Metadata Validator - Swedenconnect QA Metadata

Metadata Validator for Sweden Connect Sandbox federation

( http://eid.svelegtest.se/metadata/feed ) Updated: 2022-05-23 22:51:41 CEST Next Update: 2022-05-23 23:01:41 CEST

Identity Provider

AB SvenskaPass IdP (https://testegov.absvenskapass.se/authn) (2) (1)

AB SvenskaPass IdP (https://testegov.absvenskapass.se/authn)

(2)

(1)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor entityID="https://testegov.absvenskapass.se/authn" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
    <Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa3</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa3-sigmessage</saml:AttributeValue>
            </saml:Attribute>
            <saml:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/loa3-pnr</saml:AttributeValue>
            </saml:Attribute>
        </mdattr:EntityAttributes>
    </Extensions>
    <IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <Extensions>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="sv">AB SvenskaPass IdP</mdui:DisplayName>
                <mdui:DisplayName xml:lang="en">AB SvenskaPass IdP</mdui:DisplayName>
                <mdui:Description xml:lang="sv">AB SvenskaPass IdP</mdui:Description>
                <mdui:Description xml:lang="en">AB SvenskaPass IdP</mdui:Description>
                <mdui:Logo height="236" width="658">https://testegov.absvenskapass.se/idp/authn/logo/svenskapass.jpg</mdui:Logo>
                <mdui:Logo height="236" width="658">https://testegov.absvenskapass.se/idp/authn/logo/svenskapass_transparent.png</mdui:Logo>
            </mdui:UIInfo>
        </Extensions>
        <KeyDescriptor>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIDjTCCAnWgAwIBAgIBATANBgkqhkiG9w0BAQsFADBoMRMwEQYKCZImiZPyLGQBGQwDY29tMRMw
EQYDVQQKDApHZW1hbHRvIEFCMRMwEQYDVQQLDApHZW1hbHRvIEFCMRowGAYDVQQDDBFJZGVudGl0
eSBQcm92aWRlcjELMAkGA1UEBgwCU0UwHhcNMTgwMzE5MDczMTUxWhcNMjgwMzE2MDgzMTUxWjBo
MRMwEQYKCZImiZPyLGQBGQwDY29tMRMwEQYDVQQKDApHZW1hbHRvIEFCMRMwEQYDVQQLDApHZW1h
bHRvIEFCMRowGAYDVQQDDBFJZGVudGl0eSBQcm92aWRlcjELMAkGA1UEBgwCU0UwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCZvzWvy2CJHcLUt6nzUddRDhEwmUGivsZJtM79qALSxxI
FP2l9lJqzI0MshUyjvHSNmfZP5pbldVWdfVERN2HRWma4HSKlRsiMEJigsAa4xqiEL8Dsb6inBza
f3ZwYskKyQUMIkbCYFrW5OMOAsXNQ8uvXZhM0K8r00xNYIs4h6bggMDhIye8yCxAZ87TiNYTKON7
a8DTitz1vd3qLFWN+xwXcm3gW8BDSXA0Ydd76JTWeEJAr+zXboANvz80ubWKzx5XB1QWv4p9aGwn
2wJl7dJDm3+rmnHD8aEsParSvFfDbR3YN5rJuhjilHzDOzaQmySQ8Fw7ilOfRBNskCLpAgMBAAGj
QjBAMB8GA1UdIwQYMBaAFCnZc1uiX37wiLECvw147oPmeG6cMB0GA1UdDgQWBBQp2XNbol9+8Iix
Ar8NeO6D5nhunDANBgkqhkiG9w0BAQsFAAOCAQEAte3GOHHuD4V9ft+zCkOCguSzyGB31WBuIBew
c4EBRA5a7HJqdYvhgmIAlbq8fxhjk5k7a7oLNZOvzLYzm79r3dPQCgAvL2olgtVl89mbcyLttHwq
kyFEH2Q6h8/DnFClyKAzF2u+Qb7qQY4gu01P+tSw5H7olnE8q+Je+aCbxC8Vbh9WRhvydrkyPpqX
LRRZvNOyxyHhpUE96RrS8UmRs19DwEe0NzEnBqD17c+INq7KMTibGNA2U2nhc1xGvfqVjIdmSR1L
SkbZL2wQuRCDGUGWlCynijcTkIYzPJKQKChRyermhCxcSP5UjyyhhqxBnx25ChPPLm0/aV7wRJwr
nw==</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </KeyDescriptor>
        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://testegov.absvenskapass.se/idp/authn/saml/sso"/>
        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://testegov.absvenskapass.se/idp/authn/saml/sso"/>
    </IDPSSODescriptor>
    <Organization>
        <OrganizationName xml:lang="sv">AB SvenskaPass IdP</OrganizationName>
        <OrganizationName xml:lang="en">AB SvenskaPass IdP</OrganizationName>
        <OrganizationDisplayName xml:lang="sv">AB SvenskaPass IdP</OrganizationDisplayName>
        <OrganizationDisplayName xml:lang="en">AB SvenskaPass IdP</OrganizationDisplayName>
        <OrganizationURL xml:lang="sv">https://testegov.absvenskapass.se/idp/authn</OrganizationURL>
        <OrganizationURL xml:lang="en">https://testegov.absvenskapass.se/idp/authn</OrganizationURL>
    </Organization>
    <ContactPerson contactType="support">
        <EmailAddress>svenskapass_support@gemalto.com</EmailAddress>
    </ContactPerson>
    <ContactPerson contactType="technical">
        <EmailAddress>svenskapass_support@gemalto.com</EmailAddress>
    </ContactPerson>
</EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

