HomeSignicat WebsiteSupportGet Started
Search…
Signicat Documentation
Releases
Release Notes: Signicat NextGen
Release Notes
MySignicat
MySignicat Overview
MySignicat Dashboard
Federation Dashboard
Admins Management
Signicat Identity Broker
Identity Broker Overview
Certificates in Identity Broker
Identity Broker Dashboard
Service Providers
Authentication Providers
Message Log
Broker Settings
SAML Attribute Consuming Services
Level of Assurance Contracts
Attribute Filters
Service Catalogue
Broker Services
Broker Features
eHerkenning Broker
Intro to eHerkenning Broker
Direct Connection to eHerkenning Broker
eHerkenning Service Catalogue
Example Messages
Certificates in eHerkenning Broker
BSNk Polymorphic Decryption Keys
Interface Management
Communication
OwnIdP
OwnIdP Overview
OwnIdP Dashboard
Managing Organisations
Managing Roles
Managing Roles per Service Provider
Managing Users
Custom Attributes
OwnIdP Settings
SCIM API v1.0
Signicat Adapters
SDK Overview
Mobile SDK
Web SDK
Manual SDK Configuration
Knowledgebase
Changes to IdP-scoping in Signicat Identity Broker
eHerkenning Broker Migration
Frequently Asked Questions
Glossary of Terms
ID Method Overview
Protocol Information
Signicat Support
Connectis Legacy Content
Powered By GitBook
Broker Services
This page describes how to configure Broker Services in the Signicat Identity Broker.
Broker services allow you to configure scenarios for the Signicat Identity Broker to be used in the request for the identity provider.
To configure services, select the Broker Services section in the Identity Broker menu.
The Broker Services dashboard.
The default service is always configured and cannot be removed, only edited. This is where other broker services, can be added, edited and removed.
Example: Configuring an IRMA broker service.
In the example above, we can see the configuration section of a single service.
  • Name: The name of the broker service (required).
  • Select default minimum Level of Assurance: Here you can set the minimum Level of Assurance (LoA) to be provided by the broker service.
  • Selected authn provider: This is where you configure the Identity Providers that the Broker should allow to be used for authentication when the login flow is using the selected service (optional - multiple).
  • Provide authn configuration: Here you can configure the requested attributes that can be added per Identity Provider, so the Broker will send them on the request (optional - multiple).
    • Depending on the protocol of the Identity Provider, the name of attributes can change:
      • Saml -> Index
      • OpenID -> Scopes
      • IDIN -> RequestedAttributes

Requesting broker services

In order to use services on the login flow, service providers have two options:
  1. 1.
    Send the service on the login request. For this functionality, the Broker supports following protocols:
    • OpenID: The service should be requested by using the scope attribute. Services available in the Broker are shown in the well-known/openid-configuration endpoint of the broker: {domain}/broker/sp/oidc/.well-known/openid-configuration. The services are listed with the following format service:$ServiceName.
  2. 2.
    Configure default service in the configuration-app. This is feature is available for each configured service provider connection. The Broker will first try to use a service that was sent in the login request. If no service is requested, it will try to use the service configured in the service provider connection, if available.
Select default broker service on Service Provider Connection.
Previous
Identifiers (ECTAs)
Next - Signicat Identity Broker
Broker Features
Last modified 1mo ago
Copy link
Contents
Requesting broker services