HomeSignicat websiteSupport
Search…
Signicat Documentation
Releases
Release Notes: Signicat NextGen
Release Notes
MySignicat
MySignicat Overview
MySignicat Dashboard
Federation Dashboard
Admins Management
Signicat Identity Broker
Identity Broker Overview
Certificates in Identity Broker
Identity Broker Dashboard
Service Providers
Authentication Providers
Message Log
Broker Settings
SAML Attribute Consuming Services
Level of Assurance Contracts
Attribute Filters
Service Catalogue
Identifiers (ECTAs)
Broker Services
Features & Specifications
eHerkenning Broker
Intro to eHerkenning Broker
Configure eHerkenning Broker
BSNk Polymorphic Decryption Keys
Interface Management
Communication
Customer Identity and Access Management
CIAM Overview
CIAM Dashboard
Managing Organisations
Managing Users
Managing Roles
Custom Attributes
CIAM Settings
SCIM API v1.0
SDK
Signicat Adapters
Web SDK
Mobile SDK
API Documentation
Knowledgebase
Frequently Asked Questions
Glossary
eID Overview
About Belgian eID (.beID)
About CIAM
About DigiD
About Digital Passport
About eHerkenning/eIDAS
About iDIN
About IRMA
About itsme
About UZI Pas
Protocol information
Connectis Identity Broker (deprecated)
Configure Your Environment with MyConnectis
Configuring eIDs
Connecting Your Application
Generic information
Testing Toolkit (deprecated)
SCIM API v0.1 (deprecated)
Support
Powered By GitBook
Service Catalogue
Here you will find everything you need to create a Service Catalogue in the Identity Broker.
Company Settings need to be created before creating the Service Catalogue. These can be found within Broker Settings.

Introduction

To publish a service in the eHerkenning network so that organisations can authorise their members to login to these services, data on the service must be published to eHerkenning. This data is published through service catalogues. A service catalogue can contain information for multiple services.
You can add access the eHerkenning Service Catalogue through the main menu of the Identity Broker's dashboard.
Service catalogues define information about your services. Services are indicated through a ServiceID, which contains an Organisational Identification Number (OIN, or Government Identification Number) and index. We automatically set the OIN based on your connection.
To begin adding to the service catalogue, select Add a Service and choose the type of service you would like to add - eHerkenning (used by Dutch organisations) or eIDAS (used by European citizens).

eHerkenning Service Configuration

  • Service Index: This is used to differentiate your service from the other services you (might) provide. This can be any value between 1 and 9999. The index with 0 is reserved for the portal function in eHerkenning, in case your organisation has a webservice portal that includes various eHerkenning services.
  • Level of Assurance (LoA): Here you can select the desired LoA. Read more about which Level of Assurance to choose for your services. See note below.
  • Service Name: Here you should provide a proper and descriptive name for your service (max 64 characters). It should be clear to the users what the service is intended for. Make sure you use a unique service name so no misunderstanding is possible with other services.
    For example: “Apply for a parking permit”.
  • Service Description: This is a short description of what the service is intended for (max 1024 characters).
  • Service Description URL: Provide a valid URL to your website, explaining what the service can be used for.
  • Support SSO: Here you can toggle the option for Single Sign On (SSO) of the eHerkenning authentication providers on and off. It only works for LoA lower than level 4.
LoA
eIDAS
SAML2
2
Low
urn:etoegang:core:assurance-class:loa2
2+
Low
urn:etoegang:core:assurance-class:loa2plus
3
Substantial
urn:etoegang:core:assurance-class:loa3
4
High
urn:etoegang:core:assurance-class:loa4
IMPORTANT: Service names in the service catalogue are very important. Read more about choosing the name of the service in the FAQ section of the Knowledgebase.

Specifications

  • Support Branch Offices: If you accept login transactions for branch offices the following applies:
    • You must also accept login transactions without branch office number,
    • You must respect the restriction to act only for a branch office, to ensure a legally valid legal act has been concluded,
    • You may not use the branch office to determine the location, only to determine the limits of the power of representation.
  • User Attributes: Also known as Entity Concerned Types (ECTAs), these are an Identifier Set and are a combination of one or more identifying attributes. Read more about Identifiers (ETCAs) here.
  • Requested Attributes: You may use optional attributes. Please check the attribute catalogue (in Dutch) for more information if you plan on using additional attributes. Attributes can be divided into Must have and Nice to have. If you set an attribute as "must have", it means the user will not be able to login to your service if he does not want to, or cannot, supply the requested attribute.
Warning: Not all attributes are supported or available by the authentication services or authorisation registries. Therefore, do not set optional attributes as "required" for your service or some portion of users will not be able to login.
  • Purpose Statements: If Requested Attributes are chosen, you must add purpose statements to advise the user on the reason for the required attribute.
  • Privacy Policy URL: If Requested Attributes are chosen, you must add a valid URL to your Privacy Policy. This is required by law and should be consistent with the EU laws regarding Privacy.
Here you can find the official manual (in Dutch) containing the obligations and advice on filling in service catalogue entries:
Handleiding Dienstencatalogus Versie V.pdf
918KB
PDF
Learn more about Service Catalogue requirements from eHerkenning.
Signicat Identity Broker - Previous
Attribute Filters
Next
Identifiers (ECTAs)
Last modified 1mo ago
Copy link
Contents
Introduction