WARNING

Certificates

This service share the same certificate for signing and encryption

EntityCategory-IdP

This Identity Provider has the following EntityCategory values for LoA and attribute profile:

-	*http://id.elegnamnden.se/ec/1.0/loa3-pnr*

ERROR

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa3-pnr" does not have the required complementary EntityCategory value "http://id.swedenconnect.se/ec/1.0/loa3-name"

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa3-pnr" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/loa3

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: AB SvenskaPass IdP*
-	*en: AB SvenskaPass IdP*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: AB SvenskaPass IdP*
-	*en: AB SvenskaPass IdP*

MDUI-Logotype

Working logotypes present:

H:236	W:658	Type:JPG
H:236	W:658	Type:PNG

MDUI-Logotype

All logotypes are OK but no vector graphic image of type SVG is present. Consider providing images in vector graphic for best UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/loa3

- http://id.elegnamnden.se/loa/1.0/loa3-sigmessage

ERROR

LOA

IdP declares the following deprecated Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/loa3-sigmessage

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://testegov.absvenskapass.se/authn is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (AB SvenskaPass IdP)

CONTACT-SUPP

Support contact e-mail (svenskapass_support@gemalto.com) is present

CONTACT-TECH

Technical contact e-mail (svenskapass_support@gemalto.com) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

CGI Sverige (https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/metadata/0/13) (4) (4)

CGI Sverige (https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/metadata/0/13)

