Technical Specifications for the Swedish eID Framework
This repository comprises the specifications of the Swedish eID Framework.
The specifications in this branch are the latest development of the Swedish eID Framework. The latest official release can be found in the january-2020 branch.
Feedback and Questions
If you have feedback or questions regarding the Technical Framework join the Sweden Connect Slack Workspace.
Click here to ask for an invitation.
The Working Group
The Working Group for the Swedish eID Framework is responsible of development of future versions of the framework.
For official and draft releases of the Swedish eID Framework, see the releases section.
The releases can also be found under https://docs.swedenconnect.se/technical-framework/.
Introduction to the Swedish eID Framework
An overview document that describes the different parts of the Swedish eID Framework.
Introduction to the Swedish eID Framework (in English)
Tekniskt ramverk - Introduktion (in Swedish)
Deployment Profile for the Swedish eID Framework
This is the main specification for the Swedish eID Framework. It defines a SAML profile including metadata, request- and response processing as well as extensions for signature services.
Swedish eID Framework - Registry for identifiers
This document defines the structure for identifiers assigned by the Swedish Agency for Digital Government (DIGG) and provides a registry for assigned identifiers.
Attribute Specification for the Swedish eID Framework
This document specifies an attribute profile for the Swedish eID Framework. The attribute profile defines attributes for use within the Swedish eID Framework, and a number of defined attribute sets that may be referenced by other documents as means to specify specific attribute release requirements.
Entity Categories for the Swedish eID Framework
This specification contains the Entity Category definitions that are defined for the Swedish eID Framework and that should be supported by Service Providers and Identity Providers that are part of the federation.
Implementation Profile for using OASIS DSS in Central Signing Services
This document specifies an implementation profile for exchange of sign requests and responses using the OASIS DSS protocol, enhanced by the DSS Extensions for Federated Central Signing Services.
Certificate Profile for Certificates Issued by Central Signing Services
This document specifies a certificate profile for certificates issued by a signature service.
DSS Extension for Federated Central Signing Services
This specification defines elements that extend the
<dss:SignResponse> elements of the OASIS DSS protocol.
Discovery within the Swedish eID Framework
Current version is deprecated. Currently the Swedish eID Framework does not impose any requirements on how service discovery should be performed.
Work is ongoing to present an updated specification for discovery.
eIDAS Constructed Attribute Specification for the Swedish eID Framework
This document extends “Attribute Specification for the Swedish eID Framework”, providing specifications for constructed attributes.
The concept of constructed attributes is introduced in Swedish national authentication nodes (proxy nodes) delivering identity assertions to Swedish Service Providers based on user authentication with a foreign eID.
Implementation Profile for BankID Identity Providers within the Swedish eID Framework
Implementation profile for Identity Providers implementing BankID support.
Signature Activation Protocol for Federated Signing
This document specifies a Signature Activation Protocol (SAP) and its data elements for implementation of Sole Control Assurance Level 2 (SCAL2) according the European standards prEN 419241 - Trustworthy Systems Supporting Server Signing.
Principal Selection in SAML Authentication Requests
This specification defines an element that may be included in the Extensions element of a SAML AuthnRequest where the requesting Service Provider can specify matching criteria that may be used by the Identity Provider to select the particular user that should be authenticated.
Signature Validation Token
The "Signature Validation Token" specification defines a basic token to support signature validation in a way that can significantly extend the lifetime of a signature.
15 - Signature Validation Token - Draft
PDF Profile for Signature Validation Tokens
Defines a profile for implementing SVT with a signed PDF document, covering how to include reference data related to PDF signatures and PDF documents in an SVT and how to add an SVT token to a PDF document.
XML Profile for Signature Validation Tokens
Defines a profile for implementing SVT with a signed XML document, covering how to include reference data related to XML signatures and XML documents in an SVT and how to add an SVT token to a XML signature.
Older version of the specification are stored in the following branches:
- june-2014 - For the June 2014 release
- april-2015 - For the April 2015 release
- october-2015 - For the October 2015 release
- march-2017 - For the March 2017 release
- june-2018 - For the June 2018 release
Copyright © The Swedish Agency for Digital Government (DIGG), 2015-2021. All Rights Reserved.