By setting a value for EntityConcernedTypesAllowed, you determine which types of identifying attributes (in other words, which kinds of users) are allowed to log into your service. Different values can be used, depending on whether your service is coupled to eHerkenning or eIDAS.
The following values for EntityConcernedTypesAllowed are available for eHerkenning:
Used to identify a user through the RSIN (Rechtspersonen en Samenwerkingsverbanden Identificatienummer) (Legal persons and Partnerships Identification Number) of the represented organisation.
The KvK number (Dutch Chamber of Commerce number) of the represented organisation.
Can only be used together with EntityConcernedID:KvKnr.
The field “vestigingsnummer (nieuwe formaat)” (“branch number (new format)”) as available in the Chamber of Commerce will be included in the response.
If you include ServiceRestriction:Vestigingsnr in the EntityConcernedTypesAllowed field, then users can also log in if they are only authorised to represent a particular branch (vestiging) of the organisation. You must include this restriction in your service. This means that you should craft your application so that the user can only act on behalf of this branch, and not on behalf of the entire organisation.