Setup of iDIN

Integration with iDIN is done similarly to other Signicat's ID methods. This page describes the process of setting up iDIN.

For more general information on how to integrate with Signicat, see the Authentication quick start guide.

Initial preparations

This setup guide assumes you have completed the following initial preparations:

• Sign required agreements.
• Sign up to the Signicat Dashboard (opens new window).
• In the Signicat Dashboard, set up an organisation, an account and a domain.

Sandbox account

We recommend you to create a Sandbox account to test our services before implementing them in production.

Add iDIN

Once Signicat has given you access to iDIN in the Signicat Dashboard, you can add iDIN to your active methods.

In the Signicat Dashboard:

• Go to Authentication > ID Methods (opens new window).
• Click Add new.
• Select iDIN from the list and save.

Choose iDIN acquirer

You now get to select the acquirer option you agreed to in the contract phase. Choose between:

• Signicat DISP.
• Custom acquirer.

See the following sections for more details.

Signicat DISP (Digital Identity Service Provider)

• Include only when scoped checkbox: The broker provides scoped functionality.
• Select attribute filter > Response attribute mappings: This option allows you to rename attributes received in the response body. For example, you can rename "idin-lastName" to "surname". You can provide none or multiple name-to-name mappings. This option works best with SAML. You should not rename OIDC attributes, since we use standardised and normalised attributes.
• QR code data: If you want to use the iDIN QR flow, contact us at support@signicat.com.
  • Merchant token
  • Secret signing key
  • QR backend URL

Custom acquirer

• Merchant ID: This is the contract number for iDIN. You obtain this ID after registration for iDIN. Made up of Acquirer.AcquirerID (first four positions) and a unique number of exactly six positions.
• Merchant subID: The subID uniquely defines the name and address of your organisation to be used for iDIN. You obtain the subID from you acquirer after registration for iDIN. You can request permission from the acquirer to use one or more subIDs. Unless agreed otherwise with the acquirer, you must use 0 (zero) as subID by default (if no subIDs are used).
• Routing service URL: You will receive this URL from your acquirer once you have set up your merchant agreement with an acquirer. This is the URL where iDIN Directory, Transaction and Status requests are made to.
• Acquirer certificate (PEM format): This certificate corresponds to the acquirer's public key.
• Acquirer alternative certificate (PEM format): This file is an alternative public certificate from the acquirer. It is optional and you can provide it if your acquirer has a second public certificate. It can be useful in migration situations where the acquirer is changing the key they use.
• Include only when scoped checkbox: The broker provides scoped functionality.
• Response Attribute Mappings: This option allows you to rename attributes received in the response body. For example, you can rename "idin-lastName" to "surname". You can provide none or multiple name-to-name mappings. This option works best with SAML. You should not rename OIDC attributes, since we use standardised and normalised attributes.
• QR code data: Option for the iDIN QR flow.
  • Merchant token
  • Secret signing key
  • QR backend URL

View iDIN issuers active in your account

You can view the list of iDIN issuers (or banks) connected to your domain at https://<YOUR_SIGNICAT_DOMAIN>.com/broker/authn/idin/issuers, where <YOUR_SIGNICAT_DOMAIN> is the domain registered in your Signicat Dashboard Domain management (opens new window).