Integrations¶
CPR Service¶
The CPR integration will fetch information about participants in the social security register, to ensure it is as easy as possible to participate and that the administrators always has correct and up to date information.
The information is requested when a participant is created in the system.
Information The administrators of the system require different types of information from the CPR integration, like:
- Validation information
Age
Citizenship
- Communication information
Digital post status
- Personal information
Address
Name
The list is not complete but just an example of the kind of information requested. The integration is described here https://digitaliseringskataloget.dk/integration/sf1520
FK (Fælles kommunal / Common municipal) access control¶
The FK access control is used for the internal part of the solution, it is used by all municipals and facilitate SSO (Single Sign-On) between systems and ensure that municipal users can use their PC login to authentication to work with systems.
This is also called a context handler and a lot of the information available references the FK access control as the context handler.
Some registration, configuration and communication is needed.
Almost all the documentation regarding FK access control and MitID is in Danish. Adgangsstyrning was selected as the identity provider for the internal application. Each municipality have their own certificate to be able to communicate with the identity provider. The certificate is stored is the municipality’s database.
MitID¶
The MitID authentication setup is used for the external part of the solution, it is used by all citizens who will act as volenteers in the system.
This is also called NemLog-In and roughly half of the information available references the MitID authentication as the NemLog-In.
Some registration, configuration and communication is needed.
Almost all the documentation regarding FK access control and MitID is in Danish.
Computic (SMS-Gateway)¶
To be able to send out SMS from Valghalla the application is sending API requests to a system called Computopic which is a Danish SMS provider. Settings for this can be changed from the administrative website https://www.SMS-admin.dk.
Email¶
As no specific email vendor was selected in the projected this integration has a basic smtp integration implemented. The email integration has been built to send a request to a smtp server to send email. The settings for the smtp server can be set in the appsettings.json.
Digital Post¶
To be able to send Digital Post in Valghalla a few things has to be in place before Valghalla is allowed to send Digital Post on behalf of municipalities and recieve receipts from the “Beskedfordeler”.
Serviceagreements For every municipality there need to be created a Serviceagreement that include the following services:
KombiPostAfsend This service allowing Valghalla to send Digital Post on behalf of the municipality. When adding the service to the serviceagreement additional Data delimitation needs to be specified:
Dataafgrænsning: This needs to be “dummy”.
Documentation for this service kan be found here: Digital Post integration service .
BeskedModtag This service allowing Valghalla to get receipts from the “Beskedfordeler”. The receipts is created when a digital post is send out. In the receipt we can see a status of the digital post message that was send out. When adding the service to the serviceagreement additional Data delimitation needs to be specified:
Afsendende myndighed: This is the CVR number af the municipality.
Beskedtype: This needs to be “PKO_PostStatus” ID: d2bed63c-4853-4008-b6e0-a74c15b15fbf
Foelsomhed: This needs to be “Ikke fortrolige data” ID: 1d81c472-0808-44cc-963d-f5ef0170ae1d
Kommunalt forvaltningsomraade: This needs to be: “*”.
Documentation for this service kan be found here: Getting receipts from beskedfordeler .
- Anvendersystem
The IT system craeted and useed in “Fælleskommunalt Administrationsmodul” needs to have specified an “Anvendersystem”. In the Anvendersystem two things needs to be configured: * systemcertificate
To use the anvendersystem a systemcertificate (PEM information) has to be uplaoded to the Anvendersystem.
Callback Endpoint The Beskedfordeler needs an endpoint URL to call for delevering receipts with status of messages sendt by Digital Post. The Callback endpoint configuration also need to have upladed an SSL certificate that the endpoint uses.
Certificates To be able to send Digital post the server running the application need to trust the following certificates:
ADG_PROD_Adgangsstyring_1
The system certificate that is uploaded to the “Anvenedersystem” for the IT system.
It is nesseray that the server trust the hole cerfificate chain. Kombit have ZIP packages with certificates for their test and production environments that can be downloaded here: https://digitaliseringskataloget.dk/teknik/certifikater.
Beskedfordeler The Beskedfordeler is a system that kan recieve receipts when digital post messages is send out. The receiptions holds status information regarding the messages that is send out. There are two ways to get the receiptions from the Beskedfordeler.
Get the receiptions from the Beskedfordeler by pull request.
Get the receiptions where the Beskedfordeler sends receiptions to an endpoint that can recieve theese receiptions.
Valghalla is using the last option where the Beskedfordeler send the receiptions to an endpoint. The Beskedfordeler need to be configured with an SSL certificate and need to know what endpoint to send to. This is descriped under “Anvendersystem” in this dokumentation.
For the Beskedfordeler to be able to sendt receiptions to the endpoint some configuration needs to be done before sending receiptions is possible. There is an environment for test and one for production. The configuration will be the same for both environments. Here are the links for the environments:
Beskedfordeler Test: https://beskedfordeler-ui.eksterntest-stoettesystemerne.dk/ui/sts-bf-ui/#/beskedkatalog
Beskedfordeler Production: https://beskedfordeler-ui.stoettesystemerne.dk/ui/sts-bf-ui/#/beskedkatalog
The documentation for setting up the Beskedfordeler to hold receiptions and send them the an endpoint can be found here: Beskedfordeler documentation . A ‘get started guide’ can be found here: Get started guide . The configuration will include the following:
Create subscription and ‘Dueslag’
Create filter
The filter can filter the messages that will get to the subscription if there is different systems sending post. A filter can look like this where the system sending post is ‘DigitalPost’:
Beskedkuvert.Filtreringsdata.BeskedAnsvarligAktoer.UUIDIdentifikator = ‘96514e13-afdd-44d6-95a8-adc2ca19b127’
The server that hosts the endpoint that the beskedfordeler send receiptions to need to trust the following certificates: - BFO_PROD_Beskedfordeler_1 - the SSL certificate that is attached to the endpoint
It is nesseray that the server trust the hole cerfificate chain. Kombit have ZIP packages with certificates for their test and production environments that can be downloaded here: Certificates .