e-Identity verification
The e-Identity platform provides REST API web services that operate with the OAuth 2.0 and SAML 2.0 authorization protocols. The data format for the web service is JSON.
User identification with national electronic identification means
One integration to implement identity verification with:
- eParaksts mobile
- eID card
- eParaksts card.
The Law on Electronic Identification of Natural Persons (FPEIL) stipulates that from February 1, 2023, electronic service providers offering services fully or partially in electronic form must provide the possibility to receive services using national electronic identification means - eID card and the eParaksts mobile application.
Identification of person's adulthood in the digital environment
The age verification functionality of the e-Identity platform is designed for service providers, for whom it is legally necessary to clearly and securely determine the age of a person for the purchase and use of services or goods.
- Provides reliable age verification with accuracy up to a specific day and month.
- Reliable age data from the Register of Natural Persons (FPRIS).
What is necessary to start using (legally)?
- Create a legal entity profile at www.eParaksts.lv and fill out the service order form for the testing environment and/or e-Identity platform, indicating what you want to integrate.
- Sign the contract for the use of the service.
- After signing the contract, all the necessary access credentials for integrating the testing environment and/or production will be issued.
- Integrate the solution into the client's systems.
One testing environment contract can be used for the development and testing of various client solutions integration.
To obtain production credentials, the e-Identity platform contract must be concluded with the end client - the system owner for whom the integration will be carried out.
What is necessary to start using (in practice)?
- Use eidas-demo.eparaksts.lv for testing environment and eidas.eparaksts.lv for production.
- Authorization is performed using OAuth 2.0 code grant flow.
- Client authorization starts with a preformed redirect link (for example a login button on your website) to obtain code value. Use scope urn:lvrtc:fpeil:aa and lvrtc-eipsign-as identity provider. More information here.
- After receiving code value, exchange it for access token in backend with request
POST /trustedx-authserver/oauth/lvrtc-eipsign-as/token
(provide your credentials and code value). More information here. - Using access token you can retrieve user information with backend request
GET /trustedx-resources/openid/v1/users/me
(provide access/bearer token). More information here. - Full documentation of integration platform is available here.
If you want to use identity verification with a smart card on your website, don't forget to integrate the browser extension/plugin.
For age verification (restricted access contact LVRTC) use urn:lvrtc:fpeil:aa:age scope and lvrtc-eips-as identity provider.
Updated 9 months ago