HomeGuidesAPI Reference
Guides
Start typing to search…

OAuth2.0 configuration

Basic parameters for OAuth 2.0 Service Configuration

Parameter

Description

  • Integration platform domain name {Host}_

URL for authentication and authorization requests

Test environment: eidas-demo.eparaksts.lv

Production: eidas.eparaksts.lv

Client_ID

Service provider ID generated by LVRTC

Client_secret

Service provider Access Password generated by LVRTC

Scopes

  • *urn:lvrtc:fpeil:aa** – For electronic identification
  • *urn:lvrtc:fpeil:aa:age** – For electronic identification with age parameter (Restricted access, contact LVRTC for more information.)
  • *urn:safelayer:eidas:sign:identity:profile** – to get signing identity
  • *urn:safelayer:eidas:sign:identity:use:server** – to request signature from the HSM.

Authorization Endpoint

https://{Host}/trustedx-authserver/oauth/{as}?

response_type=code&
client_id=...&
state=...&
redirect_uri=...&
scope=...&
prompt=...&
acr_values=...&
ui_locales=...

Access Token Endpoint

https://{Host}/trustedx-authserver/oauth/{as}/token

Important! Refresh token functionality is not supported, the expired session must be restored using the full authentication process.

User Info Endpoint

https://{Host}/trustedx-resources/openid/v1/users/me

{as}

  • *lvrtc-eipsign-as** (default authorization server for authentification and access to signing services)
  • *lvrtc-eips-as** (for identification with age parameter only. Restricted access, contact LVRTC for more information.)

Updated about 2 months ago