Instructions to developers of e-services

These instructions show Katso management users or developers (working with public entities or organisations) how to create a test environment to examine and test the features of the Katso Identification System.

The Katso e-service has two alternative interfaces for secure user identification. The most popular solution is to link a Web-based e-service with the Katso Identification System.

This way, the user is redirected to the Login site where he or she has the option to either click the Katso OTP icon (for strong authentication) or the PWD icon (weak authentication) and then type the User ID, Password; and the One-Time Password in the case of strong authentication. This solution involving a link to the Web-based e-service relies on the use of ready-made agent/connector products that are available from several commercial software vendors (for more information, see Libraries and connectors).

The other alternative for gaining access to Katso is to utilize an application-to-application interface (Web Services). This means that an application is connected with Katso and uses Katso Web Service interfaces to perform the user identification when users sign in securely. Typical examples of an application to be connected include accounting programs that produce reports required by the Tax Administration. This access alternative would similarly request the user to type their User ID, Password, and additionally a One-Time Password, if any (unless the system is programmed to include a technical password). No ready-made software components are available for creating the necessary connections.

Instructions for linking an e-service with Katso (Web user platform)

The instructions are (in pdf format) packaged as follows:

  1. Katso sign in and Karva role query (11.10.2013)
    • The Katso-Karva section explains the user attributes necessary for signing in to Katso, and the attributes of role query.
  2. JHS 159 standard (23.10.2008)
    • Description of ISO OID identifier
  3. Agent selection (8.1.2010)
    • This instruction discusses the selection principles of agent software products, most suitable for e-services.
  4. SAML SP For Java - agent implementation guide
    • This instruction discusses Katso Identification, the use of Ubisecure SAML SP For Java as the agent, which secures the link to the e-services.

Instructions for joining e-services to Katso IDP

The package of instructions contains the following document (in pdf format):

  1. Katso developers manual (26 April 2012)
    • The document describes the connection of an e-service with the "Logica" site in the management interface of the Ubisecure SSO server. It focuses on how to configure a new e-service.

Instructions for Katso Web Services interfaces

The instructions are (in pdf format) packaged as follows:

  1. Katso Developers Guide (25.11.2014)
    • For Katso developers.  Katso Developers Guide covers authorizations, authorization policies, agents, SAML 2.0 and ID-WSF technologies. Published in English.
  2. Ubilogin WSC (5.9.2007)
    • Intended for software developers who design, develop or configure Web Services –client (WSC) solutions using Tunnistus.fi as the authentication source (IdP). Published in English.
  3. Ubilogin WSIDP (30.10.2007)
    • Intended for software developers who design, develop or configure Web Services. Includes a Message Exchange Example, examples of successful role queries and sign-in queries. Published in English.
  4. Ubilogin WSP (29.6.2007)
    • Intended for software developers who design, develop or configure Web Services (WSP) solutions. Published in English.

AnswerBank

Go to AnswerBank