Versions Compared

Old Version 2

changes.mady.by.user Christoph Bimminger

Saved on

compared with

New Version Current

changes.mady.by.user Manuel Gierlinger

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Login: MyNamirial account (but user has to be added to the IDHub backend by an admin first)

Image RemovedIDHub ConfigurationImage Added


If it's a newly created organization, fill necessary connection data to connect from IDHub to SPID. For the DEMO spid environment e.g.:

Image RemovedSPID ParametersImage Added


Go to "Identity Providers" and configure your new identity provider for the specific business case.
The identity provider is the specific configuration which eSignAnyWhere later uses, and which knows by configuration which workflow of SPID to be used.

Image RemovedNew Identity Provider ConfigurationImage Added

Create a new identity provider:

Image RemovedNew Identity ProviderImage Added


→ note down or copy the client id and client secret to your eSAW configuration!

Image RemovedESaw IntegrationImage Added

Define that eSignAnyWhere is used. This allows the integration to access data provided by eSignAnyWhere already.

copy these urls, you will need it in your eSAW configuration.

Note that SPID has 2 kind of profiles: SPID FULL and SPID BASE. When using SPID BASE (can be selected on next page), the SPID does not provide a phone number.
When the signer's phone number should not be provided by the sender (in Disposable Certificate Data), but the signer should be asked to enter the phone number himself, select the checkbox "Request phone number for disposable".


In the next page, select Spid as identity type, and choose if the Spid Full or the Spid Base profile should be obtained from Spid.

Image RemovedSPID ProfileImage Added

Complete the wizard and save the just created Identity Provider.

After completing the wizard, define some properties and provide additional static values which the integration needs. This can be e.g. an information of a specific LRA handling to be used:

Image RemovedSPID PropertiesImage Added

For Spid, ensure to define in the provider also a static claim with a value indicating that the LRA overwriting has to be used.

recommended configuration:

claim name: x-namirial-lra-handing

value: namirial-<LRA-Number>

(a specific LRA number will be necessary, even if in any case Namirial will be the LRA, because it will require "technical LRAs" per customer to distinguish and invoice correctly the disposable certificates)

Image RemovedImage Added

Finally, press the save button.

In the processes tab, you see ongoing and completed identification processes (i.e. instances of identification).

Image RemovedProcess TabImage Added



Step 3: Configure eSignAnyWhere Identity Provider Configuration

...

  • Create a new envelope
  • Select the document(s) to be signed
  • Open the Authentication/Identification section
  • Add the OAuth Identification method "SPID" 
  • If indicated, place in the Designer page a signature field and select the signature method "Disposable Certificate".

Screenshots

Image Removed

Image Removed

Image Removed

Image Removed

Image Removed

Info

The screenshots below show an example use case of using SPID Full. In this case, the phone number is retrieved from the SPID data, so no phone number input page is shown.


Security Request From SenderImage Added

SPID AuthenticationImage Added

SPID Request AccessImage Added

SPID Request Access OTPImage Added

SPID Request Access OTP EnteredImage Added


Waiting For ApprovalImage AddedImage Removed