NOTE: Trivore ID Documentation has moved to https://trivoreid.com

The content on this site IS OUT OF DATE!

This space has been archived!

Please go ahead to the new site!

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

In addition to the standard OpenID Connect claims (listed here: http://openid.net/specs/openid-connect-core-1_0.html#StandardClaims) onePortal supports additional custom claims. If they are requested in the original authentication request, the corresponding response values are included either in the ID token or in the /userinfo resource, depending on the request (http://openid.net/specs/openid-connect-core-1_0.html#ClaimsParameter).

List of claims

Since service version 3.2 the list of custom claims can be accessed via the OpenID Connect client configuration user interface. It will list the scopes and claims that are usable on your specific service installation. You can find out the connections between scopes and claims as well.



Pre-3.2 service version

The claims available before service version 3.2 are listed here

Custom claim nameDescriptionTypeExampleSinceGranted also with scope
https://oneportal.trivore.com/claims/consentsUser consent information.JSON object
{
 "profiling":true,
 "locationing":true,
 "marketingOther":true,
 "marketingEmail":true,
 "marketingMobileMessage":true,
 "marketingPhone":true,
 "marketingPost":true,
 "marketingPushNotification":true,
}
2.8.4https://oneportal.trivore.com/scope/consent.readonly
https://oneportal.trivore.com/claims/groupsArray of group names user is a member of.JSON array

["admins", "users"]


https://oneportal.trivore.com/scope/groups.readonly
https://oneportal.trivore.com/claims/namespaceNamespace codeString"admin"2.8.1Always granted since 2.8.2.
https://oneportal.trivore.com/claims/strong_identification

User's strong identification status. How has the user been strongly identified. The response object has the following fields:

  • identified: Always present, boolean value, has the user been strongly identified
  • time: Present if available, when was user last identified, in ISO-8601 datetime format with timezone
  • method: Present if available, how was user last identified. Possible values: SUOMI_FI, IN_PERSON. SUOMI_FI includes eIDAS identifications.
JSON object

{
 "identified": true,
 "time":"2011-12-03T10:15:30Z",
 "method":"SUOMI_FI"
}


https://oneportal.trivore.com/claims/legal_locality

User's legal home city or locality name and code. The response object has the following fields:

  • names: Present if available. A map of 2-character language codes to locality names.
  • code: Present if available. The legal code string of locality.
JSON object
{
 "names":{
  "fi":"Turku",
  "sv":"Åbo"
 },
 "code":"853"
}

https://oneportal.trivore.com/scope/legalinfo.readonly
https://oneportal.trivore.com/claims/legal_names

User's legal names. The response object may have some of the following fields:

  • calling_name
  • first_names
  • last_name
JSON object
{
 "calling_name": "Matti",
 "first_names": "Matti Aapeli",
 "last_name":"Meikäläinen"
}
2.8.2https://oneportal.trivore.com/scope/legalinfo.readonly
https://oneportal.trivore.com/claims/minorUser's 'minor' status. Is user a minor? The exact age limit is not specified so the client must make the determination based on their use case.Booleannull, true or false
profile
https://oneportal.trivore.com/claims/personal_id_code

User's personal ID code. The information is sourced from either:

  • Legal info (received from suomi.fi or similar government authority service)
  • Manually performed strong identification (driver's license or other document manually verified)
String"170675-123A"
https://oneportal.trivore.com/scope/legalinfo.readonly
https://oneportal.trivore.com/claims/student

User's student status information. The response object has some of the following fields:

  • state: Student state, one of:
    • fullTime,
    • partTime,
    • notStudent,
    • forbidden, (not allowed to ask from remote source)
    • unknown
  • student_from: Date when user became a student. Not returned if unknown.
  • student_to: Date when user stops being a student. Not returned if unknown.
  • updated: Timestamp when student status was last updated. Not returned if unknown or never updated.
  • last_query_success: Boolean. True if last query from original source was successful. If false, the student information was not updated and may be stale. Client may use the previously known user information if it is not too old, or show an error message to the user if necessary, and try again later. Since 2.8.5.
  • last_query_error: If last_query_success was false, this string contains the known error message. It may be useful for debugging. Since 2.8.5.
JSON object
{
"state":"fullTime",
"student_from":"2018-06-01",
"student_until":"2018-12-31",
"updated":"2018-10-04T11:26:50.153Z",
"last_query_success":true,
"last_query_error": ""
}
2.8.0https://oneportal.trivore.com/scope/studentinfo.readonly
https://oneportal.trivore.com/claims/tagsUser's tags. Provides an array of string values.JSON array
["customer","2019"]
3.2profile
  • No labels