(4)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/metadata/0/13" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:KeyDescriptor>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIHZzCCBk+gAwIBAgIMF+FmN1a1qzLOgkF4MA0GCSqGSIb3DQEBCwUAMEwxCzAJBgNVBAYTAkJF MRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlBbHBoYVNTTCBDQSAtIFNIQTI1 NiAtIEcyMB4XDTE2MTEyNTEzMTcxNFoXDTE5MTEyNjEzMTcxNFowVzELMAkGA1UEBhMCU0UxITAf BgNVBAsTGERvbWFpbiBDb250cm9sIFZhbGlkYXRlZDElMCMGA1UEAwwcdGVzdGlkcC5mdW5rdGlv bnN0amFuc3Rlci5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALdvVtRM0we9xezi bx3a9y0u+jutxeU+JrmGY8guPOpFBwwRtb0brYd2yCEs6w0qg9kQNgTGVeUTCjwOt/KclU2Vzpdi TaOG0F+lTyGupibnj8PJm9BANbgtfIuni3XiUnfhArDcGs32po4SPkKl96Ta24D23UW0j4bpooeQ xMntKlcJ1vOCLRbqfgJYnOQcpcC/4AJK2cYR3XmksZBC1eZ5PiQ08JL+TSCAXe3AuNUg1wp3GQNT zBvHZBedPDJErpMiHmnQiMjMn5vv6dwLkWbhR8+tXqqlcvBwHHcUS+DST4UhrYZpPX7UsvTP/VbH ZUh3Ui/+zkWQVFzGkOr59XcCAwEAAaOCBDwwggQ4MA4GA1UdDwEB/wQEAwIFoDCBiQYIKwYBBQUH AQEEfTB7MEIGCCsGAQUFBzAChjZodHRwOi8vc2VjdXJlMi5hbHBoYXNzbC5jb20vY2FjZXJ0L2dz YWxwaGFzaGEyZzJyMS5jcnQwNQYIKwYBBQUHMAGGKWh0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNv bS9nc2FscGhhc2hhMmcyMFcGA1UdIARQME4wQgYKKwYBBAGgMgEKCjA0MDIGCCsGAQUFBwIBFiZo dHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAIBgZngQwBAgEwCQYDVR0TBAIw ADA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vY3JsMi5hbHBoYXNzbC5jb20vZ3MvZ3NhbHBoYXNo YTJnMi5jcmwwJwYDVR0RBCAwHoIcdGVzdGlkcC5mdW5rdGlvbnN0amFuc3Rlci5zZTAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFBG0CpH9QANh4x0mJ9rmYrz0LxgLMB8G A1UdIwQYMBaAFPXN1TwIUPlqTzq3l9pWg+Zp0mj3MIICbAYKKwYBBAHWeQIEAgSCAlwEggJYAlYA dgDd6x0reg1PpiCLga2BaHB+Lo6dAdVciI09EcTNtuy+zAAAAVibogHaAAAEAwBHMEUCIQDrU2wR fIVHu2LOK2XkO0zft33VODCKgT7A50YPz8qItgIgYbEsoKAFc0FTxRn8a+Yh1eMnR2UWmk4cCuOz CHTM50gAdgBWFAaaL9fC7NP14b1Esj7HRna5vJkRXMDvlJhV1onQ3QAAAVibogPNAAAEAwBHMEUC ICugbUAqjcVheqOvjq00jzn6ZErL7s0x6IJZt9AhXE36AiEAqGp/hDNXDDGE42BOtGy8IoH8VCgT mMHrM49hs3rqCyQAdgCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAVibogTTAAAE AwBHMEUCIQCUIhAPQwS/Q/mQiaicx3tCKNooYT4HEWBoMX4GLIb0pgIgK66GPlTT1oBocKrdz7Ob 5G2s0J4RHzVV+sBFHBy+458AdQBo9pj4H2SCvjqM7rkoHUz8cVFdZ5PURNEKZ6y7T0/7xAAAAVib ogWjAAAEAwBGMEQCIHJtsd2Z82Ly2RuOq20hvi1Fb2iEnZsxy5AO20fDlxtuAiB8ve1X3a8uFwG2 1B2C4SMKxE24vYsBbOvTtBqj3JqCkgB1AO5Lvbd1zmC64UJpH6vhnmajD35fsHLYgwDEe4l6qP3L AAABWJuiDKIAAAQDAEYwRAIgRf12AsD/XrHsUNNHfIbanSoWOg/o4YBBOhlUh39v0YMCIExBZSJs pqBlNu1xUrCsCGhZ376MOzkPQjEioV5azFd5MA0GCSqGSIb3DQEBCwUAA4IBAQAX+vAT9GHA3bQb Xeny7bNG0RFddoJr5xocshSAmTjIb+0wFy6/P3Ud4XBkR18iAjwGYhnRI0+12OlCRUbl4xe1KfTQ x6DBJRNWWpGfUgHV5D3+Te132WChrQgxBNTA5YABp+GxA/BmwJPPnYw3OQOGLCYAsdsy24mlk7Tq Rk14wSM5Ul+3lieE0Bi0TeBQBHOUJGU2eoTIKaS/kd/Z/gkUpjrWY2X7FnAEo7A61yQkvRRTGfQj K8X6JbpauN6gqBT3GJwHpEjxZrrToc78I6RVHxBE1XmY1Ldr11jLvqs7Y6H+VZg1vSdVnim4t0rT em3wlDLyG8xLzrIVJq2XOiHZ</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/sloreq/0/13?mgvhostparam=0" ResponseLocation="https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/sloresp/0/13?mgvhostparam=0"/>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/sloreq/0/13?mgvhostparam=0" ResponseLocation="https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/sloresp/0/13?mgvhostparam=0"/>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/req/0/13?mgvhostparam=0"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/req/0/13?mgvhostparam=0"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="sv">CGI Sverige</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="sv">CGI Funktionstjänster Test - BankID samma enhet</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="sv">https://www.cgi.se</md:OrganizationURL>
    </md:Organization>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

