Authenticating the User

768 views June 12, 2017 October 19, 2018 1

The first step of the authentication process is constructing a URL to redirect the user to Signicat. The URL will have the following format:

Parameter Description Example value Required
env env is the environment. preprod (in preprod)
id (in production)
service service is the name of your service as registered with Signicat*.
There is a demo preprod service called “demo” which you may use as you’d like, but eventually you will start using your own service.
Demo (in preprod environment) (in production)
method method is the name of the id-method as registered with Signicat*. nbid (Norwegian BankID)  Yes
profile profile is the name of the graphical profile** you would like to use. If you don’t have a graphical profile, you can omit the value and the default profile will be used.  No
language language is the (ISO 639-1) two letter code for the language you would like in the user interface. “en” (English) is default.   nb (Norwegian)  No
target  target is the URL-encoded (or “percent encoded”) URL to the application which is to receive the SAML assertion. If you’re starting out testing the services, then perhaps your URL is http://localhost:8080/auth/verify and if you URL encode that you will end up with http%3A%2F%2Flocalhost%3A8080%2Fauth%2Fverify. Any parameters you use in any of your URL’s should always be URL encoded according to the URL standard, so make sure you adhere to that. http%3A%2F%2Flocalhost%3A8080%2Fauth%2Fverify Yes


Note that all URL parameters must be properly URL encoded using UTF-8, as per RFC 3986.

* If your company name is Foo then your service name can be “foo”, and if you’re using Danish NemID then the method name can be “nemid” or something completely different if you’d like. Please contact if you’re unsure of the name of your service and/or available id-methods.

** A graphical profile is an HTML template which can be used to wrap the dynamic content served by Signicat. See also Graphical adjustments and customization.


Let’s put the pieces together and construct a URL where we send the user to the preprod environment, using the demo service, the Danish NemID method, a demo profile, danish language and localhost as the target:

Clicking the link will send you to a page where the NemID applet is loaded and the authentication process starts, such as in the following screenshot:

Was this helpful?