# Yivi (formerly known as IRMA)
How it works
See our knowledgebase for more general information on how Yivi works.
# Getting started
To get started, you will first need to email Signicat's Technical Support at technicalsupport@signicat.com to request the activation of an Yivi connection. Once the connection has been created, you can then select Yivi as an authentication provider and configure the settings.
# Yivi settings
- Name: You can provide a unique name for your authentication provider connection.
- "Include only when scoped" checkbox: This indicates that the Authentication provider will not be visible on the Authentication Provider selection screen, but can only be reached by using IdP scoping.
- Select attribute filter: Attribute filters allow you to filter out certain attributes to make the response more concise.
- Option to add response attribute mappings: Response attribute mappings allow you to choose the name of the attribute and thus use a standardised name for multiple authentication providers.
Advanced features
See Broker Features for more information.
# Broker Metadata
Once the connection is saved, press the Get Broker Metadata button and email this to technicalsupport@signicat.com.
# Integrate Yivi through Signicat
Now that you have successfully configured and added Yivi as an authentication provider to the dashboard, click Test to proceed. You will then be presented with the following screen:
 | Note: If you use only Yivi as an Identity Provider and no others, this step will be skipped. |
 | When you select Yivi, you will be redirected to the Yivi login page where you will be asked to scan the QR code with your Yivi mobile app. |
# Requested attributes
To request certain attributes from Yivi, you should first look at this page (opens new window) to see which attributes Yivi supports. In most cases you can simply request attributes depending on your protocol:
# Requests with condiscon
If you wish to construct more complex requests using the condiscon (opens new window) functionality you may pass the condiscon parameter using additional parameters. To view examples with the condiscon parameter for SAML and OIDC, continue to the next sections below.
# Example of adding condiscon parameter in your SAML request
To send a SAML request within the requested attributes extension the signicat:param:condiscon, define the parameter using the RequestedAttribute element, as shown in the example below:
<saml2p:Extensions xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
<req-attr:RequestedAttributes xmlns:req-attr="urn:oasis:names:tc:SAML:protocol:ext:req-attr">
<md:RequestedAttribute xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
Name="signicat:param:condiscon"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
isRequired="true"
>
<saml2:AttributeValue xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="xsd:string"
>[[["irma-demo.sidn-pbdf.email.email"]],[["irma-demo.sidn-pbdf.mobilenumber.mobilenumber"]]]</saml2:AttributeValue>
</md:RequestedAttribute>
</req-attr:RequestedAttributes>
</saml2p:Extensions>
# Example of adding condiscon parameter in your OIDC request
When sending an authorisation request with OIDC, pass the condiscon parameter as a scope using signicat:param:condiscon_base64:$condiscon_value, where $condiscon_value is base64 encoded condiscon. For example:
scope=openid%20signicat:param:condiscon_base64:W1tbImlybWEtZGVtby5zaWRuLXBiZGYuZW
1haWwuZW1haWwiXV0sW1siaXJtYS1kZW1vLnNpZG4tcGJkZi5tb2JpbGVudW1iZXIubW9iaWxlbnVtYmVyIl1dXQ
# Yivi app
The Yivi app is created and maintained by SIDN, the non-profit organisation behind the .nl domain. To download the app from the Apple store, Play store or F-Droid, visit the Download Yivi page (opens new window).
# Other resources
- For more information about Yivi, visit https://www.yivi.app/ (opens new window).
- Yivi for developers is available at https://www.yivi.app/en/for-developers (opens new window).
- Live Yivi demos (opens new window).
- Yivi FAQs (opens new window) (in Dutch).