HomeSignicat WebsiteSupportGet Started
Search…
Signicat Documentation
Releases
Release Notes: Signicat NextGen
Release Notes
MySignicat
MySignicat Overview
MySignicat Dashboard
Federation Dashboard
Admins Management
Signicat Identity Broker
Identity Broker Overview
Certificates in Identity Broker
Identity Broker Dashboard
Service Providers
Authentication Providers
Belgian eID (.beID)
OwnIdP
OwnIdP
DigiD
Digital Passport
eHerkenning/eIDAS
iDIN
IRMA
itsme
UZI Pas
Connection Methods
Social IDs
Message Log
Broker Settings
SAML Attribute Consuming Services
Level of Assurance Contracts
Attribute Filters
Service Catalogue
Broker Services
Broker Features
eHerkenning Broker
Intro to eHerkenning Broker
Direct Connection to eHerkenning Broker
eHerkenning Service Catalogue
Example Messages
Certificates in eHerkenning Broker
BSNk Polymorphic Decryption Keys
Interface Management
Communication
OwnIdP
OwnIdP Overview
OwnIdP Dashboard
Managing Organisations
Managing Roles
Managing Roles per Service Provider
Managing Users
Custom Attributes
OwnIdP Settings
SCIM API v1.0
Signicat Adapters
SDK Overview
Mobile SDK
Web SDK
Manual SDK Configuration
Knowledgebase
Changes to IdP-scoping in Signicat Identity Broker
eHerkenning Broker Migration
Frequently Asked Questions
Glossary of Terms
ID Method Overview
Protocol Information
Signicat Support
Connectis Legacy Content
Powered By GitBook
iDIN
These steps will help you to configure iDIN as an eID within the Identity Broker.
For more information about iDIN in general, check out the iDIN entry in the Knowledgebase.

To get started, you will first need to email Signicat's Technical Support to request the activation of an iDIN connection. Once the iDIN connections have been created, you can then select it as an authentication provider and configure the settings.
With iDIN, there are two connection options:
  1. 1.
    If you already have a merchant contract with a Dutch bank as an acquirer, or if you would like to have your own contract, please chose the option Custom Acquirer. The bank will fulfil the role of Acquirer for your iDIN connection.
  2. 2.
    If you don't want to arrange a merchant contract with a Dutch bank, then you can choose the option Signicat DISP. In this case, Signicat will act as a merchant on behalf of you.
If you choose option 1, you must follow the below steps to connect to pre-production and production. Otherwise, Signicat will arrange this for you.

  1. 1.
    Go to pre-production portal of the chosen Acquirer.
  2. 2.
    Contact [email protected] to receive your signing certificate.
  3. 3.
    Log in with the credentials provided by the bank, and go to Merchants → Services.
  4. 4.
    Upload the signing certificate at the bottom part of the page.
  5. 5.
    Send the following information to Technical Support:
    Acquirer, MerchantID, Routing Service URL, and ServiceID.

  1. 1.
    Follow the same steps as mentioned above to set up the production connection.
  2. 2.
    You have to enable your iDIN production connection in the portal of your Acquirer. Log in to your Acquirer’s production portal and go to Merchants → Services.
  3. 3.
    In the “Do tests” step, click “Confirm integration tests”. Check all the boxes to finish the process.

  • Merchant ID: This is the contract number for iDIN. The Merchant obtains this ID after registration for iDIN. Made up of Acquirer.AcquirerID (first four positions) and a unique number of exactly six positions.
  • Merchant subID: The subID uniquely defines the name and address of the Merchant to be used for the iDIN. The Merchant obtains the subID from its Acquirer after registration for iDIN. A Merchant can request permission from the Acquirer to use one or more subIDs. Unless agreed otherwise with the Acquirer, the Merchant has to use 0 (zero) as subID by default (if no subIDs are used).
  • Routing service URL: You will receive this URL from your acquirer once you have set up your merchant agreement with an acquirer. This is the URL where iDIN Directory, Transaction and Status requests are made to.
  • Acquirer certificate (PEM format): This certificate corresponds to the acquirer's public key.
  • Acquirer alternative certificate (PEM format): This file is an alternative public certificate from the acquirer. It is optional and you can provide it if your acquirer has a second public certificate. It can be useful in migration situations where the acquirer is changing the key they use.
  • "Include only when scoped" checkbox: The broker provides scoped IdP functionality.
  • Select attribute filter: Select an attribute filter (see Attribute Filters).
  • Response attribute mappings: The user can choose to customise the name of the attributes received in the response body. You can provide none or multiple name-to-name mappings.
  • QR code data:
    • Merchant token
    • Secret signing key
    • QR backend URL

  • "Include only when scoped" checkbox: The broker provides scoped IdP functionality.
  • Merchant subID: The subID uniquely defines the name and address of the Merchant to be used for the iDIN. The Merchant obtains the subID from its Acquirer after registration for iDIN. A Merchant can request permission from the Acquirer to use one or more subIDs. Unless agreed otherwise with the Acquirer, the Merchant has to use 0 (zero) as subID by default (if no subIDs are used).
  • Select attribute filter: Select an attribute filter (see Attribute Filters)
  • Response attribute mappings: The user can choose to customise the name of the attributes received in the response body. You can provide none or multiple name-to-name mappings.
  • QR code data:
    • Merchant token
    • Secret signing key
    • QR backend URL
Tip: See Broker Features for more information.

Choose which attributes you want to receive in your iDIN response. You can also use this spreadsheet to help you choose which attributes to request and calculate the corresponding iDIN ServiceID.

iDIN uses the iDx standards as a messaging standard. However, it uses the generic information container in the iDx protocol to embed SAML 2.0 messages for iDIN specific elements. This container is only used in the AcquirerTrxReq, AcquirerStatusRes and sometimes in AcquirerErrorRes. For the other messages the container is left empty.

If you would like to, you can request a free trial.

In case any of the steps mentioned above are unclear, please contact Technical Support via email or by calling
Previous
Communication
Next
IRMA
Last modified 1mo ago
Copy link
On this page
Getting started
Connecting to pre-production
Connecting to production
iDIN settings
Available attributes
SAML V2.0
Trial information
Other resources