Page History
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:medcom="http://www.medcom.dk/dgws/2006/04/dgws-1.0.xsd"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:sosi="http://www.sosi.dk/sosi/2006/04/sosi-1.0.xsd"
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" id="Envelope">
<soapenv:Header>
<wsse:Security>
<wsu:Timestamp>
<wsu:Created>2020Created>2025-0206-21T1319T11:3752:40Z<36Z</wsu:Created>
</wsu:Timestamp>
<saml:Assertion IssueInstant="20202025-0206-21T1319T11:3247:33Z36Z" Version="2.0" id="IDCard">
<saml:Issuer>CSTAG-NSP-STS</saml:Issuer>xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
<saml:Subject>xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
<saml:Issuer>TEST1-NSP-STS</saml:Issuer>
<saml:NameID Format="medcom:other">SubjectDN={SERIALNUMBER=CVR:30808460-UID:25351738 <saml:Subject>
<saml:NameID Format="medcom:other">urn:uuid:30609219-f56d-430f-a9c2-9da7484146bb</saml:NameID>
+ CN=NETS DANID A/S - TU VOCES gyldig, O=NETS DANID A/S // CVR<saml:30808460,SubjectConfirmation>
C=DK},IssuerDN={CN=TRUST2408 Systemtest XXII CA, O=TRUST2408,
<saml:ConfirmationMethod>urn:oasis:names:tc:SAML:2.0:cm:holder-of-key</saml:ConfirmationMethod>
<saml:SubjectConfirmationData>
C=DK},CertSerial={1538079460}</saml:NameID>
<saml<ds:SubjectConfirmation>
KeyInfo>
<saml<ds:ConfirmationMethod>urn:oasis:names:tc:SAML:2.0:cm:holder-of-key</saml:ConfirmationMethod>
KeyName>OCESSignature</ds:KeyName>
<saml</ds:SubjectConfirmationData>KeyInfo>
</saml:SubjectConfirmationData>
<ds:KeyInfo>
</saml:SubjectConfirmation>
<ds:KeyName>OCESSignature<</dssaml:KeyName>Subject>
<saml:Conditions NotBefore="2025-06-19T11:47:36Z"
</ds:KeyInfo>
NotOnOrAfter="2025-06-20T11:47:36Z" />
</saml:SubjectConfirmationData><saml:AttributeStatement id="IDCardData">
</saml:SubjectConfirmation>
<saml:Attribute Name="sosi:IDCardID">
</saml:Subject>
<saml:Conditions NotBefore="2020-02-21T13:32:33Z"AttributeValue>e3iEGSXf41Zbfh+RoTABPA==</saml:AttributeValue>
NotOnOrAfter="2020-02-22T13:32:33Z" />
</saml:Attribute>
<saml:AttributeStatementAttribute idName="IDCardDatasosi:IDCardVersion">
<saml:Attribute Name="sosi:IDCardID">
<saml:AttributeValue>+Z/Pwyh53J8NNTFy+lil/g==</<saml:AttributeValue>1.0.1</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="sosi:IDCardVersionIDCardType">
<saml:AttributeValue>1.0.1<AttributeValue>user</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="sosi:IDCardTypeAuthenticationLevel">
<saml:AttributeValue>system<AttributeValue>4</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>
<saml:AttributeAttributeStatement Nameid="sosi:AuthenticationLevelUserLog">
<saml:AttributeValue>3<<saml:Attribute Name="medcom:UserCivilRegistrationNumber">
<saml:AttributeValue>0911809931</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="sosimedcom:OCESCertHashUserGivenName">
