Integrations
This tutorial demonstrates how to integrate Criipto Verify with OneLogin
This tutorial demonstrates how to integrate Criipto Verify with OneLogin. The following steps are required to complete your first login:
+
sign to add a new applicationAvailable on domain
section. This will be the domain used to communicate to OneLogin. If you only subscribe to one Criipto Verify domain, only one will be listed.urn:onelogin:criipto
has been assigned.https://<SUBDOMAIN>.onelogin.com/access/idp
.Save
.A completed application registration will look as follows:
Enable OAuth2 Code Flow
by selecting the corresponding toggle:
Save
New Trust
from the top righthttps://
Sign Users into OneLogin
and deselect Sign Users into additional applications
.OIDC
from the dropdown{tidp.email}
in the User Attribute Value in the User Attribute section or whatever is applicable to your use case. This is the attribute used for User attribute matching.
https://<Criipto Verify Domain Name>/<base64 encoded acr value for legal/bank id being configured>/oauth2/authorize
https://onelogintest-test.criipto.id/dXJuOmdybjphdXRobjpubzpiYW5raWQ=/oauth2/authorize
https://<Criipto Verify Domain Name>/oauth2/token
https://<Criipto Verify Domain Name>/oauth2/userinfo
openid
must be used.Enable Trusted IDP
in the Enable/Disable field.Login method | acr_values | base64 encoded |
---|---|---|
Norwegian BankID | ||
Mobile or Web (user choice): | urn:grn:authn:no:bankid | dXJuOmdybjphdXRobjpubzpiYW5raWQ= |
BankID Biometrics (level substantial): | urn:grn:authn:no:bankid:substantial | dXJuOmdybjphdXRobjpubzpiYW5raWQ6c3Vic3RhbnRpYWw= |
Norwegian Vipps Login | ||
Login with Vipps app: | urn:grn:authn:no:vipps | dXJuOmdybjphdXRobjpubzp2aXBwcw== |
Swedish BankID | ||
All options (user chooses): | urn:grn:authn:se:bankid | dXJuOmdybjphdXRobjpzZTpiYW5raWQ= |
Same device: | urn:grn:authn:se:bankid:same-device | dXJuOmdybjphdXRobjpzZTpiYW5raWQ6c2FtZS1kZXZpY2U= |
Another device (aka mobile): | urn:grn:authn:se:bankid:another-device | dXJuOmdybjphdXRobjpzZTpiYW5raWQ6YW5vdGhlci1kZXZpY2U= |
QR code: | urn:grn:authn:se:bankid:another-device:qr | dXJuOmdybjphdXRobjpzZTpiYW5raWQ6YW5vdGhlci1kZXZpY2U6cXI= |
Danish MitID | ||
Level low: | urn:grn:authn:dk:mitid:low | dXJuOmdybjphdXRobjpkazptaXRpZDpsb3c= |
Level substantial: | urn:grn:authn:dk:mitid:substantial | dXJuOmdybjphdXRobjpkazptaXRpZDpzdWJzdGFudGlhbA== |
MitID Erhverv (MitID Business): | urn:grn:authn:dk:mitid:business | dXJuOmdybjphdXRobjpkazptaXRpZDpidXNpbmVzcw== |
Finnish Trust Network | ||
BankID: | urn:grn:authn:fi:bankid | dXJuOmdybjphdXRobjpmaTpiYW5raWQ= |
Mobile certificate (Mobiilivarmenne): | urn:grn:authn:fi:mobile-id | dXJuOmdybjphdXRobjpmaTptb2JpbGUtaWQ= |
Both of the above: | urn:grn:authn:fi:all | dXJuOmdybjphdXRobjpmaTphbGw= |
Itsme | ||
Basic: | urn:grn:authn:itsme:basic | dXJuOmdybjphdXRobjppdHNtZTpiYXNpYw== |
Advanced: | urn:grn:authn:itsme:advanced | dXJuOmdybjphdXRobjppdHNtZTphZHZhbmNlZA== |
Belgium | ||
Verified e-ID: | urn:grn:authn:be:eid:verified | dXJuOmdybjphdXRobjpiZTplaWQ6dmVyaWZpZWQ= |
Almost all eID types have a notion of test users and real users.
Real users are real people logging in to a web site, thus voluntering their real name and typically also a social security number, SSN.
Test users are either created by you for the occasion, or we provide you with access to already created test users.
You may read more in the section on eIDs