Document toolboxDocument toolbox

Nexus Documentation
CURL vulnerability information (CVE-2023-38545) - Nexus awareness advisory on Microsoft's update KB5014754

Integrate Identity Manager with Smart ID Messaging

Owned by Ann Base (Deactivated)
Last updated: Jan 18, 2024 by Ylva AnderssonVersion comment
3 min read

This article is valid for Smart ID 20.11 and later.

This article describes how to set up communication between Smart ID Identity Manager and Smart ID Messaging

Smart ID Messaging is a messaging platform used within Nexus Smart ID to integrate clients into server side processes, via indirect communication. All clients and servers must be able to reach Smart ID Messaging, but they do not need to be able to reach one another. 

For more information on the architecture and interaction between Identity Manager and Smart ID clients, see Hermod architecture

The following prerequisites apply: 

  • Identity Manager is installed, see Deploy Smart ID (for legacy systems, see Install Identity Manager).

  • Smart ID Messaging (Hermod) is installed locally or running as a service. See Deploy Smart ID.

  • Server certificates to Identity Manager and Hermod must be available, to set up an https connection. 

Step-by-step instruction

Set up integration in Smart ID Messaging

Do settings in Smart ID Messaging to connect to Identity Manager over https.

See the instructions here: Integrate Smart ID Messaging with other Smart ID components.

Set up integration in Identity Manager

  1. Log in to Identity Manager Admin.



To set up the connection to Smart ID Messaging in Identity Manager:

  1. In Identity Manager Admin, go to Home > Messaging Server.

  2. To add a new messaging server:

    1. Click +New. Enter a Name and a Description.

    2. Click Save+Edit. 
      The Messaging Server panel is shown.

    3. In URL, enter the URL of the messaging server ending with command. The example assumes it is deployed as the web app Hermod

      1. Set the scheme to HTTPS and the port to the port number used by Hermod for callbacks. See Add API user and callback URL in Hermod

        Example: URL to Hermod web app

        https://<my-hermod-server>:<port>/hermod/rest/command



    4. In Authentication token, enter base64(client-id:key) with the values for client-id and key that were used in the new client. 

      Example: Authentication token

      cHJpbWUxOjA3OWI2YTY0ZDc1YjRlOTU4NWJkMGMyNGYzNmE3ZGViYTBhZDAzNDk4ZWNmNGQ2OWI1NzY2ZjI0ZmEwMmUwNDU=



    5. In Lifespan, enter the desired lifespan in seconds of a command to Smart ID Messaging.
      After this time, the command is removed from history and the provisioning will fail. 

    6. In Timeout, enter the desired timeout in seconds of a command to Smart ID Messaging. The timeout must be shorter than the lifespan.
      After this time, the command is removed from the message box, but kept for polling until the lifespan is reached.

  3. To edit an existing identity template, double-click on its name.



To create a dedicated user for Smart ID Messaging:

  1. In Identity Manager Admin, go to Home > User Administration.

  2. Click +New. Enter a Username and a Password.

  3. Click Save.

Add this user's username and password in the configuration file when adding an API user in the Smart ID Messaging component Hermod, see here: Add API user and callback URL in Hermod.

Set up HTTPS connection between Identity Manager and Smart ID Messaging

Check if HTTPS connection is working and service is available



Copyright 2024 Technology Nexus Secured Business Solutions AB. All rights reserved.
Contact Nexus | https://www.nexusgroup.com | Disclaimer | Terms & Conditions