Relying Party User Guide
Getting started as a Relying Party.
IDPartner offers a seamless integration for Relying Parties to access customer identity details through a consent-based approach. The integration follows a standard OIDC (OpenID Connect) process, ensuring compatibility and ease of implementation.
The IDPartner integration process, based on the standard OIDC interface, is designed to be easy and quick to implement. Developers can utilize libraries available in various programming languages to create an OIDC Client for seamless integration with IDPartner's services.
Installing IDPartner into your web application requires installing two components
Account Selection Process:
- 1.Install the IDPartner Button:
- Add the IDPartner Button to your web front-end application. This button facilitates the integration with IDPartner's services.
- 2.Create Backend Routes:
- Set up two routes in your backend application. The URLs for these routes should be defined when creating an Application in the IDPartner Console.
- 3.Account Selection API:
- Include your client ID and visitor ID as query parameters in the origin URL.
- This API allows the user to select a bank from which you will obtain identity information.
- The API response will include the issuer URL and ID, provided as query parameters (iss and idp_id) in the response.
- 4.Retrieve Metadata:
- If an issuer URL is present in the query parameters, retrieve the request metadata from the "/.well-known/openid-configuration" endpoint.
- This metadata contains the necessary algorithms and endpoints for securely initiating a request and receiving claims.
- 5.Create OIDC Client:
- Create an OIDC (OpenID Connect) client using the metadata obtained from the well-known endpoint of the issuer.
- Utilize an OIDC client library that supports your chosen programming language.
- 6.User Authentication and Authorization:
- Once the end-user successfully authenticates, the IDP (Identity Provider) will call the redirect URL with an authorization code.
- 7.Exchange Authorization Code:
- In your backend application, exchange the authorization code received from the IDP for the identity data.
- This exchange is done through the OIDC token endpoint.
- Sandbox Environment: Use client secret authentication.
- Production Environment: Use mutual TLS authentication with a certificate.