-
Notifications
You must be signed in to change notification settings - Fork 18
FAQ
In case you are using Java or PHP development frameworks, the easiest way to do the integration is to use our "free to use" client libraries. When you are using some other development framework, please read our API description. The Smart-ID integration API is based on JSON/REST and it’s easy to use from all the major nowadays development frameworks. For development purposes we have a publicly available demo environment, you don’t need any agreement for implementing Smart-ID support. For accessing the production service you should have an agreement. More information about service agreements and prices is available here.
We have got feedback from developers and e-service providers that implementing Smart-ID authentication is easy and usually it takes one to two days. The signing process is more complicated and the amount of development work needed depends on your current implementation. In case there is document signing based on ID-card already in place, adding the Smart-ID support should take up to one week.
Yes, we are happy to provide you free support for integrating the Smart-ID. Please contact us via [email protected].
These are unique identifiers of the e-service provider. The e-service provider name is displayed to the end-user in Smart-ID app during authentication and signing. The service provider should inform SK of the ServiceName that will be used. The RPUUID is service internal parameter that is provided by SK to the e-service provider. Both parameters are fixed in agreement between e-service provider and SK ID Solutions.
For making automated integration testing easier there are Smart-ID auto-responder test accounts here . These accounts are returning pre-defined status codes and responses according to specifications. This means that you don’t have to automate Smart-ID app side during the testing, this is already done by SK.
Yes and no. You cannot call the Smart-ID app directly from some other application. You have to do the server side integration in a way that your app is calling your server and your server is making RP API call to the Smart-ID platform. The reason for that is our security and business model. Still we have in our 2020 roadmap some developments that will make app-2-app integration smoother (especially in iOS platform).
Detailed info is at document Certificate and OCSP Profile for Smart-ID available at https://www.sk.ee/en/repository/profiles/
User's personal code can be found from certificate's attribute SERIALNUMBER. This attribute can contain personal number, a national identity card number or passport number.
NB! Please do not use personal code from certificate's Common Name (CN) field. Newer certificates contain only surName (SN) and givenName (G) in CN field.
Examples:
- PNOEE-47101010033
- PASUA-PU12345
- IDCUA-47101010033
Number format follows clause 5.1.3 of ETSI EN 319 412-1. Natural identity type „PNO“ is used when national level personal identity number is available. Natural identity type „PAS“ is used for passport number and identity type „IDC“ is used for national identity card number. Detailed info from Certificate and OCSP Profile for Smart-ID
Personal code from CN will be removed in stages, depends on registration method. Testing in DEMO environment is available.
| Registration method | Demo availability from | Certificates issued in production |
|---|---|---|
| Biometric | 2021-07-09 | 2022-05-17 |
| Existing Smart-ID | 2021-07-09 | 2022-05-17 |
| BankOffice | 2021-07-09 | 2022-05-17* |
| ID-Card | 2022-02-07 | 2022-03-03 |
| Mobile-ID | 2022-02-07 | 2022-03-03 |
| Banklink | 2022-02-07 | TBD |
- Following this date, all Q-level accounts no longer feature a personal code in the Certificate Common Name (CN) attribute. NQ-level accounts CN attribute still includes personal code.
Birth of date is encoded into personal identity code. Latvian new personal identity code format is exception thow. Special birth of date field will be added to Smart-ID certificates in stages and only for QUALIFIED accounts. For convinience smart-id-java-client and smart-id-php-client have special function getDateOfBirth and getDateOfBirth for that. For getting that info directly from certificate see getDateOfBirthCertificateAttribute and getDateOfBirthFromCertificateField
Testing in DEMO environment is available with test accounts and with next registration methods:
| Registration method | Demo availability from | Certificates issued in production |
|---|---|---|
| Biometric | 2021-07-09 | 2021-05-20 |
| Existing Smart-ID | TBD | TBD |
| BankOffice | 2021-08-09 | 2022-01-04* |
| ID-Card | TBD | TBD |
| Mobile-ID | TBD | TBD |
| Banklink | TBD | TBD |
- The registration time for BankOffice may vary. The previous version of the API was terminated on the 4th of January 2022.
How to handle error 471 (No suitable account of requested type found, but user has some other accounts)?
User is having Smart-ID Basic account which has limited access: it can be used for online banking, but user won’t be able to log in to other e-services, sign documents etc.
Following message should be displayed:
You are using a Smart-ID Basic account. This account has limited access: you can use it for online banking, but won’t be able to log in to other e-services, sign documents etc. Please upgrade your Smart-ID account. You should create a new account electronically using your ID-card, Mobile-ID (in Lithuania) or by visiting bank office.
See Smart-ID FAQ for more information. https://www.smart-id.com/help/faq/
Different registration methods: https://www.smart-id.com/help/faq/registering/registration-methods-for-smart-id
Requirements for ID-card registration: https://www.smart-id.com/help/faq/#requirements-for-id-card-registration-1509 (ENG)
Smart-ID registration in bank office: https://www.smart-id.com/help/faq/using-smart-id/actions-can-smart-id-customer-service-points/