# Broker Services
Broker services allow you to configure scenarios for the Signicat Identity Broker to be used in the request for the identity provider.
To configure services, select the Broker Services section in the Identity Broker menu.
The default service is always configured and cannot be removed, only edited. This is where other broker services, can be added, edited and removed.
In the example above, we can see the configuration section of a single service.
- Name: The name of the broker service (required).
- Select default minimum Level of Assurance: Here you can set the minimum Level of Assurance (LoA) to be provided by the broker service.
- Selected authn provider: This is where you configure the Identity Providers that the Broker should allow to be used for authentication when the login flow is using the selected service (optional - multiple).
- Provide authn configuration: Here you can configure the requested attributes that can be added per Identity Provider, so the Broker will send them on the request (optional - multiple).
- Depending on the protocol of the Identity Provider, the name of attributes can change:
Saml
->Index
OpenID
->Scopes
IDIN
->RequestedAttributes
- Depending on the protocol of the Identity Provider, the name of attributes can change:
# Requesting broker services
In order to use services on the login flow, service providers have two options:
- Send the service on the login request. For this functionality, the Broker supports following protocols:
- OpenID: The service should be requested by using the scope attribute. Services available in the Broker are shown in the
well-known/openid-configuration
endpoint of the broker, such as{yourDomain}/broker/sp/oidc/.well-known/openid-configuration
(opens new window). The services are listed with the following formatservice:$ServiceName
.
- OpenID: The service should be requested by using the scope attribute. Services available in the Broker are shown in the
- Configure default service in the configuration-app. This is feature is available for each configured service provider connection. The Broker will first try to use a service that was sent in the login request. If no service is requested, it will try to use the service configured in the service provider connection, if available.