-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
5 changed files
with
7 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -661,7 +661,7 @@ Logging must enable the reconstruction of the course of the communication betwee | |
|------------|----------------------| | ||
| server discovery | Public endpoint for GOVSSO server OpenID Connect configuration information. Usually provided as standard endpoint for OIDC implementations that support service discovery. (References: OIDC-DISCOVERY "4.1 OpenID Provider Configuration Request"). | | ||
| public signature key of the service | JSON Web Key Set document for GOVSSO service. Publishes at minimum the public key that client applications must use to validate id token and logout token signatures. (References: JWK). | | ||
| registration of the client application | Dynamic registration is not supported, static registration via `[email protected]`. | | ||
| registration of the client application | Dynamic registration is not supported, static registration via [[email protected]](mailto:[email protected]). | | ||
| authorization | OAuth 2.0 authorization endpoint. Used for GOVSSO session update requests and authentication requests. (References: OAUTH "3.1. Authorization Endpoint"). | | ||
| token | GOVSSO endpoint to obtain an Access Token, an ID Token (References: OIDC-CORE "3.1.3. Token Endpoint"). Access tokens are returned for OAuth 2.0 compliance but their use in GOVSSO protocol is not required. | | ||
| logout | GOVSSO client application initiated logout endpoint. (References: OIDC-SESSION "5. RP-Initiated Logout"). | | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -60,7 +60,7 @@ Teenus on avatud toodangukeskkonnas augustist 2022. | |
|
||
## Rohkem teavet? | ||
|
||
Kontakt: `[email protected]`. | ||
Kontakt: [[email protected]](mailto:[email protected]). | ||
|
||
Kui pöördute liidestamisel või liidestatud klientrakenduses GovSSO kasutamise tehnilise probleemiga, siis palume valmis panna väljavõte klientrakenduse logist. Tõrkepõhjuse väljaselgitamiseks vajame teavet, mis päring(ud) GovSSO-sse saadeti ja mis vastuseks saadi. | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -64,7 +64,7 @@ Kui need on eraldi brauserid ehk käsitletavad eraldi seadmetena (s.t. igaühel | |
|
||
## Miks redirect_uri on *hard coded*? | ||
|
||
Turvalisuse kaalutlustel, samamoodi nagu TARA-s. redirect_uri tuleb registreerida liitumistaotluses ja seda saab hiljem muuta kirjutades [email protected]. | ||
Turvalisuse kaalutlustel, samamoodi nagu TARA-s. redirect_uri tuleb registreerida liitumistaotluses ja seda saab hiljem muuta kirjutades [[email protected]](mailto:[email protected]). | ||
Kui Teie klientrakenduse arhitektuurist tulenevalt on vaja, siis on võimalik registreerida ühele klientrakendusele mitu redirect_uri väärtust ja klientrakendus saab autentimispäringut sooritades ise valida, millise eelregistreeritud redirect_uri väärtuse ta kaasa annab. | ||
|
||
## Kas "given_name" on antud nimi või eesnimi? Samamoodi, kas "family_name" on perekonnanimi või viimane nimi? Mõnel juhul on need vahetuses (s.t perekonnanimi kirjutatakse esimese nimena)? | ||
|
@@ -101,12 +101,12 @@ Veendu et: | |
- Authorization päis on korrektselt koostatud vastavalt juhendile [Technical Specification](/TechnicalSpecification#62-id-token-request). | ||
- client_id ja client_secret väärtused on õiged ning väljastatud antud keskkonna jaoks. | ||
|
||
Uue saladuse (client_secret) väljastamiseks kontakteeru [email protected]. Kindlasti lisa vastava teenuse client_id millele saladust soovitakse. | ||
Uue saladuse (client_secret) väljastamiseks kontakteeru [[email protected]](mailto:[email protected]). Kindlasti lisa vastava teenuse client_id millele saladust soovitakse. | ||
|
||
## Kas brauseris peavad küpsised olema lubatud? | ||
|
||
Jah, GovSSO vajab küpsiste lubamist. | ||
|
||
|
||
Ei leidnud oma küsimusele vastust? Kontakteeru Riigi Infosüsteemi Ametiga: [email protected]. Kui sa oled juba GovSSO teenusega liitunud siis kindlasti lisa ka oma infopäringusse client_id väärtus. | ||
Ei leidnud oma küsimusele vastust? Kontakteeru Riigi Infosüsteemi Ametiga: [[email protected]](mailto:[email protected]). Kui sa oled juba GovSSO teenusega liitunud siis kindlasti lisa ka oma infopäringusse client_id väärtus. | ||
{: .adv} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -12,7 +12,7 @@ permalink: News | |
• Palume klientidel, kes on oma teenuses usaldanud senist DigiCert vahesertifikaati (DigiCert TLS Hybrid ECC SHA384 2020 CA1), asendada usaldusankur kas juursertifikaadiga või lõppolemi sertifikaadiga.<br/> | ||
• Palume klientidel, kes on oma teenuses usaldanud otse Riigi autentimisteenuse TLS lõppolemi sertifikaati (`*.ria.ee`), lisada enne vahetusaega usaldusankruks [uus lõppolemi sertifikaat](https://github.com/e-gov/TARA-Doku/blob/master/certificates/star_ria_ee_valid_until_2024-11-17.crt) ja eemaldada pärast vahetusaega senine lõppolemi sertifikaat.<br/> | ||
|
||
Täpsemalt TLS ühenduste usaldamisest: [https://e-gov.github.io/GOVSSO/TechnicalSpecification#712-verifying-the-tls-connection-to-endpoints](https://e-gov.github.io/GOVSSO/TechnicalSpecification#712-verifying-the-tls-connection-to-endpoints). Kui Teil esineb teenusega probleeme, siis palun võtke meiega ühendust [[email protected]]([email protected]). | ||
Täpsemalt TLS ühenduste usaldamisest: [https://e-gov.github.io/GOVSSO/TechnicalSpecification#712-verifying-the-tls-connection-to-endpoints](https://e-gov.github.io/GOVSSO/TechnicalSpecification#712-verifying-the-tls-connection-to-endpoints). Kui Teil esineb teenusega probleeme, siis palun võtke meiega ühendust [[email protected]](mailto:[email protected]). | ||
|
||
___ | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -16,7 +16,7 @@ This page holds guidelines for GovSSO clients to ensure a secure and working int | |
|
||
The information contained here focuses on testing integration with GovSSO from the point of view of the client application. | ||
|
||
If you need further advice than present in GovSSO documentation or wish to report a possible bug, please send an e-mail to [[email protected]]([email protected]). | ||
If you need further advice than present in GovSSO documentation or wish to report a possible bug, please send an e-mail to [[email protected]](mailto:[email protected]). | ||
|
||
## 2 Prerequisites | ||
|
||
|