Authentication

Standard Response Fields

365 views August 15, 2017 November 6, 2018 0

The following fields are always provided with a SAML 2.0 response from Signicat. They may be blank if the underlying ID method does not provide the information, but they are never omitted.

All response parameters have a NameFormat of urn:oasis:names:tc:SAML:2.0:attrname-format:basic.

Attribute Name
Example
Description
national-identity 05054512345 National identification number. Never replaced by other variable; other unique identifiers go in the NameID field (see below).
national-identity-country NO Nationality of the person identified (ISO 3166-1 Alpha-2).
common-name Doe, John Name of the person identified as it appears in the response from the ID method.
given-name John First name of the person identified, after name splitting performed by Signicat.
surname Doe Last name of the person identified, after name splitting performed by Signicat.
email john.doe@example.com E-mail address as returned by the ID method.

TUPAS responses will also contain the following:

Attribute Name
Example
Description
tupas.bank.id 200 Number of the bank used to identify the person (see section 4.5 of the TUPAS Service Description in FKL’s technical documentation).
tupas.bank.name Nordea Friendly name of the bank used to identify the person.

In addition, the NameID attribute of the Subject element will contain an unique identifier that is not necessarily the national ID number, and the NameQualifier of the NameIDattribute will be the friendly name of the ID method in question.

Was this helpful?