<saml:AttributeValue>6FrE4qXtnOTMAttributeValue>Edgar</vQvP53h5KUhzd0=</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>
<saml:AttributeStatementAttribute idName="SystemLogmedcom:UserSurName">
<saml:Attribute Name="medcom:ITSystemName">AttributeValue>Codd</saml:AttributeValue>
<saml:AttributeValue>SOSITEST<</saml:AttributeValue>Attribute>
</saml:Attribute><saml:Attribute Name="medcom:UserRole">
<saml:Attribute Name="medcom:CareProviderID" NameFormat="medcom:cvrnumber">
AttributeValue>
<saml:AttributeValue>30808460<urn:dk:healthcare:national-federation-role:code:41008:value:SpaerAdminR8</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="medcom:CareProviderName"></saml:AttributeStatement>
<saml:AttributeStatement id="SystemLog">
<saml:AttributeValue>orgName</saml:AttributeValue>
Attribute Name="medcom:ITSystemName">
< <saml:AttributeValue>Service Consumer Test</saml:Attribute>AttributeValue>
</saml:AttributeStatement>Attribute>
<ds:Signature id="OCESSignature<saml:Attribute Name="medcom:CareProviderID" NameFormat="medcom:cvrnumber">
<ds:SignedInfo>
<saml:AttributeValue>33257872</saml:AttributeValue>
<ds</saml:CanonicalizationMethodAttribute>
Algorithm<saml:Attribute Name="http://www.w3.org/2001/10/xml-exc-c14n#" /medcom:CareProviderName">
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /><saml:AttributeValue>Sundhedsdatastyrelsen</saml:AttributeValue>
</saml:Attribute>
<ds:Reference URI="#IDCard">
</saml:AttributeStatement>
<ds:Transforms>
Signature id="OCESSignature">
<ds:SignedInfo>
<ds:Transform
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/20002001/0910/xmldsig#envelopedxml-exc-signaturec14n#" />
<ds:TransformSignatureMethod Algorithm="http://www.w3.org/20012000/1009/xmlxmldsig#rsa-exc-c14n#sha1" />
<ds:Reference URI="#IDCard">
</ds<ds:Transforms>
<ds:DigestMethod <ds:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1xmldsig#enveloped-signature" />
<ds:DigestValue>ISAWquDPx9zE1U+o5mW4R7w+hLA=</ds:DigestValue>
Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Reference>Transforms>
</ds:SignedInfo> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:SignatureValue> <ds:DigestValue>dM+zngXyLFh5QFRVzbCbhJwP5Yg=</ds:DigestValue>
wspDBdACGNRFaRtVumj4jWq3BD3fcPcTsB7vJx/6vFlb1CPpcXLdozOPCSDy0Yio8X4UQK49g6FZrb+TK9mkgvR7lyUEe8hLd+FRkF03uOmo1BoFuL/2mHsGgeQJdPLtjlmrYTXWqpqK2T5XS84fFWEIqFWljtV2bXWSR2u6Y+8xutgWdtSa0gBeGKHHwnWDXH8x7Zr6ooslFB2/FbaysrUEj8Q6kpyQ9QO4gh1AvMp8bVAMc7Z8EOsybbiMBfxBzT0RcMLGrG546x+SvdrYIY60jW+QyPMowmQumlsvDt5HnJmYYq+y81EwrBDGtpbXxRyPNQIK3wyE/wuFCa/Kqw==</ds:SignatureValue>Reference>
<ds</ds:KeyInfo>SignedInfo>
<ds:X509Data>SignatureValue>
