssn issuing country is returned in the ssn_issuing_country claim/attribute.

Note: The SSN is also indirectly returned if you request the scope=cert as the ssn can be deducted from the result. 

User experience

The user experience is a combination between input in a browser and on a personal app. The app "Smart-ID" app includes the user's electronic ID. Below are the screen shots from the browser only. 

Step 1 (enter country and id code):

Step 1a.PNG

Step 2 (waiting for input from mobile app): 

Step 2.PNG

User interaction flow

Smart-ID offers different ways to display text, verification code and PIN entering screen to the user. This is controlled by the smartid_allowedInteractionsOrderType parameter on the identification request. The different values are listed in the interactions column below. The interactions can be used in combination with the given display text parameter.

​Display text parameter
​The simplest interaction with max 60 chars of text and PIN entry on a single screen.
​First screen is for code choice and second screen is with max 60 chars text and PIN like displayTextAndPIN is.
​First screen is for text only (max 200 chars) and has Confirm and Cancel buttons. Second screen is for PIN.
​First screen combines text and Verification Code choice. Second screen is for PIN.

The smartid_allowedInteractionsOrderType also allows a comma separated list of two or more interactions., and if comma separated, there should be no space before or after comma. The interaction used is up to the Smart-ID app. If a list is provided, make sure to add the appropriate display text parameters. 

Note: If no smartid_allowedInteractionsOrderType is given in the request, then displayTextAndPIN is sent as default along with the default smartid_displayText60 "Please authenticate this transaction.", to Smart-ID endpoint.

The used interaction value is returned as a ID Token claim (OIDC) or attribute (SAML) name smartid_interaction_flow_used.

Smart-ID logo

If needed, the Smart-ID logo can be downloaded from Smart-ID Branding page: