HomeGuidesAPI Reference
Guides
Start typing to search…

OAuth2.0 configuration

Basic parameters for OAuth 2.0 Service Configuration

Parameter

Description

Integration platform domain name Host

URL for authentication and authorization requests

Test environment: eidas-demo.eparaksts.lv

Production: eidas.eparaksts.lv

Client_ID

Service provider ID generated by LVRTC

Client_secret

Service provider Access Password generated by LVRTC

Scopes

  • urn:lvrtc:fpeil:aa* – For electronic identification
  • urn:lvrtc:fpeil:aa:age_18* – For electronic identification with age parameter (Restricted access, contact LVRTC for more information. Available ranges - age_14 / age_16 / age_18 / age_19 / age_20 / age_21 / age_24 / age_25
  • urn:safelayer:eidas:sign:identity:profile* – to get signing identity
  • urn:safelayer:eidas:sign:identity:use:server* – to request signature from the HSM.

Authorization Endpoint

https://{Host}/trustedx-authserver/oauth/{as}?

response_type=code&
client_id=...&
state=...&
redirect_uri=...&
scope=...&
prompt=...&
acr_values=...&
ui_locales=...

Access Token Endpoint

https://{Host}/trustedx-authserver/oauth/{as}/token

Important! Refresh token functionality is not supported, the expired session must be restored using the full authentication process.

User Info Endpoint

https://{Host}/trustedx-resources/openid/v1/users/me

{as}

  • lvrtc-eipsign-as* (default authorization server for authentification and access to signing services)
  • lvrtc-eips-as*_ (for identification with age parameter only. Restricted access, contact LVRTC for more information.)

Updated 9 days ago