VRAZOjMrCSXaD6K/ne/yp8YZt4c6iBzaPlPrISKrXep3pD/LZztSt1q4XvFJAVl4GiO67zERPiSY89kQ/XJqFLebo80dMorv/+BTOcLaAJC6zbY/9gYAkzERXZwkfQMxnMLmyZF6SBmfOcpt2s2pi7qBQXev3ubpDIadIbC3EAm7oR6nU4upomU71wlZVBVyRnxKMbLDxYXwjFh+ITVaihgFCoiHzmj32doRi1CO5qbmBlM0ekBckKfulhRAOYXPF8IfKpKzZjCSMYRnNsNNT9N5If3BL7MctIbUdfPzZ9Uit+ss7iliLuhArOGRzGX+abVOphzmih87QhXvUXUULa7ekTv+onlB3qKUgHZu89EwT3sbj5Vy4UkwvleqzXQzosfAQLpDzyuRshizLuNoczJ4VG4nmVj6sRbS+2deM9BU6R2PW+1D3thfdwc8F3XNb6PsTJJAX1Y2v5lwZKu/d5ft2N39EtzBpybHvi7P1GheqQO/XhAEv/lUHAaZuVHd</ds:SignatureValue>
<ds:X509Certificate>
<ds:KeyInfo>
MIIGKjCCBRKgAwIBAgIEW6uMBTANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJESzESMBAGA1UECgwJVFJVU1QyNDA4MSUwIwYDVQQDDBxUUlVTVDI0MDggU3lzdGVtdGVzdCBYWElJIENBMB4XDTE5MDQzMDA5MDcxN1oXDTIyMDQzMDA5MDYzOFowgZQxCzAJBgNVBAYTAkRLMS4wLAYDVQQKDCVTdW5kaGVkc2RhdGFzdHlyZWxzZW4gLy8gQ1ZSOjMzMjU3ODcyMVUwIAYDVQQFExlDVlI6MzMyNTc4NzItRklEOjE4OTExODYxMDEGA1UEAwwqU09TSSBUZXN0IEZlZGVyYXRpb24gKGZ1bmt0aW9uc2NlcnRpZmlrYXQpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyo57h9E/hM5gimxaDgHB0MLcgVfXGJbQh/8OC1vTdDsCUIzIwRd5lJE+ado8urHF7UmKubFZzfCPduoRv9b3TkNVKaixiHUMtP4egbL8vcgyalk28cNQdUk8f34mg8atgvd45EnIKz2iB+yjs5guJPDBg2OFSbP0r53NU8fVTq3aLtDpDVnkxsyjNQ7HOFtzavyMnKx0vDgafEvrUR3WTSLCGju4aUIg3ThgrWXA7i3lPIAXdV8mQmlY3wn/kIBiyIotmF98UsEket/sxpJNkJ6R6AUpxnGApCDP1Fw2BgxAQWWrtD/c5IoIZwGWNfLgpJEzfhnuIZJ7Bfs9RmHFdQIDAQABo4ICzTCCAskwDgYDVR0PAQH/BAQDAgO4MIGXBggrBgEFBQcBAQSBijCBhzA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Auc3lzdGVtdGVzdDIyLnRydXN0MjQwOC5jb20vcmVzcG9uZGVyMEcGCCsGAQUFBzAChjtodHRwOi8vZi5haWEuc3lzdGVtdGVzdDIyLnRydXN0MjQwOC5jb20vc3lzdGVtdGVzdDIyLWNhLmNlcjCCASAGA1UdIASCARcwggETMIIBDwYNKwYBBAGB9FECBAYEAjCB/TAvBggrBgEFBQcCARYjaHR0cDovL3d3dy50cnVzdDI0MDguY29tL3JlcG9zaXRvcnkwgckGCCsGAQUFBwICMIG8MAwWBURhbklEMAMCAQEagatEYW5JRCB0ZXN0IGNlcnRpZmlrYXRlciBmcmEgZGVubmUgQ0EgdWRzdGVkZXMgdW5kZXIgT0lEIDEuMy42LjEuNC4xLjMxMzEzLjIuNC42LjQuMi4gRGFuSUQgdGVzdCBjZXJ0aWZpY2F0ZXMgZnJvbSB0aGlzIENBIGFyZSBpc3N1ZWQgdW5kZXIgT0lEIDEuMy42LjEuNC4xLjMxMzEzLjIuNC42LjQuMi4wga0GA1UdHwSBpTCBojA9oDugOYY3aHR0cDovL2NybC5zeXN0ZW10ZXN0MjIudHJ1c3QyNDA4LmNvbS9zeXN0ZW10ZXN0MjIxLmNybDBhoF+gXaRbMFkxCzAJBgNVBAYTAkRLMRIwEAYDVQQKDAlUUlVTVDI0MDgxJTAjBgNVBAMMHFRSVVNUMjQwOCBTeXN0ZW10ZXN0IFhYSUkgQ0ExDzANBgNVBAMMBkNSTDE0MjAfBgNVHSMEGDAWgBSrqAFEGbCzQ5na+nzM0gAYA+c8vzAdBgNVHQ4EFgQUGYAVKKL17LHyVGSErL26MBNadTQwCQYDVR0TBAIwADANBgkqhkiG9w0BAQsFAAOCAQEAjHMO4sWEf8M25WHczBTJYtMitn1wLOqE6raeM6oYyw6R/4FImpOzF6bxBlfNnhhR0vJSXMWTqL/onCyy4gCs9eLglRHZ9BC8a9fmirrguNpOWlR8NAf5GRwOqCyTnkTAfUD1fp0RzVo8TvAd73WiGeUTzTiAVf7OgZFnRIYkcALXLjNs6AwELWSh+bC/gGuQcHUDd8YGSzgKS6w2qz3fIASrykxzlYjeusks58CereC6WfvN0I+GGlL9fIgjpzh7JEELME7r9QJLL9NSrmlRKfhM8gzuE6Vm4vGzmSsnNJxGMf1vTzEve4lXI8pnOtHMTtNl5zw4jCJFakRqcWm3FQ==</ds:X509Certificate>
<ds:X509Data>
</ds:X509Data>
</ds:KeyInfo><ds:X509Certificate>
</ds:Signature>
</saml:Assertion>
</wsse:Security>
<medcom:Header>
<medcom:SecurityLevel>3</medcom:SecurityLevel>
<medcom:Linking>
