Use-of-credentials
Performing logins with different credentials
It follows from eIAM services 1 and 2 that logins (user logins) are not performed by the target applications themselves, but by an internal or external IdP associated with eIAM. This is an important security aspect of the federation between identity provider, eIAM and target applications: The login is always performed on the infrastructure of the electronic identity provider. Which identity providers (IdPs) and which quality of digital identity (QoA) a target application accepts is defined in the eIAM dossier at the integration project per target application.Infolink regarding the IdPs can be found at:
Infolink regarding the QoA concept can be found at:
For users who cannot be equipped with smartcards (FED-LOGIN) of the Federal Administration, the CH-LOGIN offers the self-regulated, unverified variant with one or two login factors (Password only or with mTAN or Authenticator App) and a verified variant, the latter with a hard crypto token (FIDO security key, Mobile ID) and a video identification (VIPS) or the Vasco token (outdated) as second factor (QoA50).
The use of the FED-LOGIN without smartcard, on different end devices also from the internet, is also possible in this case. Infolink: FED-LOGIN without smartcard inser
Message management
If it is temporarily not possible to log in to a certain application or if information is to be displayed before the login, the message management can be used.Info link to