HomeSignicat WebsiteSupportGet Started
Search…
Signicat Documentation
Releases
Release Notes: Signicat NextGen
Release Notes
MySignicat
MySignicat Overview
MySignicat Dashboard
Federation Dashboard
Admins Management
Signicat Identity Broker
Identity Broker Overview
Certificates in Identity Broker
Identity Broker Dashboard
Service Providers
Authentication Providers
Message Log
Broker Settings
SAML Attribute Consuming Services
Level of Assurance Contracts
Attribute Filters
Service Catalogue
Broker Services
Features & Specifications
eHerkenning Broker
Intro to eHerkenning Broker
Configure eHerkenning Broker
BSNk Polymorphic Decryption Keys
Interface Management
Communication
Customer Identity and Access Management
CIAM Overview
CIAM Dashboard
Managing Organisations
Managing Users
Managing Roles
Custom Attributes
CIAM Settings
SCIM API v1.0
SDK
Signicat Adapters
Web SDK
Mobile SDK
Knowledgebase
Frequently Asked Questions
Glossary
eID Overview
About Belgian eID (.beID)
About CIAM
About DigiD
About Digital Passport
About eHerkenning/eIDAS
About iDIN
About IRMA
About itsme
About UZI Pas
Protocol information
Connectis Identity Broker (deprecated)
Configure Your Environment with MyConnectis
Configuring eIDs
Connecting Your Application
Generic information
Testing Toolkit (deprecated)
SCIM API v0.1 (deprecated)
Support
Powered By GitBook
Broker Services
This page describes how to configure Broker Services in the Signicat Identity Broker.
Broker services allow you to configure scenarios for the Signicat Identity Broker to be used in the request for the Identity Provider.
To configure services, select the Broker Services section in the Identity Broker menu.
The Broker Services dashboard.
The Default service is always configured and can not be removed, only edited. This is where other broker services, can be added, edited and removed.
Example: Configuring an IRMA broker service.
In the example above, we can see the configuration section of a single service.
  • Name: The name of the broker service (required).
  • Select default minimum level of assurance: Here you can set the minimum Level of Assurance (LoA) to be provided by the broker service.
  • Selected authn provider: This is where you configure the Identity Providers that the Broker should allow to be used for authentication when the login flow is using the selected service (optional - multiple).
  • Provide authn configuration: Here you can configure the requested attributes that can be added per Identity Provider, so the Broker will send them on the request (optional - multiple).
    • Depending on the protocol of the Identity Provider, the name of attributes can change:
      • Saml -> Index
      • OpenID -> Scopes
      • IDIN -> RequestedAttributes

Requesting Broker Services

In order to use services on the login flow, Service Providers have 2 options:
  1. 1.
    Send the service on the login request. For this functionality, Broker supports following protocols:
    • OpenID: The service should be requested by using the scope attribute. Services available in the Broker are shown in the well-known/openid-configuration endpoint of the broker: {domain}/broker/sp/oidc/.well-known/openid-configuration. The services are listed with the following format service:$ServiceName.
  2. 2.
    Configure default service in the configuration-app. This is feature is available for each configured service provider connection. Broker will first try to use a service that was sent in the login request. If no service is requested, it will try to use the service configured in the service provider connection, if available.
Select default broker service on Service Provider Connection.
Previous
Identifiers (ECTAs)
Next - Signicat Identity Broker
Features & Specifications
Last modified 2mo ago
Copy link
Contents
Requesting Broker Services