WARNING

Certificates

The certificate for signing and encryption has expired

WARNING

Certificates

This service share the same certificate for signing and encryption

WARNING

EntityCategory-IdP

This Identity Provider does not have an EntityCategory value for LoA and attribute profile.
It is recommended that IdP's have at least one EntityCategory value that indicates supported attributes

ERROR

MDUI

No mdui:UIInfo element is present

ERROR

LOA

No present declaration of supported Level of Assurance (LoA)

ERROR

LOA-Holder-of-key

Processing holder-of-key information in IdP metadata resulted in error: java.lang.NullPointerException

ERROR

NameID-IdP

Missing NameID declaration urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
NameID declarations for an IdP must declare the NameID formats:

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/metadata/0/13 is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (CGI Sverige)

WARNING

CONTACT

No contact information is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

CGI Sverige (https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/metadata/0/14) (4) (4)

CGI Sverige (https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/metadata/0/14)

(4)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/metadata/0/14" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:KeyDescriptor>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIHZzCCBk+gAwIBAgIMF+FmN1a1qzLOgkF4MA0GCSqGSIb3DQEBCwUAMEwxCzAJBgNVBAYTAkJF MRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlBbHBoYVNTTCBDQSAtIFNIQTI1 NiAtIEcyMB4XDTE2MTEyNTEzMTcxNFoXDTE5MTEyNjEzMTcxNFowVzELMAkGA1UEBhMCU0UxITAf BgNVBAsTGERvbWFpbiBDb250cm9sIFZhbGlkYXRlZDElMCMGA1UEAwwcdGVzdGlkcC5mdW5rdGlv bnN0amFuc3Rlci5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALdvVtRM0we9xezi bx3a9y0u+jutxeU+JrmGY8guPOpFBwwRtb0brYd2yCEs6w0qg9kQNgTGVeUTCjwOt/KclU2Vzpdi TaOG0F+lTyGupibnj8PJm9BANbgtfIuni3XiUnfhArDcGs32po4SPkKl96Ta24D23UW0j4bpooeQ xMntKlcJ1vOCLRbqfgJYnOQcpcC/4AJK2cYR3XmksZBC1eZ5PiQ08JL+TSCAXe3AuNUg1wp3GQNT zBvHZBedPDJErpMiHmnQiMjMn5vv6dwLkWbhR8+tXqqlcvBwHHcUS+DST4UhrYZpPX7UsvTP/VbH ZUh3Ui/+zkWQVFzGkOr59XcCAwEAAaOCBDwwggQ4MA4GA1UdDwEB/wQEAwIFoDCBiQYIKwYBBQUH AQEEfTB7MEIGCCsGAQUFBzAChjZodHRwOi8vc2VjdXJlMi5hbHBoYXNzbC5jb20vY2FjZXJ0L2dz YWxwaGFzaGEyZzJyMS5jcnQwNQYIKwYBBQUHMAGGKWh0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNv bS9nc2FscGhhc2hhMmcyMFcGA1UdIARQME4wQgYKKwYBBAGgMgEKCjA0MDIGCCsGAQUFBwIBFiZo dHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAIBgZngQwBAgEwCQYDVR0TBAIw ADA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vY3JsMi5hbHBoYXNzbC5jb20vZ3MvZ3NhbHBoYXNo YTJnMi5jcmwwJwYDVR0RBCAwHoIcdGVzdGlkcC5mdW5rdGlvbnN0amFuc3Rlci5zZTAdBgNVHSUE FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFBG0CpH9QANh4x0mJ9rmYrz0LxgLMB8G A1UdIwQYMBaAFPXN1TwIUPlqTzq3l9pWg+Zp0mj3MIICbAYKKwYBBAHWeQIEAgSCAlwEggJYAlYA dgDd6x0reg1PpiCLga2BaHB+Lo6dAdVciI09EcTNtuy+zAAAAVibogHaAAAEAwBHMEUCIQDrU2wR fIVHu2LOK2XkO0zft33VODCKgT7A50YPz8qItgIgYbEsoKAFc0FTxRn8a+Yh1eMnR2UWmk4cCuOz CHTM50gAdgBWFAaaL9fC7NP14b1Esj7HRna5vJkRXMDvlJhV1onQ3QAAAVibogPNAAAEAwBHMEUC ICugbUAqjcVheqOvjq00jzn6ZErL7s0x6IJZt9AhXE36AiEAqGp/hDNXDDGE42BOtGy8IoH8VCgT mMHrM49hs3rqCyQAdgCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAVibogTTAAAE AwBHMEUCIQCUIhAPQwS/Q/mQiaicx3tCKNooYT4HEWBoMX4GLIb0pgIgK66GPlTT1oBocKrdz7Ob 5G2s0J4RHzVV+sBFHBy+458AdQBo9pj4H2SCvjqM7rkoHUz8cVFdZ5PURNEKZ6y7T0/7xAAAAVib ogWjAAAEAwBGMEQCIHJtsd2Z82Ly2RuOq20hvi1Fb2iEnZsxy5AO20fDlxtuAiB8ve1X3a8uFwG2 1B2C4SMKxE24vYsBbOvTtBqj3JqCkgB1AO5Lvbd1zmC64UJpH6vhnmajD35fsHLYgwDEe4l6qP3L AAABWJuiDKIAAAQDAEYwRAIgRf12AsD/XrHsUNNHfIbanSoWOg/o4YBBOhlUh39v0YMCIExBZSJs pqBlNu1xUrCsCGhZ376MOzkPQjEioV5azFd5MA0GCSqGSIb3DQEBCwUAA4IBAQAX+vAT9GHA3bQb Xeny7bNG0RFddoJr5xocshSAmTjIb+0wFy6/P3Ud4XBkR18iAjwGYhnRI0+12OlCRUbl4xe1KfTQ x6DBJRNWWpGfUgHV5D3+Te132WChrQgxBNTA5YABp+GxA/BmwJPPnYw3OQOGLCYAsdsy24mlk7Tq Rk14wSM5Ul+3lieE0Bi0TeBQBHOUJGU2eoTIKaS/kd/Z/gkUpjrWY2X7FnAEo7A61yQkvRRTGfQj K8X6JbpauN6gqBT3GJwHpEjxZrrToc78I6RVHxBE1XmY1Ldr11jLvqs7Y6H+VZg1vSdVnim4t0rT em3wlDLyG8xLzrIVJq2XOiHZ</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/sloreq/0/14?mgvhostparam=0" ResponseLocation="https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/sloresp/0/14?mgvhostparam=0"/>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/sloreq/0/14?mgvhostparam=0" ResponseLocation="https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/sloresp/0/14?mgvhostparam=0"/>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/req/0/14?mgvhostparam=0"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/req/0/14?mgvhostparam=0"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="sv">CGI Sverige</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="sv">CGI Funktionstjänster Test - BankID annan enhet</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="sv">https://www.cgi.se</md:OrganizationURL>
    </md:Organization>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

