MitID Erhverv

MitID Erhverv is the official digital business solution for companies, organizations, and authorities in Denmark.

More information is found here: https://digst.dk/it-loesninger/mitid-erhverv/.

Supported OIDC parameters

Request parameter Value
idp_values mitid_erhverv

Supported identity provider parameters (idp_params -> mitid_erhverv)

Note here, that if the user enters the MitID flow for authentication, the specific MitID identity provider parameters is applied to the MitID flow, see more in the MitID identity provider section for information on MitID.

Identity Provider parameters (mitid_erhverv) Description
allow_private Type: Boolean, default: false

If set to true, then the user will be allowed to select to continue with this private MitID eID.

If no available professional identities are available for the user and the allow_true is set to true, then the private MitID identity is automatically selected.

Example JSON for identity providers (JSON URL encoded) 


{
  "mitid_erhverv": {
    "allow_private": true
  }
}



idp_params=%7B%E2%80%9Cmitid_erhverv%E2%80%9D%3A%7B%E2%80%9Callow_private%E2%80%9D%3Atrue%7D%7D

Supported scope values

Scope

Description

nemlogin

List of claims:

  • nemlogin.date_of_birth
  • nemlogin.email
  • nemlogin.name
  • nemlogin.family_name
  • nemlogin.given_name
  • nemlogin.nemid.rid
  • nemlogin.org_name
  • nemlogin.persistent_professional_id
  • nemlogin.cvr
  • nemlogin.se_number
  • nemlogin.p_number
  • nemlogin.cpr_uuid (for private service providers)
  • nemlogin.cpr (for public service providers)

ID Token identity claims

Claim value

Possible values

identity_type

professional

idp

mitid_erhverv

loa

Level of Assurance

One of

The Signaturgruppen Broker is a registered NSIS Substantial broker and thus cannot issue higher than Substantial.

ial

Identity Assurance Level

One of

  • https://data.gov.dk/concept/core/nsis/Low
  • https://data.gov.dk/concept/core/nsis/Substantial
  • https://data.gov.dk/concept/core/nsis/High

aal

Authenticator Assurance Level

One of

  • https://data.gov.dk/concept/core/nsis/Low
  • https://data.gov.dk/concept/core/nsis/Substantial
  • https://data.gov.dk/concept/core/nsis/High

amr

The list of authenticators used to achieve the resulting AAL/LoA.

Possible values are:

  • mitid:password
  • mitid:code_token
  • mitid:code_reader
  • mitid:code_app
  • mitid:code_app_enchanced
  • mitid:u2f_token

###

Transaction token MitID specific claims

Claim value

Possible values

mitid.reference_text

Passthrough of the MitID reference_text identity provider parameter.

mitid.psd2

The mitid.psd2 claim is always issued as a transaction token MitID specific claim.

transaction_actions

Type: string (single value) or JSON list

Only set, if one or more of the following transaction actions where performed:

  • mitid.login (Login completed)
  • mitid_erhverv.identity_selected

Lokal IdP

MitID Erhverv natively supports the “Lokal IdP” setup as a built-in choice for end-users as part of the authentication experience for MitID Erhverv.

As illustrated by the pictures here, the MitID Erhverv flow has an extra tab that allows the user to search for the specific Lokal IdP of choice and Signaturgruppen Broker will handle the integration as part of the MitID Erhverv flow. The output of the flow is still an official MitID Erhverv identity.

MitID Erhverv default MitID Erhverv Lokal Idp
MitID Erhverv default MitID Erhverv default

Table of contents