MIIGiDCCBLygAwIBAgIUR5IfpZdXnxp/UHxA0KWAcKzWcm4wQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMzA1MTIxMTIzMDFaFw0yNjA1MTExMTIzMDBaMIGeMR0wGwYDVQQDDBRTT1NJIFRlc3QgRmVkZXJhdGlvbjE3MDUGA1UEBRMuVUk6REstTzpHOjU4ZjEwNDNkLTNkMmYtNGRlZC1hYjUwLTk0MGRiNDc3NmExODEeMBwGA1UECgwVU3VuZGhlZHNkYXRhc3R5cmVsc2VuMRcwFQYDVQRhDA5OVFJESy0zMzI1Nzg3MjELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCDqOcDXr2tsBXp3QqYpoZCyJAJQ4+rEtmOLJL/Qyol+5e2NyBOqIGdpXdcSI6hCTYEQu/67EDFRcO9yU6yD/u7xOcy+t3eCqx1ydOy20AZCdcKwRmxBzyQN5er+mBErG2+iprTWJdpwCw0mwjNt5edusm7Nwufk0AkN5nxvEEynwesTdTqgLzL99Jk1zdg0uokROg1s13CCvpenYks8+yXwgddO/36WmUn9V8N+1MIu+UpwsULB9zsNCU8qlDzlgg1u6nr8nnKTBBwT2mXl4xCOF2EEJF5lGUaJ+NOu/ljI2WN2pEUsiqpZPvsI14teJKucH4zCV2y7PhyCBacuti7rEZjuZ6ELeTiUvgs+TqqTFGn3dxCq6FOgz5z5N2ypPTPzg/ntBH0CqkjFn+loh5GIBcA8ff5AHNjqM3Ygu/u1p+BwszeGJLAwk0AUtp67aB4QBGuh73vWsaeERwg4Hc1HeNldv/I4iyMQFlp1qsZoAC6cApeoM6umihYcTfi7rMCAwEAAaOCAYYwggGCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAhBgNVHSAEGjAYMAgGBgQAj3oBATAMBgoqgVCBKQEBAQMHMDsGCCsGAQUFBwEDBC8wLTArBggrBgEFBQcLAjAfBgcEAIvsSQECMBSGEmh0dHBzOi8vdWlkLmdvdi5kazBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY3JsL2lzc3VpbmcuY3JsMB0GA1UdDgQWBBQoPAINYQR2GfgN1KAQMauutePL6jAOBgNVHQ8BAf8EBAMCBaAwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4IBgQC31Dtgc8+hxB0v+/RL1N3SsyfIxKNVJBhkl2Rfihn700Or5E+0ETyP8mV8MadraDBDYbwMkd3TNOzuF6Ct8c4X5mv+XKr8m0eDPlh7I7mMZ5zzpVw5Co4Wiwwiv9Hb59P/c182FaSPAA1bpmko9AH+duPcquiQELoSRfqW23B2cejACd95XbyXQVFdbCdhyCGAexbJ4egChJsXPU2zAOXq1/pa5bNSmJMsJgqP36bTbA6r+mjv0FArkrL76W1kmchpj6F4tSuDaaJlUmKvmzzBomwhlQRr/vxZc0FOamnJ8is9wC49tOaEMUx2l2iSWZKXMh4C6LQC8hQsjiXnYsERAWgeqwzqtVE3iKaGhOv+W7ECKFndGjYM95bdVK8x9BymTrPun63BCiVGqhMzsEc2RkvbKgBpb7L+Ont0EAahwcTshBzfe0jhA2thWHNGFxXpNqI0ZaAo/NKJpHK3I0EACAB0/VjiQZ/inSKtPnof1/nQZ32QWX3ij0VkX2mE2Pw=</ds:X509Certificate>
<medcom:MessageID>AAABcGf313k2LiC/mzg5OVNPU0k=</medcomds:MessageID>X509Data>
</medcom:Linking>
<medcom:RequireNonRepudiationReceipt>no</medcom:RequireNonRepudiationReceipt>
</ds:KeyInfo>
</medcom:Header>
</soapenvds:Header>Signature>
<soapenv:Body>
<ml:ListLogStatementsRequest xmlns:ml="http://nsi.dk/minlog/2014/05/23/"></saml:Assertion>
</wsse:Security>
<cprNR xsi:type="II" root="B2E25F59-46A7-4E28-BF49-8D334E2AA756"
<medcom:Header>
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">1410772120</cprNR><medcom:SecurityLevel>4</medcom:SecurityLevel>
<pageSize>30</pageSize><medcom:Linking>
</ml:ListLogStatementsRequest>
<medcom:FlowID>0d4c8217-fd48-4c43-a85d-c9f1a48eaec6</medcom:FlowID>
</soapenv:Body>
</soapenv:Envelope> |
Resulterende sikkerhedsmodel:
Eksempel på IDWS billet
Hvis billetten indeholder denne SAML attribute, så er der tale om en IDWS billet:
| Code Block | ||
|---|---|---|
| ||
<saml:Attribute Name="dk:gov:saml:attribute:SpecVer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">DK-SAML-2.0</saml:AttributeValue>
</saml:Attribute> |
IDWS request:
...
| title | IDWS-request |
|---|---|
| collapse | true |
...