WARNING

Certificates

The certificate for signing and encryption has expired

WARNING

Certificates

This service share the same certificate for signing and encryption

WARNING

EntityCategory-IdP

This Identity Provider does not have an EntityCategory value for LoA and attribute profile.
It is recommended that IdP's have at least one EntityCategory value that indicates supported attributes

ERROR

MDUI

No mdui:UIInfo element is present

ERROR

LOA

No present declaration of supported Level of Assurance (LoA)

ERROR

LOA-Holder-of-key

Processing holder-of-key information in IdP metadata resulted in error: java.lang.NullPointerException

ERROR

NameID-IdP

Missing NameID declaration urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
NameID declarations for an IdP must declare the NameID formats:

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/metadata/0/14 is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (CGI Sverige)

WARNING

CONTACT

No contact information is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

CGI Sverige AB (https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/metadata/0/24) (1) (3)

CGI Sverige AB (https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/metadata/0/24)

(1)

(3)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/metadata/0/24" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml2:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/sc/uncertified-loa3-pnr</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3-sigmessage</saml2:AttributeValue>
            </saml2:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="sv">CGI Funktionstjänster Test - Mobilt BankID</mdui:DisplayName>
                <mdui:DisplayName xml:lang="en">CGI Funktionstjänster Test - Mobile BankID</mdui:DisplayName>
                <mdui:Description xml:lang="sv">Autentiseringstjänster via SAML</mdui:Description>
                <mdui:Description xml:lang="en">SAML authentication services</mdui:Description>
                <mdui:Logo height="142" width="303" xml:lang="en">https://upload.wikimedia.org/wikipedia/commons/3/32/CGI_logo.svg</mdui:Logo>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIHZzCCBk+gAwIBAgIMF+FmN1a1qzLOgkF4MA0GCSqGSIb3DQEBCwUAMEwxCzAJBgNVBAYTAkJF
MRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlBbHBoYVNTTCBDQSAtIFNIQTI1
NiAtIEcyMB4XDTE2MTEyNTEzMTcxNFoXDTE5MTEyNjEzMTcxNFowVzELMAkGA1UEBhMCU0UxITAf
BgNVBAsTGERvbWFpbiBDb250cm9sIFZhbGlkYXRlZDElMCMGA1UEAwwcdGVzdGlkcC5mdW5rdGlv
bnN0amFuc3Rlci5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALdvVtRM0we9xezi
bx3a9y0u+jutxeU+JrmGY8guPOpFBwwRtb0brYd2yCEs6w0qg9kQNgTGVeUTCjwOt/KclU2Vzpdi
TaOG0F+lTyGupibnj8PJm9BANbgtfIuni3XiUnfhArDcGs32po4SPkKl96Ta24D23UW0j4bpooeQ
xMntKlcJ1vOCLRbqfgJYnOQcpcC/4AJK2cYR3XmksZBC1eZ5PiQ08JL+TSCAXe3AuNUg1wp3GQNT
zBvHZBedPDJErpMiHmnQiMjMn5vv6dwLkWbhR8+tXqqlcvBwHHcUS+DST4UhrYZpPX7UsvTP/VbH
ZUh3Ui/+zkWQVFzGkOr59XcCAwEAAaOCBDwwggQ4MA4GA1UdDwEB/wQEAwIFoDCBiQYIKwYBBQUH
AQEEfTB7MEIGCCsGAQUFBzAChjZodHRwOi8vc2VjdXJlMi5hbHBoYXNzbC5jb20vY2FjZXJ0L2dz
