HomeGuidesAPI Reference

1. Electronic identification of end-user

1) Obtain Authorization code

Request

🚧

urn:lvrtc:fpeil:aa scope shall be used

GET /trustedx-authserver/oauth/lvrtc-eipsign-as?response_type=code&  
   client_id=...&  
   state=...&  
   redirect_uri=...&  
   scope=...&  
   prompt=...&  
   acr_values=...&  
   ui_locales=...&

Response

GET {redirection_uri_path}?code={code}&state={state}  
HTTP/1.1  
Host: {redirection_uri_host}

2) Obtain a access token

Request

🚧

Using "code" value received from previous operation

POST /trustedx-authserver/oauth/lvrtc-eipsign-as/token HTTP/1.1  
Host: eidas.eparaksts.lv  
Authorization: Basic cG9ydCVDNCU4MWxzOmRybyVDNSVBMSVDNCVBQmJh  
Content-Type: application/x-www-form-urlencoded;  
charset=UTF-8  
grant_type=authorization_code&  
     redirect_uri=<https://www.demoapp.lv/oauth/back&>  
     code=4515...e0ban

Response

{  
"access_token" : "{string}",  
"token_type" : "Bearer",  
"expires_in" : "{number}"  
}

3) Obtain Information About the Authenticated User

Request

🚧

Using Access token received from previous operation

GET /trustedx-resources/openid/v1/users/me  
Host: eidas.eparaksts.lv  
Authorization: Bearer a2b4...6daf

Response (example for urn:lvrtc:fpeil:aa scope)

HTTP/1.1 200 OK  
Content-Type: application/json;charset=utf-8  
Date: Thu, 16 Nov 2017 10:14:21 GMT  
{  
"sub": "ddf12735f35675ecb652e6e1a80e41f1",  
"domain": "citizen",  
"acr": "urn:safelayer:tws:policies:authentication:level:high",  
"amr":["urn:eparaksts:tws:policies:authentication:adaptive:methods:sc_plugin"],  
"given_name": "ANDRIS",  
"family_name": "PARAUDZIŠ",  
"name": "ANDRIS PARAUDZIŠ",  
"serial_number": "PNOLV-010180-15097",  
"eips": "VAS \"Latvijas Valsts radio un televzijas centrs\""  
}

Updated 9 months ago