Web SSO integration
Web integration through Single Sign On (SSO)
For easy integration with your internal web based systems, Single Sign On (SSO) allows automatic access to Infotorg's web pages. It takes care of automatic login with a high degree of security, and gives access to the services the logged in user is authorized for.
The client logs in programatically through a URL, with parameters such as username and password. This logs the user in question automatically in to our web pages on Infotorg.
To use SSO, you will need:
- An agreement with Infotorg. Get onboarded here!
- An Infotorg username and password
- A permit from the data owner (Not applicable for all services)
Documentation of Single Sign On v3 (SSO)
The SSOv3 login is used if you want to establish SSO integration with infotorg.no. The login itself must be done in two steps as explained below.
Step 1:
Log in with your username and password, infotorg.no returns a JSON with a token.
This token lasts for 60 seconds and can only be used one time.
NB! Do not send cookies, as you risk reusing a session.
Possible HTTP return codes when logging in:
HTTP status | Description |
200 | Ok (tokens are delivered in JSON in structure) |
400 | Missing parameters (statusText is delivered in JSON in structure) |
401 | Something went wrong when signing in. Wrong username/password? (statusText is delivered in JSON in structure) |
405 | Method GET not allowed, only POST (statusText is delivered in JSON in structure) |
Step 2:
The token is used together with the URL of the infotorg.no to create a new session in the browser.
System sketch
In short:
- The user clicks on a link in the customer's internal system, to use e.g. the National Population Register. The internal system logs on to infotorg.no.
- The internal system will receive a token if login was ok.
- The internal system forwards the user with the token to infotorg.no.
- The user is logged in to infotorg.no.
Example of step 1
Request:
plaintextPOST /infotorg/new/BrukersesjonKontroller HTTP/1.1 Host: qa.infotorg.no Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 107 iproCommand=logginnSSO3.0&distribusjonskanal=GUI&systemnavn=YourSystem&brukernavn=USERNAME &passord=XXXXX&delegertBrukernavn=USERNAMEA&saksref=ssotest&tjeneste=DSF4
Response:
plaintextHTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: Content-Type: application/json;charset=UTF-8 Content-Length: 44 Date: Thu, 16 Aug 2018 14:01:33 GMT {"token":"22BB25793CAA57C0DA59B721BC219F93"}
Example of step 2
Add the token to the URL with what you got in the response in step 1, like this:
plaintexthttps://qa.infotorg.no/infotorg/new/BrukersesjonKontroller?iproCommand=token&token=22BB25793CAA57C0DA59B721BC219F93
Test Client
If you want to test, you can do this here https://qa.infotorg.no/infotorg/html/testSSOv3.html. This example is written in javascript and can easily be read by viewing source code in a browser.
Important!
If a common user is used on Infotorg, the logged-in unique user in the customer's system must be submitted as an extra parameter (delegatedUsername or case ref).
URLs
URL to the service in test:
https://qa.infotorg.no/infotorg/new/BrukersesjonKontroller
URL to the service in production:
https://www.infotorg.no/infotorg/new/BrukersesjonKontroller
Description of parameters
Http request parameter | Explanation | Required | ||||||||||||||||||||||||||||||||||||||||||||||||||
iproCommand | Use the value "loginSSO3.0" to log in to infotorg and get the token back | yes | ||||||||||||||||||||||||||||||||||||||||||||||||||
distribusjonskanal | "GUI" or "PTP". Use GUI as the SSO login comes from the web | yes | ||||||||||||||||||||||||||||||||||||||||||||||||||
systemnavn | An optional name (1-11 char not spaces). For example, the name of the customer's professional system. | yes | ||||||||||||||||||||||||||||||||||||||||||||||||||
brukernavn | Username (6-12 char) | yes | ||||||||||||||||||||||||||||||||||||||||||||||||||
passord | Password (6-12 char) | yes | ||||||||||||||||||||||||||||||||||||||||||||||||||
delegertBrukernavn | Delegated username (6-12 char) Delegated user registered in Infotorg's user system | no | ||||||||||||||||||||||||||||||||||||||||||||||||||
saksref | Case reference representing a unique ID of user performing DSF search (0-255 char) | no | ||||||||||||||||||||||||||||||||||||||||||||||||||
tjeneste
| The name of the service you want to open automatically.
| no | ||||||||||||||||||||||||||||||||||||||||||||||||||
layout | Describes the layout of the service. Currently, "no menu" is only implemented for DSM2 and "iframe" implemented for GRAS. NB! In order to use the "iframe" in GRAS, you must be granted a separate authorization for this. | no | ||||||||||||||||||||||||||||||||||||||||||||||||||
egenCSS | URL for your own styling. This is currently only implemented for the GRAS service with layout=iframe. | no |
Logging out
To log out of the service in test, use the following URL:
https://qa.infotorg.no/infotorg/new/BrukersesjonKontroller?iproCommand=loggut
To log out of the service in production, use the following URL:
https://www.infotorg.no/infotorg/new/BrukersesjonKontroller?iproCommand=loggut
Additional Features / Direct Lookup
Service | Additional parameters in URL | Explanation |
IFL | knr gnr bnr festenr seksjonsnr | Matrikkel: Norwegian Cadastre property values |
DSF4 | fnrFdato slektsnavn fornavn | Birth date Last name First name |
GRASS | idToken | IdToken in json web token (JWT) format, which contains the social security number to be searched for. Issued at (iat) must not be older than 30 min. The national identity number must be in the "nnin_altsub" field. |
Using the above additional parameters, a direct search can be made for the login. Which parameters can/must be used, depends on the logged in user's authorization. Here is an example of a search against the test base for DSF4 with birth date, last name and first name:
plaintextPOST /infotorg/new/BrukersesjonKontroller HTTP/1.1 Host: qa.infotorg.no Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 210 iproCommand=logginnSSO3.0&distribusjonskanal=GUI&systemnavn=DittSystem&brukernavn=USERNAME &passord=XXXXX&delegertBrukernavn=USERNAMEA&saksref=ssotest&tjeneste=DSF4&fnrFdato=221170&slektsnavn=nordmann&fornavn=ola
You are currently viewing our
QA/Test server pages.
⚠️ Content may be incorrect, incomplete or outdated.
You'll find production documentation on www.infotorg.no/developers