<medcom:MessageID>346d3126-e1e5-47a0-bd4f-8e3735910d62</medcom:MessageID>
</medcom:Linking>
<medcom:RequireNonRepudiationReceipt>no</medcom:RequireNonRepudiationReceipt>
</medcom:Header>
</soapenv:Header>
<soapenv:Body>
<ns3:ConsentAddConstraint
xmlns:ns3="http://sundhedsdatastyrelsen.dk/minspaerring/2022/02/07"
xmlns:ns2="urn:dk:nsi:consentservices:types">
<ConsentAdds>
<ns2:citizenCPR>0505785556</ns2:citizenCPR>
<ns2:what>
<ns2:includeSubOrganizations>false</ns2:includeSubOrganizations>
<ns2:organizationIdentifier>91331000016003</ns2:organizationIdentifier>
<ns2:referralEnd>2025-06-20T00:00:00+02:00</ns2:referralEnd>
<ns2:referralStart>2025-06-19T13:52:34+02:00</ns2:referralStart>
</ns2:what>
<ns2:validFromDate>2025-06-19T13:52:34+02:00</ns2:validFromDate>
</ConsentAdds>
</ns3:ConsentAddConstraint>
</soapenv:Body>
</soapenv:Envelope> |
Resulterende sikkerhedsmodel:
| Ticket | isValid | true | |
| Federation | Test | ||
| Audience | |||
| Created | 2025-06-19T11:52:36Z | ||
| ValidFrom | 2025-06-19T11:47:36Z | ||
| ValidTo | 2025-06-20T11:47:36Z | ||
| Message | Identifier | 346d3126-e1e5-47a0-bd4f-8e3735910d62 | |
| ConversationIdentifier | 0d4c8217-fd48-4c43-a85d-c9f1a48eaec6 | ||
| Action | |||
| ActingUser | Type | HealthcareProfessional | |
| IdentifierFormat | CPR | ||
| Identifier | 0911809931 | ||
| GivenName | Edgar | ||
| SurName | Codd | ||
| Credentials | AuthorizationCode | ||
| EducationCode | |||
| NationalRole | urn:dk:healthcare:national-federation-role:code:41008:value:SpaerAdminR8 | ||
| UnverifiedRole | |||
| PowerOfAttorneyPrivileges | |||
| Age | |||
| Relation | |||
| Organisation | IdentifierFormat | CVR | |
| Identifier | 33257872 | ||
| Name | Sundhedsdatastyrelsen | ||
| Client | Name | Service Consumer Test | |
| PersistentUniqueKey |
Eksempel på IDWS billet
Hvis billetten indeholder denne SAML attribute, så er der tale om en IDWS billet:
| Code Block | ||
|---|---|---|
| ||
<saml:Attribute Name="dk:gov:saml:attribute:SpecVer" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">DK-SAML-2.0</saml:AttributeValue>
</saml:Attribute> |
IDWS request:
| Code Block | ||||
|---|---|---|---|---|
| ||||
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:sbf="urn:liberty:sb" xmlns:sbfprofile="urn:liberty:sb:profile"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Header>
<wsse:Security mustUnderstand="1" wsu:Id="security">
<wsu:Timestamp wsu:Id="ts">
<wsu:Created>2025-06-19T11:40:33Z</wsu:Created>
</wsu:Timestamp>
<saml:Assertion xmlns:xs="http://www.w3.org/2001/XMLSchema"
ID="_ec8cceba-dec8-4a2e-9297-dbf4a4586998" IssueInstant="2025-06-19T11:40:33Z"
Version="2.0" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<saml:Issuer>TEST1-NSP-STS</saml:Issuer>
<ds:Signature Id="OCESSignature">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference URI="#_ec8cceba-dec8-4a2e-9297-dbf4a4586998">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>jexkOGctE6bcSMRT4TqMjAd8FoY=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