YWxwaGFzaGEyZzJyMS5jcnQwNQYIKwYBBQUHMAGGKWh0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNv
bS9nc2FscGhhc2hhMmcyMFcGA1UdIARQME4wQgYKKwYBBAGgMgEKCjA0MDIGCCsGAQUFBwIBFiZo
dHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAIBgZngQwBAgEwCQYDVR0TBAIw
ADA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vY3JsMi5hbHBoYXNzbC5jb20vZ3MvZ3NhbHBoYXNo
YTJnMi5jcmwwJwYDVR0RBCAwHoIcdGVzdGlkcC5mdW5rdGlvbnN0amFuc3Rlci5zZTAdBgNVHSUE
FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFBG0CpH9QANh4x0mJ9rmYrz0LxgLMB8G
A1UdIwQYMBaAFPXN1TwIUPlqTzq3l9pWg+Zp0mj3MIICbAYKKwYBBAHWeQIEAgSCAlwEggJYAlYA
dgDd6x0reg1PpiCLga2BaHB+Lo6dAdVciI09EcTNtuy+zAAAAVibogHaAAAEAwBHMEUCIQDrU2wR
fIVHu2LOK2XkO0zft33VODCKgT7A50YPz8qItgIgYbEsoKAFc0FTxRn8a+Yh1eMnR2UWmk4cCuOz
CHTM50gAdgBWFAaaL9fC7NP14b1Esj7HRna5vJkRXMDvlJhV1onQ3QAAAVibogPNAAAEAwBHMEUC
ICugbUAqjcVheqOvjq00jzn6ZErL7s0x6IJZt9AhXE36AiEAqGp/hDNXDDGE42BOtGy8IoH8VCgT
mMHrM49hs3rqCyQAdgCkuQmQtBhYFIe7E6LMZ3AKPDWYBPkb37jjd80OyA3cEAAAAVibogTTAAAE
AwBHMEUCIQCUIhAPQwS/Q/mQiaicx3tCKNooYT4HEWBoMX4GLIb0pgIgK66GPlTT1oBocKrdz7Ob
5G2s0J4RHzVV+sBFHBy+458AdQBo9pj4H2SCvjqM7rkoHUz8cVFdZ5PURNEKZ6y7T0/7xAAAAVib
ogWjAAAEAwBGMEQCIHJtsd2Z82Ly2RuOq20hvi1Fb2iEnZsxy5AO20fDlxtuAiB8ve1X3a8uFwG2
1B2C4SMKxE24vYsBbOvTtBqj3JqCkgB1AO5Lvbd1zmC64UJpH6vhnmajD35fsHLYgwDEe4l6qP3L
AAABWJuiDKIAAAQDAEYwRAIgRf12AsD/XrHsUNNHfIbanSoWOg/o4YBBOhlUh39v0YMCIExBZSJs
pqBlNu1xUrCsCGhZ376MOzkPQjEioV5azFd5MA0GCSqGSIb3DQEBCwUAA4IBAQAX+vAT9GHA3bQb
Xeny7bNG0RFddoJr5xocshSAmTjIb+0wFy6/P3Ud4XBkR18iAjwGYhnRI0+12OlCRUbl4xe1KfTQ
x6DBJRNWWpGfUgHV5D3+Te132WChrQgxBNTA5YABp+GxA/BmwJPPnYw3OQOGLCYAsdsy24mlk7Tq
Rk14wSM5Ul+3lieE0Bi0TeBQBHOUJGU2eoTIKaS/kd/Z/gkUpjrWY2X7FnAEo7A61yQkvRRTGfQj
K8X6JbpauN6gqBT3GJwHpEjxZrrToc78I6RVHxBE1XmY1Ldr11jLvqs7Y6H+VZg1vSdVnim4t0rT
em3wlDLyG8xLzrIVJq2XOiHZ</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/sloreq/0/24?mgvhostparam=0" ResponseLocation="https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/sloresp/0/24?mgvhostparam=0"/>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/sloreq/0/24?mgvhostparam=0" ResponseLocation="https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/sloresp/0/24?mgvhostparam=0"/>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/req/0/24?mgvhostparam=0"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/req/0/24?mgvhostparam=0"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="sv">CGI Sverige AB</md:OrganizationName>
        <md:OrganizationName xml:lang="en">CGI Sverige AB</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="sv">CGI Sverige AB</md:OrganizationDisplayName>
        <md:OrganizationDisplayName xml:lang="en">CGI Sverige AB</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="en">https://www.cgi.se</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="technical">
        <md:EmailAddress>funktionstjanster@cgi.com</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="support">
        <md:EmailAddress>funktionstjanster@cgi.com</md:EmailAddress>
    </md:ContactPerson>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

