Introduction
SwissID is a free service provided by SwissSign Group, a joint venture of state-affiliated businesses, financial institutions, insurance and health insurance companies. This identity provider can be used for authentication in the CoreOne Suite.
Step 1 - Data needed
Before you can start configuring the SwissID as an external identity provider, you need the following data.
You will have to have an agreement with SwissID, if you haven’t one already, we are happy to assist you in this matter.
Once you have the agreement, the SwissID team will provide you with a Client-Key and a Client-Secret.The QoA level that you would like to use while performing an authentication request against SwissID
The URLs for the SwissID connection depending on the system PROD / INT.
Step 2 - Add/Configure External Identity provider
To configure SwissID as an external identity provider, proceed with the following steps. To modify or add an external identity provider go to SSO → External Identity providers
...
Setting | Value | ||
|---|---|---|---|
Name | SwissID | ||
Description | Swiss Auth Provider | ||
Display name | SwissID | ||
State | Active | ||
Icon | SwissID | ||
Option type | iTsense.CoreLogin2.Server.ExternalAuthentication.Options.Specific.SwissIdOAuthProviderOptions, iTsense.CoreLogin2.Server, Version=4.1911.7.1, Culture=neutral, PublicKeyToken=null | ||
Configuration | { "clientId": "******", "clientSecret": "******", "AuthorizationEndpoint": "https://login.int.swissid.ch/idp/oauth2/authorize", "TokenEndpoint": "https://login.int.swissid.ch/idp/oauth2/access_token", "UserInformationEndpoint": "https://login.int.swissid.ch/idp/oauth2/userinfo"}
| ||
Authentication scheme | SwissID |
Step 3 - Define the attribute mapping
As a next Step you can configure the Attribute-Mappings. The Attribute-Mappings defines which SwissID Claim should be automatically matched to which CoreOne Suite attribute.
...
Attribute | Original Claim Type Name |
|---|---|
Surename | http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname |
Givenname | http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname |
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress |
Step 4 - Set SwissID as your identity provider
You can set your identity provider in the portal. Under “Accounts and Security → Social Logins“ you can add or remove SwissID. This allows you to log in via SwissID-Button which will be displayed on the authentication-page of the CoreOne Suite.
Step 5 - Verify you SwissID Account
If you haven used SwissID before, you can register an Account by filling out the form. You have to verifiy your account with an activation-code which you will recieve per email.