R7BXDl2KnCekfIKJhdsbgrC6jSSOQTCKjqEET+9wpFuNAs+zYprN25bOJvDKgoViyFFQ3m71kHAPlJDoRcx1pUtBP7JWJ+YtoQzXce6Vg5iGYgZXWwAlvcotBGfQ8pkV/cPRBuTLG6pWBf8Y82tWpsimtjaQSgfka2zZxK+YGn578Tt5xMl2+nPjKefTTuaZJ/CiYK+WuLra7x4NN+f5reqVXUb96BJkK8JKlBlI/tdb2hpCqszh04sEOZ6NI/rIUh7g33r3vqOO410jWODhgD0HtyZ0+NyvqFnsX7nFIFiGsZDagZzxgO+5bE6ME8CZbDQwOCo33DMKrEgUAStp04AXj5yEW+5NNRsyYAvTXVbRne2EO+jap3vx74tyAWUViZkE/gm5so0pXZ3xyR8TZGJOkUwIqBlSFgL5IADMix5XWUEMHuv/5W6lGj7PAH+lQdsmBPZktCBrm0gx3AJUB+WyjP+001uIduKBjZDz234DGXt6fEGcHDMIOWwvZ+LQ</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGiDCCBLygAwIBAgIUR5IfpZdXnxp/UHxA0KWAcKzWcm4wQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMzA1MTIxMTIzMDFaFw0yNjA1MTExMTIzMDBaMIGeMR0wGwYDVQQDDBRTT1NJIFRlc3QgRmVkZXJhdGlvbjE3MDUGA1UEBRMuVUk6REstTzpHOjU4ZjEwNDNkLTNkMmYtNGRlZC1hYjUwLTk0MGRiNDc3NmExODEeMBwGA1UECgwVU3VuZGhlZHNkYXRhc3R5cmVsc2VuMRcwFQYDVQRhDA5OVFJESy0zMzI1Nzg3MjELMAkGA1UEBhMCREswggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCDqOcDXr2tsBXp3QqYpoZCyJAJQ4+rEtmOLJL/Qyol+5e2NyBOqIGdpXdcSI6hCTYEQu/67EDFRcO9yU6yD/u7xOcy+t3eCqx1ydOy20AZCdcKwRmxBzyQN5er+mBErG2+iprTWJdpwCw0mwjNt5edusm7Nwufk0AkN5nxvEEynwesTdTqgLzL99Jk1zdg0uokROg1s13CCvpenYks8+yXwgddO/36WmUn9V8N+1MIu+UpwsULB9zsNCU8qlDzlgg1u6nr8nnKTBBwT2mXl4xCOF2EEJF5lGUaJ+NOu/ljI2WN2pEUsiqpZPvsI14teJKucH4zCV2y7PhyCBacuti7rEZjuZ6ELeTiUvgs+TqqTFGn3dxCq6FOgz5z5N2ypPTPzg/ntBH0CqkjFn+loh5GIBcA8ff5AHNjqM3Ygu/u1p+BwszeGJLAwk0AUtp67aB4QBGuh73vWsaeERwg4Hc1HeNldv/I4iyMQFlp1qsZoAC6cApeoM6umihYcTfi7rMCAwEAAaOCAYYwggGCMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUfyif2XGZQuJ159c1di5NCCVtdl4wewYIKwYBBQUHAQEEbzBtMEMGCCsGAQUFBzAChjdodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY2FjZXJ0L2lzc3VpbmcuY2VyMCYGCCsGAQUFBzABhhpodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2NzcDAhBgNVHSAEGjAYMAgGBgQAj3oBATAMBgoqgVCBKQEBAQMHMDsGCCsGAQUFBwEDBC8wLTArBggrBgEFBQcLAjAfBgcEAIvsSQECMBSGEmh0dHBzOi8vdWlkLmdvdi5kazBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY2ExLmN0aS1nb3YuZGsvb2Nlcy9pc3N1aW5nLzEvY3JsL2lzc3VpbmcuY3JsMB0GA1UdDgQWBBQoPAINYQR2GfgN1KAQMauutePL6jAOBgNVHQ8BAf8EBAMCBaAwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgA4IBgQC31Dtgc8+hxB0v+/RL1N3SsyfIxKNVJBhkl2Rfihn700Or5E+0ETyP8mV8MadraDBDYbwMkd3TNOzuF6Ct8c4X5mv+XKr8m0eDPlh7I7mMZ5zzpVw5Co4Wiwwiv9Hb59P/c182FaSPAA1bpmko9AH+duPcquiQELoSRfqW23B2cejACd95XbyXQVFdbCdhyCGAexbJ4egChJsXPU2zAOXq1/pa5bNSmJMsJgqP36bTbA6r+mjv0FArkrL76W1kmchpj6F4tSuDaaJlUmKvmzzBomwhlQRr/vxZc0FOamnJ8is9wC49tOaEMUx2l2iSWZKXMh4C6LQC8hQsjiXnYsERAWgeqwzqtVE3iKaGhOv+W7ECKFndGjYM95bdVK8x9BymTrPun63BCiVGqhMzsEc2RkvbKgBpb7L+Ont0EAahwcTshBzfe0jhA2thWHNGFxXpNqI0ZaAo/NKJpHK3I0EACAB0/VjiQZ/inSKtPnof1/nQZ32QWX3ij0VkX2mE2Pw=</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
<saml:Subject>
<saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">
dk:gov:saml:attribute:CprNumberIdentifier:0606786666</saml:NameID>
<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:holder-of-key">
<saml:SubjectConfirmationData NotOnOrAfter="2025-06-19T11:45:33Z"
Recipient="https://audience.nspop.dk/minspaerring">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIGjTCCBMGgAwIBAgIUFy4h2LTxF4eZW2LC1kay4XM2HOkwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAgEFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAgEFAKIDAgEgMGsxLTArBgNVBAMMJERlbiBEYW5za2UgU3RhdCBPQ0VTIHVkc3RlZGVuZGUtQ0EgMTETMBEGA1UECwwKVGVzdCAtIGN0aTEYMBYGA1UECgwPRGVuIERhbnNrZSBTdGF0MQswCQYDVQQGEwJESzAeFw0yMjExMjkwOTMwMjVaFw0yNTExMjgwOTMwMjRaMIGjMSIwIAYDVQQDDBlOU1AgVGVzdCBTZXJ2aWNlIENvbnN1bWVyMTcwNQYDVQQFEy5VSTpESy1POkc6OGQzZmEwNDctYzc3ZS00N2U0LWJkZDItZTkxNDg4NjEwY2U2MR4wHAYDVQQKDBVTdW5kaGVkc2RhdGFzdHlyZWxzZW4xFzAVBgNVBGEMDk5UUkRLLTMzMjU3ODcyMQswCQYDVQQGEwJESzCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALyJRrV1jHkQtPZ5Yb1BQsVv7CsH2G7xMebZh6o7Opm/Pb2+u8QKnPK2dkPXtFDn4efC6adwMN7EeDulIOC+6S/2yNcUQvD9Nbk40TBX6wqHjcQoMA9a725m1cqQiHPGxlHhQVMRzeJLjpEVnkdush3NCZFfndu48bdtsxM2n6sJgB3wJhvVAb8PdABfZETRcpMVIU8gBEWhMFHZhKlzmZqPUf7OQCtF2Hd1N7F4Qzus/NCP98p9z92h07sVprZD8iwWLlN9GukssDoZTbHpYmeFRE74WnxibQwau8FRFXxHZVSMQ+b3rOPLw0fLL09wDIDcBdJZyK2S/qHWzCfxxNwUCMd5g5aEvXElxiVnNdSBNVz+9phvMz3T66Za64DxFbQ/cfQcCJgSQyGpGpAOEuv2Rl9xxiNHFkoYVTR85bsHPFm6zda7/WSRZbjrhWRsbcTNunu+ucK1STkb0jiupk951zwlGN/HFGPtYP6GEMbaln01Rc7XrQDO7Rc4VKBVlwIDAQABo4IBhjCCAYIwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBR/KJ/ZcZlC4nXn1zV2Lk0IJW12XjB7BggrBgEFBQcBAQRvMG0wQwYIKwYBBQUHMAKGN2h0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY2VzL2lzc3VpbmcvMS9jYWNlcnQvaXNzdWluZy5jZXIwJgYIKwYBBQUHMAGGGmh0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY3NwMCEGA1UdIAQaMBgwCAYGBACPegEBMAwGCiqBUIEpAQEBAwcwOwYIKwYBBQUHAQMELzAtMCsGCCsGAQUFBwsCMB8GBwQAi+xJAQIwFIYSaHR0cHM6Ly91aWQuZ292LmRrMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly9jYTEuY3RpLWdvdi5kay9vY2VzL2lzc3VpbmcvMS9jcmwvaXNzdWluZy5jcmwwHQYDVR0OBBYEFFNN5GI5Bd91v2k+3gh2tB79kMiJMA4GA1UdDwEB/wQEAwIFoDBBBgkqhkiG9w0BAQowNKAPMA0GCWCGSAFlAwQCAQUAoRwwGgYJKoZIhvcNAQEIMA0GCWCGSAFlAwQCAQUAogMCASADggGBAAg7zaoHb0a4EKKoVc2SVcp6/x4Np2CfUmduosmoWxd5SboR2NV93MinTkhJRLPXjTYjETLKLNbmgrDm1oFtnw4rVRdKtpy06D0Zh5hKmR3KDjfXt/+KiHtjqs5fmB8GVo3TxFHGnS4sOmph6l/KG4tOPhMabVWcX7vJQfIBVJMak1QHWzig4ooREvupqefYTpvP13GIG4DsyRabAlR2M3pyvdrSAU899gxASvWI6LBQlEdd4tPodAvdEEb3fHS2pnWmI56Im881jOdVtmmjWMCyPD4kP6SaBUxs7XhqZMwH8X98d5NMwPUYyyKwOVJfPrsWdfhupshcdyn2AWpVLU5GfhdRkmSdLdTKzzJOt7pPH+fS95R5MyV0febSJnSOXgNq7ICdQdiKO/HQ8/zmePRq8Ax/7DGrEA0zXENH2un6AV+7bZtELmNoU+B0MoN/AuSteAxmfTTnc8Xu45rTIXh3Vx1OS3NFggGSBvawlVkE7kWKej3o2sKtfot8a+ILzw==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</saml:SubjectConfirmationData>
</saml:SubjectConfirmation>
</saml:Subject>
<saml:Conditions NotBefore="2025-06-19T11:35:33Z"
NotOnOrAfter="2025-06-19T11:45:33Z">
<saml:AudienceRestriction>
<saml:Audience>https://audience.nspop.dk/minspaerring</saml:Audience>
</saml:AudienceRestriction>
</saml:Conditions>
<saml:AttributeStatement>
<saml:Attribute Name="dk:gov:saml:attribute:SpecVer"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">DK-SAML-2.0</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="dk:gov:saml:attribute:AssuranceLevel"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">3</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="dk:gov:saml:attribute:CprNumberIdentifier"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">0606786666</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>
</saml:Assertion>
<wsse:SecurityTokenReference
xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wsswssecurity-secext-1.1.xsd"
wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0"
wsu:Id="str">
<wsse:KeyIdentifier
ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID">
_ec8cceba-dec8-4a2e-9297-dbf4a4586998</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference URI="#body">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>epbtquIxtP3WLvq5LA9g34ppHH8=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#ts">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>eV/t3qZZi3KIN8b6c8nEVk4tYo4=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#str">
