HomeSignicat WebsiteSupportGet Started
Search…
Signicat Documentation
Releases
Release Notes: Signicat NextGen
Release Notes
MySignicat
MySignicat Overview
MySignicat Dashboard
Federation Dashboard
Admins Management
Signicat Identity Broker
Identity Broker Overview
Certificates in Identity Broker
Identity Broker Dashboard
Service Providers
Authentication Providers
Belgian eID (.beID)
OwnIdP
OwnIdP
DigiD
Digital Passport
eHerkenning/eIDAS
Communication
iDIN
IRMA
itsme
UZI Pas
Connection Methods
Social IDs
Message Log
Broker Settings
SAML Attribute Consuming Services
Level of Assurance Contracts
Attribute Filters
Service Catalogue
Broker Services
Broker Features
eHerkenning Broker
Intro to eHerkenning Broker
Direct Connection to eHerkenning Broker
eHerkenning Service Catalogue
Example Messages
Certificates in eHerkenning Broker
BSNk Polymorphic Decryption Keys
Interface Management
Communication
OwnIdP
OwnIdP Overview
OwnIdP Dashboard
Managing Organisations
Managing Roles
Managing Roles per Service Provider
Managing Users
Custom Attributes
OwnIdP Settings
SCIM API v1.0
Signicat Adapters
SDK Overview
Mobile SDK
Web SDK
Manual SDK Configuration
Knowledgebase
Changes to IdP-scoping in Signicat Identity Broker
eHerkenning Broker Migration
Frequently Asked Questions
Glossary of Terms
ID Method Overview
Protocol Information
Signicat Support
Connectis Legacy Content
Powered By GitBook
eHerkenning/eIDAS
Configuration settings for the eHerkenning/eIDAS eID in the Signicat Identity Broker.
If you do not have the Signicat Identity Broker, you will need to follow the steps for direct connections to the eHerkenning Broker.
Learn more about eHerkenning/eIDAS in the Knowledgebase.

The Identity Broker dashboard will show you all previously configured service and authentication providers. To add eHerkenning to the list, please contact Technical Support and they will add it for you.
In order for Signicat to connect to the eHerkenning Broker, you must provide us with a number of details. These are as follows:
  • Your sales contract
  • Self-Declaration (Zelfverklaring)

Sign the Self-Declaration where you indicate to agree to the demands and agreements in the eHerkenning federation (in Dutch). Send this signed self-declaration to Technical Support. Perform this step for each service that you want to publish in the eHerkenning and/or eIDAS service catalogue.

The Signicat Identity Broker must be configured with two certificates, one for pre-production and one for production, which will be used to cryptographically sign the messages between the Signicat Identity Broker and the eHerkenning/eIDAS network.
Tip: Check out the page Certificates in Identity Broker for a clear outline of the steps involved.

Once it has been added to the list of authentication providers on your dashboard, eHerkenning can now be selected.
Adjust the settings as necessary and Save the connection.
  • Organisation Identification Number (OIN): This will be automatically filled based on your certificate.
  • Entity index: The connection index; Often 9001 for the test environment and 1 for the production environment.
  • Default eHerkenning service: Once you have defined eHerkenning services, you are able to set the default eHerkenning service in this field. It is possible to set the default eHerkenning service, you will log in to this service if you do not specify any eHerkenning service in the Login Request
  • Decrypt attributes at the broker checkbox: Check this checkbox if you want the Signicat Identity broker to do the decryption of the values for you.
  • Include only when scoped checkbox: This indicates that the Authentication provider will not be visible on the Authentication Provider selection screen, but can only be reached by using IdP scoping.
  • Select attribute filter: Attribute filters allow you to filter out certain attributes to make the response more concise for further processing in your software.
  • Option to add Response attribute mapping:
    Response attribute mapping allows you to choose the name of the attribute and thus use a standardised name that you receive in the response from the different authentication methods that are activated.
Tip: See Broker Features for more information.

Once the connection is saved, press the Get Broker Metadata button and email the metadata in .xml format to Technical Support.

When eHerkenning has been successfully added to the dashboard as an Authentication Provider choice, click
to proceed. You will then be presented with the following screen:
​
​
Note: If you use only eHerkenning as an Identity Provider and no others, this step will be skipped.
Select eHerkenning to be redirected to the eHerkenning login screen.

Once you have an eHerkenning connection, it is important to tell your customers about the new set-up in good time, so that they are ready for the change. They need to know that the way they log in is changing, and that they will need to have an eHerkenning login. Good internal and external communication is therefore essential.
For more information, read the eHerkenning and eIDAS communication guides.

If you would like to see how eHerkenning/eIDAS works, you can request Signicat's free trial.

​
Previous
Digital Passport
Next
Communication
Last modified 4mo ago
Copy link
On this page
Getting started
Certificate information
eHerkenning settings
Broker Metadata
Integrating eHerkenning through Signicat
Communication
Trial information
Other Sources