# Yivi (previously IRMA)

How it works

See our knowledgebase for more general information on how Yivi works.

# Getting started

To get started, you will first need to email Signicat's Technical Support at technicalsupport@signicat.com to request the activation of an Yivi connection. Once the connection has been created, you can then select Yivi as an authentication provider and configure the settings.

# Yivi settings

  • Name: You can provide a unique name for your authentication provider connection.
  • "Include only when scoped" checkbox: This indicates that the Authentication provider will not be visible on the Authentication Provider selection screen, but can only be reached by using IdP scoping.
  • Select attribute filter: Attribute filters allow you to filter out certain attributes to make the response more concise.
  • Option to add response attribute mappings: Response attribute mappings allow you to choose the name of the attribute and thus use a standardised name for multiple authentication providers.

Advanced features

See Broker Features for more information.

# Broker Metadata

Once the connection is saved, press the Get Broker Metadata button and email this to technicalsupport@signicat.com.

# Integrate Yivi through Signicat

Now that you have successfully configured and added Yivi as an authentication provider to the dashboard, click Test to proceed. You will then be presented with the following screen:

Note: If you use only Yivi as an Identity Provider and no others, this step will be skipped.
When you select Yivi, you will be redirected to the Yivi login page where you will be asked to scan the QR code with your Yivi mobile app.

# Requested attributes

To request certain attributes from Yivi, you should first look at this page (opens new window) to see which attributes Yivi supports. In most cases you can simply request attributes depending on your protocol:

  1. SAML
  2. OIDC

If you wish to construct more complex requests using the condiscon (opens new window) functionality you may pass the condiscon parameter using additional parameters. For example, you may want to send a SAML request within the requested attributes extension the signicat:param:condiscon.

# Example of adding condiscon parameter in your SAML request

<saml2p:Extensions xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol">
        <req-attr:RequestedAttributes xmlns:req-attr="urn:oasis:names:tc:SAML:protocol:ext:req-attr">
            <md:RequestedAttribute xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
                                   Name="signicat:param:condiscon"
                                   NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
                                   isRequired="true"
                                   >
                <saml2:AttributeValue xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
                                      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                                      xsi:type="xsd:string"
                                      >[[["irma-demo.sidn-pbdf.email.email"]],[["irma-demo.sidn-pbdf.mobilenumber.mobilenumber"]]]</saml2:AttributeValue>
            </md:RequestedAttribute>
        </req-attr:RequestedAttributes>
    </saml2p:Extensions>

# Yivi app

The Yivi app is created and maintained by SIDN, the non-profit organisation behind the .nl domain. Yivi can be downloaded from the Apple store, Play store or F-Droid via the Download Yivi page (opens new window).

# Other resources

Last updated: 6/22/23, 9:00:44 AM UTC