...
Login: MyNamirial account (but user has to be added to the IDHub backend by an admin first)
Image RemovedImage Added
If it's a newly created organization, fill necessary connection data to connect from IDHub to SPID. For the DEMO spid environment e.g.:
Image RemovedImage Added
Go to "Identity Providers" and configure your new identity provider for the specific business case.
The identity provider is the specific configuration which eSignAnyWhere later uses, and which knows by configuration which workflow of SPID to be used.
Image RemovedImage Added
Create a new identity provider:
Image RemovedImage Added
→ note down or copy the client id and client secret to your eSAW configuration!
Image RemovedImage Added
Define that eSignAnyWhere is used. This allows the integration to access data provided by eSignAnyWhere already.
copy these urls, you will need it in your eSAW configuration.
Note that SPID has 2 kind of profiles: SPID FULL and SPID BASE. When using SPID BASE (can be selected on next page), the SPID does not provide a phone number.
When the signer's phone number should not be provided by the sender (in Disposable Certificate Data), but the signer should be asked to enter the phone number himself, select the checkbox "Request phone number for disposable".
In the next page, select Spid as identity type, and choose if the Spid Full or the Spid Base profile should be obtained from Spid.
Image RemovedImage Added
Complete the wizard and save the just created Identity Provider.
After completing the wizard, define some properties and provide additional static values which the integration needs. This can be e.g. an information of a specific LRA handling to be used:
Image RemovedImage Added
For Spid, ensure to define in the provider also a static claim with a value indicating that the LRA overwriting has to be used.
recommended configuration:
claim name: x-namirial-lra-handing
value: namirial-<LRA-Number>
(a specific LRA number will be necessary, even if in any case Namirial will be the LRA, because it will require "technical LRAs" per customer to distinguish and invoice correctly the disposable certificates)
Image RemovedImage Added
Finally, press the save button.
In the processes tab, you see ongoing and completed identification processes (i.e. instances of identification).
Image RemovedImage Added
Step 3: Configure eSignAnyWhere Identity Provider Configuration
...
- Create a new envelope
- Select the document(s) to be signed
- Open the Authentication/Identification section
- Add the OAuth Identification method "SPID"
- If indicated, place in the Designer page a signature field and select the signature method "Disposable Certificate".
Screenshots
Image Removed
Image Removed
Image Removed
Image Removed
Image Removed
Info |
---|
The screenshots below show an example use case of using SPID Full. In this case, the phone number is retrieved from the SPID data, so no phone number input page is shown. |
Image Added
Image Added
Image Added
Image Added
Image Added
Image AddedImage Removed