<ds:Transforms>
<ds:Transform
Algorithm="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform">
<wsse:TransformationParameters>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</wsse:TransformationParameters>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>jSy1ZmT7UXWQ0CX95A646d3kKs0=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#messageID">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>JxENTjL5EN9cABoD0gQGcN/M9HE=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#action">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>QwkYIg+CjKd2Gf5dGezYdZeyiSY=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#sbf">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>DrMuEoWp7Uik1KTUOuvtisxvpXA=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
biF8u9LC9jy9F1hz8coeDT6rYCav8bXUHpS7Pms+2kt8FskDql0tQ3E4DPV7err9qdzDG8Y+E+31f/Fwbtmwdd6cfONMNozZXHk9D0ZEWkmgb+wtdYbQAmXZrTUR+RdGzevE+4Vct2uR1Xt9oe/fxO9TOAcTYoq33LhCC1TozNMxDMlN1lBLlNPpR9GkQgkVKG3WRWMSYy8naozBoEeMR5JBJdk8Cj1U0BN28iJ212DhhkIHCmlXRmbPx2iETIoh1aJeWKPtHnBRyBGNDjWjQP+u6W0aaIwk/ARY8QaRSyzQPRHgmhassxZZ+NGc8Cwxor9boVU5ypCGgI6DOA9Of9Nhug5citgKLUQCc+efIGM8cs/D+cABHUBLnod19Mj0O8ApDJtcvPWAL7dlJrZVSo3kqfOGaparKe8rkk1ku4Bk8LWyKrg6+ptDb23cHMBh3OYlGsJgGOCrpNYduwi/fa+Tuy4v4n3a/EqeyKyB75fAikmriUXvLXSQ+tppRJcd</ds:SignatureValue>
<ds:KeyInfo>
<wsse:SecurityTokenReference
xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wsswssecurity-secext-1.1.xsd"
wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0"
wsu:Id="sigStr">
<wsse:KeyIdentifier
ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID">
_ec8cceba-dec8-4a2e-9297-dbf4a4586998</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
<wsa:MessageID wsu:Id="messageID">fdbaaa66-102a-469a-bd96-c63db7b950e9</wsa:MessageID>
<wsa:Action wsu:Id="action">urn:dk:nsi:consentservices:administration:service:1#ConsentAdd</wsa:Action>
<sbf:Framework sbfprofile:profile="urn:liberty:sb:profile:basic" version="2.0" wsu:Id="sbf" />
</soapenv:Header>
<soapenv:Body wsu:Id="body">
<ns3:ConsentAdd xmlns:ns3="urn:dk:nsi:consentservices:administration:service:1"
xmlns:ns2="urn:dk:nsi:consentservices:types">
<ConsentAdds>
<ns2:citizenCPR>0606786666</ns2:citizenCPR>
<ns2:positiveConsent>false</ns2:positiveConsent>
<ns2:validFromDate>2025-06-19T13:40:32+02:00</ns2:validFromDate>
</ConsentAdds>
</ns3:ConsentAdd>
</soapenv:Body>
</soapenv:Envelope> |
Resulterende sikkerhedsmodel:
| Ticket | isValid | true |
| Federation | Test | |
| Audience | https://audience.nspop.dk/minspaerring | |
| Created | 2025-06-19T11:43Z | |
| ValidFrom | 2025-06-19T11:38Z | |
| ValidTo | 2025-06-19T11:48Z | |
| Message | Identifier | 7e2a1f0e-7fe8-4467-b81b-b305199462ea |
| ConversationIdentifier | ||
| Action | urn:dk:nsi:consentservices:administration:service:1#ConsentAdd | |
| ActingUser | Type | Citizen |
| IdentifierFormat | CPR | |
| Identifier | 0606786666 | |
| GivenName | ||
| SurName | ||
| Age | ||
| Relation | ||
| Client | Name | MyTestSystem |
| PersistentUniqueKey | UI:DK-O:G:8d3fa047-c77e-47e4-bdd2-e91488610ce6 |
Eksempel på JTP-H token
Hvis Content-Type for requestet indeholder "JSON", så håndteres det som en JTP-H token, da det pt. er det eneste der er understøttet i NSP Access Handler.
...