E-Ident

Get started
Step 1
Step 2
Step 3
Overview
OpenID Connect
SAML
Service access
Operational information
User experience
eIDs
Test users
BankID (NO)
BankID (SE)
BankID on mobile (NO)
Buypass (NO)
Finnish Bank ID
Finnish Trust Network
MitID (DK)
Mobiilivarmenne (FI)
Mobile-ID
NemID (DK)
Nets Passport Reader
Smart-ID
Verimi
Error codes
Release notes
Contact us

Service access

​​E-Ident is accessible through both Internet and an Extranet to Nets. A customer test environment is always available as long as you are a customer. At this page you find information about the URLs and IP addresses to the service and how to get your own test and production setup.

Access point

The general URLs and IP addresses to the customer test and production interface: 

​Interface​HostInternett ​IP address  Extranett ​​IP address 
​Customer test

​www.ident-preprod1.nets.eu

ekstranett.ident-preprod1.nets.eu

91.102.28.51:443

91.102.28.52:443

91.102.26.184:443

193.161.30.232:443

​Productionwww.ident.nets.eu​91.102.27.92:443​91.102.26.183:443​

​URLs related to OIDC and SAML:

​Type​Customer test​Production
​OIDC Identification request​https://www.ident-preprod1.nets.eu/its/index.html?client_id=https://www.ident.nets.eu/its/index.html?client_id=
​OIDC discovery URL​https://www.ident-preprod1.nets.eu/oidc/.well-known/openid-configuration
https://www.ident.nets.eu/oidc/.well-known/openid-configuration
​OIDC userinfo endpoint

​https://www.ident-preprod1.nets.eu/oidc/userinfo

​https://www.ident.nets.eu/oidc/userinfo
​SAML identification request​https://www.ident-preprod1.nets.eu​/its/index.html?mid=<value>&TARGET=<value> ​https://www.ident.nets.eu/its/index.html?mid=<value>&TARGET=<value>
​SAML assertion

​https://www.ident-preprod1.nets.eu

/saml1resp/getassertion

https://www.ident.nets.eu

/saml1resp/getassertion

​SAML logout URL​https://www.ident-preprod1.nets.eu​/gls/logout.html​https://www.ident.nets.eu​/gls/logout.html

Security

CA certificates

The communication with E-Ident is secured using HTTPS. The server certificate used is issued under one of the following Root CAs:

Make sure that both these root CAs are trusted in your applications.

TLS communication

E-Ident supports TLS 1.2 in the communication. These ciphers are supported in the communication:

  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) ECDH secp256r1 (eq. 3072 bits RSA) FS
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) ECDH secp256r1 (eq. 3072 bits RSA) FS
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e) DH 2048 bits FS
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f) DH 2048 bits FS 

Test and production configuration

To use the E-Ident service, a customer needs its own test and production configuration to use the service.

Note: The demo app available in the get started guide will give you access to a common test configuration. This is predefined and can be used to try out the service. It is however recommended to get your own test configuration when you develop and test your own applications.

Test

To setup your test configuration, follow the below steps:

  1. Contact Nets support to request a test access.
  2. Fill out the information requested from Nets support and return to the given address. This includes:
    1. Info about your organisation
    2. The service(s) to use
    3. URLs to your application(s)
    4. The eIDs you will use and some info about specific eID settings
    5. If using standalone UI or pop-up UI, send Nets support a logo file. The logo file should either be svg or png. We recommend using svg. For png file, the  recommended size is 360 (height) x 200 (width). 
  3. Nets support will set up your test configuration and give you the needed credentials (MID and password).

To test your application, a set of test users are available here. 

Production

To setup your production configuration, follow the below steps:

  1. Contact Nets support to request production access.
  2. Fill out the information requested from Nets support and return to the given address. This includes:
    1. Info about your organisation
    2. The service(s) to use
    3. URLs to your application(s)
    4. The eIDs you will use and some info about specific eID settings
    5. If using standalone UI or pop-up UI, send Nets support a logo file. The logo file should either be svg or png. We recommend using svg. For png file, the  recommended size is 360 (height) x 200 (width).  Let us know if we should reuse the logo from the test setup. 
  3. Dependent on the eIDs available you need to enter into an agreement with the specific eID either through Nets as a partner or directly with the eID.
  4. Nets support will set up your production configuration and give you the needed credentials (MID and password). 

Incident and change notifications

Nets sends out e-mail and SMS notifications to customers during on-going incidents and e-mail notifications in case of customer affected changes. Customers are added to our notification lists upon customer test and production configuration. To receive e-mail and/or SMS notifications, send your contact details to our support using the Contact us form.

Nets also sends out monthly SLA reports. If you as a customer wants to receive the report, send your contact details to support using the above form.