Connection methods (which to choose?)

Owned by Einar Ársæll Hrafnsson
Last updated: Jul 20, 2023

Auðkenni offers three types of communication interfaces. OpenID Connect, REST API interface, and CIBA (Client Initiated Backchannel Authentication).

Which connection method should I choose?

It depends on what the needs are. Should only authentication be offered or is signing also being used.

If digital signing is also used

If authentication and signing capabilities are to be used, CIBA is the way to go.

If only authentication

If only authentication options are to be used, there are more ways available:

  • CIBA
    A secure method that requires security from the client tool being used. It also requires equipment certificates to use this method.
    Here, the service provider creates a login page that faces the user. At the same time, the service provider has full control over its appearance and functionality.

  • OpenId Connect
    A convenient and straightforward standardized method.
    Here, the login page provided by Auðkenni is used. The service provider, therefore, doesn't need to create it and, as a result, doesn't have control over its appearance and functionality.

  • REST API
    A simple and convenient API interface. This method does not require as much security from the client tool as the CIBA method.
    Here, the service provider creates a login page that faces the user. At the same time, the service provider has full control over its appearance and functionality.
    Most new service providers are choosing this method.

Links to more detailed content

More information about OpenID Connect

https://audkenni.atlassian.net/wiki/spaces/DOC/pages/10453030

More information about REST API interface

https://audkenni.atlassian.net/wiki/spaces/DOC/pages/10944540

More information about CIBA

https://audkenni.atlassian.net/wiki/spaces/DOC/pages/10780699