1. Forside
  2. Developers
  3. Web SSO Integration

Web SSO integration

Web integration through Single Sign On (SSO)

For easy integration with your internal web based systems, Single Sign On (SSO) allows automatic access to Infotorg's web pages. It takes care of automatic login with a high degree of security, and gives access to the services the logged in user is authorized for.

The client logs in programatically through a URL, with parameters such as username and password. This logs the user in question automatically in to our web pages on Infotorg.

To use SSO, you will need:

  • An agreement with Infotorg. Get onboarded here!
  • An Infotorg username and password
  • A permit from the data owner (Not applicable for all services)

Documentation of Single Sign On v3 (SSO)

The SSOv3 login is used if you want to establish SSO integration with infotorg.no. The login itself must be done in two steps as explained below.

Step 1:

Log in with your username and password, infotorg.no returns a JSON with a token.

This token lasts for 60 seconds and can only be used one time. 
NB! Do not send cookies, as you risk reusing a session.

Possible HTTP return codes when logging in:

HTTP statusDescription
200Ok (tokens are delivered in JSON in structure)
400Missing parameters (statusText is delivered in JSON in structure)
401Something went wrong when signing in. Wrong username/password? (statusText is delivered in JSON in structure)
405Method GET not allowed, only POST (statusText is delivered in JSON in structure)

Step 2:

The token is used together with the URL of the infotorg.no to create a new session in the browser.

System sketch

SSO system sketch.png In short:

  1. The user clicks on a link in the customer's internal system, to use e.g. the National Population Register. The internal system logs on to infotorg.no.
  2. The internal system will receive a token if login was ok.
  3. The internal system forwards the user with the token to infotorg.no.
  4. The user is logged in to infotorg.no.

Example of step 1

Request:

plaintext
POST /infotorg/new/BrukersesjonKontroller HTTP/1.1 Host: qa.infotorg.no
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded Content-Length: 107
iproCommand=logginnSSO3.0&distribusjonskanal=GUI&systemnavn=YourSystem&brukernavn=USERNAME &passord=XXXXX&delegertBrukernavn=USERNAMEA&saksref=ssotest&tjeneste=DSF4

Response:

plaintext
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1 Set-Cookie:
Content-Type: application/json;charset=UTF-8 Content-Length: 44
Date: Thu, 16 Aug 2018 14:01:33 GMT

{"token":"22BB25793CAA57C0DA59B721BC219F93"}

Example of step 2

Add the token to the URL with what you got in the response in step 1, like this:

plaintext
https://qa.infotorg.no/infotorg/new/BrukersesjonKontroller?iproCommand=token&token=22BB25793CAA57C0DA59B721BC219F93

Test Client

If you want to test, you can do this here https://qa.infotorg.no/infotorg/html/testSSOv3.html. This example is written in javascript and can easily be read by viewing source code in a browser.

Important!

If a common user is used on Infotorg, the logged-in unique user in the customer's system must be submitted as an extra parameter (delegatedUsername or case ref).

URLs

URL to the service in test
https://qa.infotorg.no/infotorg/new/BrukersesjonKontroller

URL to the service in production
https://www.infotorg.no/infotorg/new/BrukersesjonKontroller

Description of parameters

Http request parameterExplanationRequired
iproCommandUse the value "loginSSO3.0" to log in to infotorg and get the token backyes
distribusjonskanal"GUI" or "PTP". Use GUI as the SSO login comes from the webyes
systemnavnAn optional name (1-11 char not spaces). For example, the name of the customer's professional system.yes
brukernavnUsername (6-12 char)yes
passordPassword (6-12 char)yes
delegertBrukernavn

Delegated username (6-12 char)

Delegated user registered in Infotorg's user system

no
saksrefCase reference representing a unique ID of user performing DSF search (0-255 char)no

tjeneste

 

The name of the service you want to open automatically.

 

Parameter valueService description
MULTISMultisøk: Multi search.
EGRAPPSammensatte rapporter: Compound reports containing searches from several registers.
EDREiendomsregisteret: The property register.
EDV30Eiendomsverdi: Property value.
IFLInfoland
ITUIntet tilutlegg/utleggstrekk
DSF4Det sentrale Folkeregisteret: The National Population Register.
DSFJUSDet sentrale Folkeregisteret for justis: The National Population Register for the justice sector.
AAREGArbeidsgiver-/Arbeidstakerregisteret: The Employer/Employee Register
DEK2Infotorg Opplysningen: The telephone directory.
TKBTelefonkatalogen bedrift
DSM2Det Sentrale Motorvognregisteret: The Central Vehicle Register
BBVBruktbilverdi: Used car value.
OFVOFV Bildata: OFV car data.
SBRSmåbåtregisteret: The Small Boat Register.
TFFWTFFAuto
DBSoliditet
ITPInfotorg Person
ENHEnhets- og foretaksregisteret:  The Central Coordinating Register for Legal Entities and Business Enterprises
LOSLøsøreregisteret: The register of movable properties.
EBREuropean Business Register
LKNPLikningsopplysning for privat sektor: Tax assessment for the private sector
LKNOLikningsopplysning for offentlig sektor: Tax assessment for the public sector
GRASGjeldsregisteret: The Debt Register
no
layout

Describes the layout of the service.

Currently, "no menu" is only implemented for DSM2 and "iframe" implemented for GRAS.

NB! In order to use the "iframe" in GRAS, you must be granted a separate authorization for this.

no
egenCSS

URL for your own styling.

This is currently only implemented for the GRAS service with layout=iframe.

no

Logging out

To log out of the service in test, use the following URL:
https://qa.infotorg.no/infotorg/new/BrukersesjonKontroller?iproCommand=loggut

To log out of the service in production, use the following URL:
https://www.infotorg.no/infotorg/new/BrukersesjonKontroller?iproCommand=loggut

Additional Features / Direct Lookup

ServiceAdditional parameters in URLExplanation
IFLknr
gnr
bnr
festenr
seksjonsnr		Matrikkel
Norwegian Cadastre property values
DSF4fnrFdato
slektsnavn
fornavn		Birth date
Last name
First name
GRASSidToken

IdToken in json web token (JWT) format, which contains the social security number to be searched for. Issued at (iat) must not be older than 30 min.

The national identity number must be in the "nnin_altsub" field.

   

Using the above additional parameters, a direct search can be made for the login. Which parameters can/must be used, depends on the logged in user's authorization. Here is an example of a search against the test base for DSF4 with birth date, last name and first name:

plaintext
POST /infotorg/new/BrukersesjonKontroller HTTP/1.1 Host: qa.infotorg.no Connection: keep-alive Content-Type: application/x-www-form-urlencoded Content-Length: 210 iproCommand=logginnSSO3.0&distribusjonskanal=GUI&systemnavn=DittSystem&brukernavn=USERNAME &passord=XXXXX&delegertBrukernavn=USERNAMEA&saksref=ssotest&tjeneste=DSF4&fnrFdato=221170&slektsnavn=nordmann&fornavn=ola

You are currently viewing our 
QA/Test server pages.

You'll find production documentation at https://www.infotorg.no/developers/sso