Skip to main content

Attributes reference

You use Skilríki á síma to verify the identity of end-users and obtain relevant personal details about them. This page contains information about the user data that you can request and receive for the different authentication protocols.

OIDC scopes and claims

You can use the following scopes to request user information from an end-user using Skilríki á síma:

Response example

The response example below only shows the payload of an OIDC response with all claims on display.

Scope: openid profile idp-id nin

{
  "iss": "https://<YOUR_SIGNICAT_DOMAIN>/auth/open",
  "nbf": 1731075893,
  "iat": 1731075893,
  "exp": 1731076493,
  "aud": "<CLIENT_ID>",
  "amr": [
    "external"
  ],
  "at_hash": "DUfaiUCP6vaBu_Q45EwsUQ",
  "sid": "59E087F7E27089EDE5516C21B9416113",
  "sub": "1blgPh97HPXdEY5QsK45sdqtiGacjq5fAd5gC3dlP74=",
  "auth_time": 1731075879,
  "idp": "audkenni-mobileid",
  "idp_id": "1702901234",
  "name": "Anna Tomasdottir",
  "family_name": "Tomasdottir",
  "given_name": "Anna",
  "birthdate": "1990-02-17",
  "nin": "1702901234",
  "nin_type": "CIVIL",
  "nin_issuing_country": "is",
  "idp_issuer": "Fullgilt audkenni 2021",
  "transaction_id": "a46a0f68-bb0e-4244-9428-224518c1b314",
}
IdP scoping

You can limit which eIDs the end-user can authenticate with. For more details, see the IdP scoping page.

Authentication REST API attributes

The Signicat Authentication REST API supports the following request and response attributes for Skilríki á síma:

Response example

Here is a section of the response showing the user information attributes:

"subject": {
	"id": "2ULSP7fTILirGvQKmJzSX7z3pY6NIYcK4xYnu3hqIO8=",
	"idpId": "1702901234",
	"name": "Anna Tomasdottir",
	"firstName": "Anna",
	"lastName": "Tomasdottir",
	"dateOfBirth": "1990-02-17",
	"nin": {
		"value": "1702901234",
		"issuingCountry": "IS",
		"type": "CIVIL"
	},
}

SAML 2.0 attributes

Integrating with SAML 2.0 supports the following request and response attributes for Skilríki á síma:

Response example

Here is a section of the SAML response showing the user information attributes:

<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="..." ID="..." InResponseTo="..." IssueInstant="2024-11-18T13:21:19.716Z" Version="2.0">
  <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://*YOUR_SIGNICAT_DOMAIN*/auth/saml</saml2:Issuer>
  <saml2p:Status>
    <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </saml2p:Status>
  <saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsd="http://www.w3.org/2001/XMLSchema" ID="_59c600d2f1f8695fd2b837c6f0be0faf" IssueInstant="2024-11-18T13:21:19.736Z" Version="2.0">
    <saml2:Issuer>https://*YOUR_SIGNICAT_DOMAIN*/auth/saml</saml2:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
      <ds:SignedInfo>
        <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
        <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
        <ds:Reference URI="#_59c600d2f1f8695fd2b837c6f0be0faf">
          <ds:Transforms>
            <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
            <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
              <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xsd"/>
            </ds:Transform>
          </ds:Transforms>
          <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
          <ds:DigestValue>...</ds:DigestValue>
        </ds:Reference>
      </ds:SignedInfo>
      <ds:SignatureValue>XML_SIGNATURE</ds:SignatureValue>
      <ds:KeyInfo>
        <ds:X509Data>
          <ds:X509Certificate>X509_CERTIFICATE</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
    </ds:Signature>
    <saml2:Subject>
      <saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" NameQualifier="audkenni-mobileid">VsQFCIOdsM-brFXDGQhMyMfnlkQyeb8pNfkxq6VFppY=</saml2:NameID>
      <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml2:SubjectConfirmationData InResponseTo="_2d3e23bb30673b750e73e1f4e5b89f8e" NotOnOrAfter="2024-11-18T13:23:19.736Z" Recipient="RECIPIENT"/>
      </saml2:SubjectConfirmation>
    </saml2:Subject>
    <saml2:Conditions NotBefore="2024-11-18T13:21:14.737Z" NotOnOrAfter="2024-11-18T13:23:19.737Z">
      <saml2:AudienceRestriction>
        <saml2:Audience>ENTITY_ID</saml2:Audience>
      </saml2:AudienceRestriction>
    </saml2:Conditions>
    <saml2:AttributeStatement>
      <saml2:Attribute Name="idpId">
        <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">1702901234</saml2:AttributeValue>
      </saml2:Attribute>
	  <saml2:Attribute Name="nin">
        <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">1702901234</saml2:AttributeValue>
      </saml2:Attribute>
      <saml2:Attribute Name="nin.issuingCountry">
        <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">IS</saml2:AttributeValue>
      </saml2:Attribute>
      <saml2:Attribute Name="nin.type">
        <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">CIVIL</saml2:AttributeValue>
      </saml2:Attribute>
	  <saml2:Attribute Name="name">
        <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">Anna Tomasdottir</saml2:AttributeValue>
      </saml2:Attribute>
	  <saml2:Attribute Name="firstName">
        <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">Anna</saml2:AttributeValue>
      </saml2:Attribute>	  
	  <saml2:Attribute Name="lastName">
        <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">Tomasdottir</saml2:AttributeValue>
      </saml2:Attribute>
	  <saml2:Attribute Name="dateOfBirth">
        <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">1990-02-17</saml2:AttributeValue>
      </saml2:Attribute>
    </saml2:AttributeStatement>
    <saml2:AuthnStatement AuthnInstant="2024-11-18T13:21:19.737Z" SessionIndex="2dbfc164-fdff-47c9-b65f-49d64a0e46f9">
      <saml2:AuthnContext>
        <saml2:AuthnContextClassRef>substantial</saml2:AuthnContextClassRef>
        <saml2:AuthenticatingAuthority>audkenni-mobileid</saml2:AuthenticatingAuthority>
      </saml2:AuthnContext>
    </saml2:AuthnStatement>
  </saml2:Assertion>
</saml2p:Response>
On this page