Web server interface

Use SOAP messages to interact with the Net iD Access Server server. The methods register, authenticate, sign, and collect are described below.

If a server calls any of the authenticate-, sign-, or collect-methods, and have not been registered on the Net iD Access Server server prior to the calls, the server will default to a dummy server named "Company ANY", and use the file image "any.png" as its logo. This feature is for testing purposes only and should not be used in a live environment.

For Information about example requests and responses using SOAP and HTTP POST, see WSDL.


The register call is used for registering a service on the Net iD Access Server server.

Register – Request elements

Element Description


Needed as placeholder. Leave element empty.


The desired service name that will be displayed in connecting clients.


A binary base64 encoded PNG image, no larger than 16 kB.


No value or pkcs7 = PKCS #7, raw = raw-256, raw-512

Register – Response elements

Element Description


Not used.


NiAS server where the calling server was registered at.


Name of the NiAS server.


Version number of Net iD Access Server.


The server making the register call.


Name of the server.


Same as the image provided in the argument.


Server ID.


The authentication call is used to authenticate a user.

Authenticate – Request elements

Element Description


Personal number of the user being authenticated.


If null, user nonvisible data will be generated.


Information about the end user. Not currently used.

Authenticate – Response elements

Element Description


String referencing the authentication order. Used as argument in Collect calls to query the order status.


The sign call is used for user signing.

Sign – Request elements

Element Description


Personal number of the user signing.


Visible data to be signed.


Nonvisible data to be signed.

If using PKCS #7-signatures, <userVisibleData> and <userNonVisibleData> can be combined. When using raw-signatures only use <userNonVisibleData>.


Not currently in use.

Sign – Response elements

Element Description


String referencing the sign order. Used in Collect to query the order status.


The collect call is used for querying the status of an outstanding order, and to collect return data once the order has been completed.

Collect – Request elements

Element Description


The <AuthenticateResult> or <SignResult> strings returned by the sign and authenticate methods.

Collect – Response elements

Element Description


String indicating the status of the request. If COMPLETE the other fields of the response will be filled out, otherwise left empty. For a description of the status codes, see Collect – Status codes.


Signature for content to ensure the sender is the one expected.


Information about the end user.


User name.


User personal number.


Validity time for id.


Validity time for id.


Given name of the end user.


Surname of the end user.


OCSP response for the request. Only available if the authority is set to include a copy of the OCSP response in the SOAP response.


Information about the device used to create the request.


Platform name. May contain white space.


Platform version.


IP address.

Collect – Status codes

Table 1. Collect status codes
Status code Description


The request has been completed.


The request has been created, but not yet received by the client.


The request has been received by the client, and signing/authentication is pending.

Error codes

Table 2. Error codes
Error code Description


Input parameters are missing or invalid.


The security configuration of the RP does not allow the requested operation.


The PKI validation of the signature for Authentication or Sign failed.


Some kind of temporary problem.


Internal error in the service.


The end user is unknown or not valid.


The signature has already been collected; it can only be collected once.


The queried transaction has expired.


Not used.


The mobile client is invalid.


The end user already has a request to process.


The mobile client reported that the end user cancelled the Authenticate or Sign request.


The order has been cancelled.


Reference WSDL code is available at https://showroom.lab.secmaker.com/nias/.