OAuth2.0 konfigurācija

Basic parameters for OAuth 2.0 Service Configuration

Parameter

Description

Integration platform
domain name {Host}

URL for authentication and authorization requests

Test environment: eidas-demo.eparaksts.lv

Production: eidas.eparaksts.lv

Client_ID

Service provider ID generated by LVRTC

Client_secret

Service provider Access Password generated by LVRTC

Scopes

urn:lvrtc:fpeil:aa – For electronic identification

urn:lvrtc:fpeil:aa:age – For electronic identification with age parameter (Restricted access, contact LVRTC for more information.)

urn:safelayer:eidas:sign:identity:profile – to get signing identity

urn:safelayer:eidas:sign:identity:use:server – to request signature from the HSM.

Authorization Endpoint

https://{Host}/trustedx-authserver/oauth/{as}?

response_type=code&
client_id=...&
state=...&
redirect_uri=...&
scope=...&
prompt=...&
acr_values=...&
ui_locales=...

Access Token Endpoint

https://{Host}/trustedx-authserver/oauth/{as}/token

Important! Refresh token functionality is not supported, the expired session must be restored using the full authentication process.

User Info Endpoint

https://{Host}/trustedx-resources/openid/v1/users/me

{as}

lvrtc-eips-as (for authentification only)

lvrtc-eipsign-as (for authentification and access to signing services)