SPID/CIE OpenID Connect¶
SPID and CIE id are the Italian Systems of Public Digital Identity. They adopt the standards OpenID Connect Core, International Government Assurance Profile (iGov) for OpenID Connect 1.0 and OpenID Connect Federation 1.0.
Thanks to the digital identity the public and private services provides the keys to access the online services through unique access credentials.
This documentation contains the consolidated technical specifications, compliant to the national guidelines, to improve the experience of integration in the OIDC SPID and CIE id Federations, for the public and private Service Providers (RP), Identity Providers (OP) and Intermediate Entities (SA).
In this documentation you can find:
Practical examples of Metadata, OpenID Connect requests and responses.
How to perform and automatic registration of the RPs to the OpenID Providers.
How an OpenID Provider recognizes and dynamically registers an RP.
How to use the endpoints of the Federation APIs.
How to authenticate a user to SPID and CIE id.
Index of content¶
- National and European legislation
- Terms and Acronyms
- The Italian eID Federations
- Entity Configuration
- Entity Statements
- Trust Marks
- Intermediate Entities
- Metadata retrieval
- Federation Endpoints
- Federation error management
- Authentication Flow
- Authorization endpoint
- Token Endpoint
- UserInfo Endpoint
- User attributes
- Introspection Endpoint
- Revocation Endpoint
- Cryptographic algorithms
- Retention Policy
- Differences between SPID e CIE id
- Differences with OIDC iGov
- Differences with OIDC Federation
- Security Considerations
- Best Practices
- EN 1. Entity Configuration Request
- EN 1.1. Entity Configuration Response Relying Party
- EN 1.2. Entity Configuration Response Openid Provider
- EN 1.3. Entity Configuration Response Intermediary
- EN 1.4. Entity Configuration Response Trust Anchor
- EN 1.5. Trust Mark issued by TA to a RP
- EN 1.6. Trust Mark issued by TA to a SA
- EN 1.7. Trust Mark issued by SA to a RP
- EN 2. Entity Statement Request
- EN 2.1 Entity Statement Response
- EN 3. Entity List Request
- EN 3.1. Entity List Response
- EN 4. Resolve Entity Statement Endpoint Request
- EN 4.1. Resolve Entity Statement Endpoint Response
- EN 5. Trust Mark Status Request
- EN 5.1. Trust Mark Status Response
- EN 6. Authorization Request
- EN 7. Metadata Policy
- Become a service provider
- How to contribute