iDIN
These steps will help you to configure iDIN as an eID within the Identity Broker.
For more information about iDIN in general, check out the iDIN entry in the Knowledgebase.

Getting started

To get started, you will first need to email Signicat's Technical Support to request the activation of an iDIN connection. Once the iDIN connections have been created, you can then select it as an authentication provider and configure the settings.
With iDIN, there are two connection options:
  1. 1.
    If you already have a merchant contract with a Dutch bank as an acquirer, or if you would like to have your own contract, please chose the option Custom Acquirer. The bank will fulfil the role of Acquirer for your iDIN connection.
  2. 2.
    If you don't want to arrange a merchant contract with a Dutch bank, then you can choose the option Signicat DISP. In this case, Signicat will act as a merchant on behalf of you.

Connecting to pre-production

  1. 1.
    Go to pre-production portal of the chosen Acquirer.
  2. 2.
    Contact [email protected] to receive your signing certificate.
  3. 3.
    Log in with the credentials provided by the bank, and go to Merchants → Services.
  4. 4.
    Upload the signing certificate at the bottom part of the page.
  5. 5.
    Send the following information to Technical Support:
    Acquirer, MerchantID, Routing Service URL, and ServiceID.

Connecting to production

  1. 1.
    Follow the same steps as mentioned above to set up the production connection.
  2. 2.
    You have to enable your iDIN production connection in the portal of your Acquirer. Log in to your Acquirer’s production portal and go to Merchants → Services.
  3. 3.
    In the “Do tests” step, click “Confirm integration tests”. Check all the boxes to finish the process.

iDIN settings

Custom Acquirer settings

  • Merchant ID: This is the contract number for iDIN. The Merchant obtains this ID after registration for iDIN. Made up of Acquirer.AcquirerID (first four positions) and a unique number of exactly six positions.
  • Merchant subID: The subID uniquely defines the name and address of the Merchant to be used for the iDIN. The Merchant obtains the subID from its Acquirer after registration for iDIN. A Merchant can request permission from the Acquirer to use one or more subIDs. Unless agreed otherwise with the Acquirer, the Merchant has to use 0 (zero) as subID by default (if no subIDs are used).
  • Routing service URL: You will receive this URL from your acquirer once you have set up your merchant agreement with an acquirer. This is the URL where iDIN Directory, Transaction and Status requests are made to.
  • Acquirer certificate (PEM format): This certificate corresponds to the acquirer's public key.
  • Acquirer alternative certificate (PEM format): This file is an alternative public certificate from the acquirer. It is optional and you can provide it if your acquirer has a second public certificate. It can be useful in migration situations where the acquirer is changing the key they use.
  • "Include only when scoped" checkbox: The broker provides scoped IdP functionality.
  • Select Attribute filter: Select an attribute filter (see Attribute Filters).
  • Response Attribute Mappings: The user can choose to customise the name of the attributes received in the response body. You can provide none or multiple name-to-name mappings.
  • QR code data
    • Merchant token
    • Secret signing key
    • QR backend URL

Signicat DISP settings

  • "Include only when scoped" checkbox: The broker provides scoped IdP functionality.
  • Merchant subID: The subID uniquely defines the name and address of the Merchant to be used for the iDIN. The Merchant obtains the subID from its Acquirer after registration for iDIN. A Merchant can request permission from the Acquirer to use one or more subIDs. Unless agreed otherwise with the Acquirer, the Merchant has to use 0 (zero) as subID by default (if no subIDs are used).
  • Select Attribute filter: Select an attribute filter (see Attribute Filters)
  • Response Attribute mappings: The user can choose to customise the name of the attributes received in the response body. You can provide none or multiple name-to-name mappings.
  • QR code data
    • Merchant token
    • Secret signing key
    • QR backend URL
Tip: See Broker Features for more information.

Available attributes

Choose which attributes you want to receive in your iDIN response. You can also use this spreadsheet to help you choose which attributes to request and calculate the corresponding iDIN ServiceID.

SAML V2.0

iDIN uses the iDx standards as a messaging standard. However, it uses the generic information container in the iDx protocol to embed SAML 2.0 messages for iDIN specific elements. This container is only used in the AcquirerTrxReq, AcquirerStatusRes and sometimes in AcquirerErrorRes. For the other messages the container is left empty.

Test information

If you would like to, you can request a free trial.

Other resources

In case any of the steps mentioned above are unclear, please contact Technical Support via email or by calling
Last modified 2mo ago