Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

There is an appsettings.json file that contains all the necessary configuration.

Code Block
languagejson
{
  "Logging": {
    "LogLevel": {
      "Default": "Warning"
    }
  },
  "AllowedHosts": "*",
  "AuthorizationServer": "https://demo.coreone.ch/",
  "ClientId": "iam-test-app",
  "ClientSecret": "myverysecuresecret",
  "SeedDataIfNewDatabase": true,
  "DeleteBillLoaAcr": "urn:customer:authentication:loa:2",
  "SqLiteDbPath": "database.db",
  "SubjectIdPrefix": "demoid:",
  "UseMinifiedRoleWithContextClaim": true // Introduced in version 9.1
}

Access Rights

There are a certain amount of access rights that are documented on the home page of the application. You will need to create them as resource objects withing the CoreOne Application Service and provision them to the CoreOne Authentication Service.

Features

Implemented in Version 1.0 (Moléson)

  • Authentication to the secured area with a natural persons (Bills and User Information)

  • Re-authentication with a configurable LoA to delete bills

  • Re-authentication with the clients LoA to approve a bill

  • Re-authentication with the clients LoA MAX to decline a bill

Implemented in Version 1.1 (Moléson)

  • Record matching to existing entries for natural persons

Implemented in Version 1.2 (Altenalptürm)

  • Only see the bills that the user has been granted access to

  • Authentication to the secured area with natural persons including their delegations for other natural persons

  • Authentication to the secured area with natural persons including their delegations for other legal entities

Implemented in Version 1.3 (Pilatus)

  • Allowed customising of customer name and authentication server name using the appsetting.json file

Implemented in Version 1.4 (Stockhorn)

  • Added reauthentication test feature. You now can now specify ACR values from the reauthentication tests tab on the user details page.

Implemented in Version 1.5 (Stockhorn)

  • There is a new application setting to switch between the the new minified roles_with_context claim.

Pitfalls

  • A legal entity in the data structure should not have an Email address set

  • The application is not very robust at the moment. Please enable stdout in the web.config and check the log file

  • I added error messages that should indicate which object is missing in the data structure