WARNING

Certificates

The certificate for signing and encryption has expired

WARNING

Certificates

This service share the same certificate for signing and encryption

WARNING

EntityCategory-IdP

This Identity Provider does not have an EntityCategory value for LoA and attribute profile.
It is recommended that IdP's have at least one EntityCategory value that indicates supported attributes

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: CGI Funktionstjänster Test - Mobilt BankID*
-	*en: CGI Funktionstjänster Test - Mobile BankID*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: Autentiseringstjänster via SAML*
-	*en: SAML authentication services*

MDUI-Logotype

Working logotypes present:

H:142

W:303

Type:SVG

MDUI-Logotype

At least one logo contains vector graphic of type SVG. This gives the best expected UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3-sigmessage

ERROR

LOA

IdP declares the following deprecated Levels of Assurance:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3-sigmessage

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/metadata/0/24 is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (CGI Sverige AB)

CONTACT-SUPP

Support contact e-mail (funktionstjanster@cgi.com) is present

CONTACT-TECH

Technical contact e-mail (funktionstjanster@cgi.com) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

CGI Sverige AB (https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/metadata/0/27) (1) (2)

CGI Sverige AB (https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/metadata/0/27)

(1)

(2)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/metadata/0/27" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml2:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/sc/uncertified-loa3-pnr</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3-sigmessage</saml2:AttributeValue>
            </saml2:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="sv">CGI Funktionstjänster Test - BankID på samma enhet</mdui:DisplayName>
                <mdui:DisplayName xml:lang="en">CGI Funktionstjänster Test - BankID on same device</mdui:DisplayName>
                <mdui:Description xml:lang="sv">Autentiseringstjänster via SAML</mdui:Description>
                <mdui:Description xml:lang="en">SAML authentication services</mdui:Description>
                <mdui:Logo height="134" width="216" xml:lang="en">https://m00-mg-local.testidp.funktionstjanster.se/mg-local/logica-gfx/logo-0.png</mdui:Logo>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIGSjCCBTKgAwIBAgIMNbploOZjwQiOP71MMA0GCSqGSIb3DQEBCwUAMEwxCzAJBgNVBAYTAkJF
MRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlBbHBoYVNTTCBDQSAtIFNIQTI1
NiAtIEcyMB4XDTIxMTEwODE1MTgzNVoXDTIyMTIxMDE1MTgzNVowJzElMCMGA1UEAxMcdGVzdGlk
cC5mdW5rdGlvbnN0amFuc3Rlci5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKZa
LxRJGMwfJDwZf2EkYpr1hl0lIruy3CuWyLZKjH8aLfxs5XcS88ovoDlanJPHqmNa1tkG4gayoecq
zJlXe6Tbomei7LlJLUFAWrklgGqc5UTj+aRUoqGmR5k8rzim2ROEplYBzsHhmYcdt4hLRTlLP9ci
CuPNG6SBfJBRiQ1ADYLWxIn5AI18R0pJph9GfDR9sbcgGEgg3s9ta3P9DI5+Wt5P7XzLLFsakJot
36eWwEpyu6Xx0w3yPDrF4fxL+83UrIkuvzjdN3oK2NVfa4cLZwBoNVHr8hpuazExN6NoML6uOr8G
WtO0RckSGniCZByEA+9SzOVU/DLGoyx5OA8CAwEAAaOCA08wggNLMA4GA1UdDwEB/wQEAwIFoDCB
iQYIKwYBBQUHAQEEfTB7MEIGCCsGAQUFBzAChjZodHRwOi8vc2VjdXJlMi5hbHBoYXNzbC5jb20v
Y2FjZXJ0L2dzYWxwaGFzaGEyZzJyMS5jcnQwNQYIKwYBBQUHMAGGKWh0dHA6Ly9vY3NwMi5nbG9i
YWxzaWduLmNvbS9nc2FscGhhc2hhMmcyMFcGA1UdIARQME4wQgYKKwYBBAGgMgEKCjA0MDIGCCsG
AQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAIBgZngQwBAgEw
CQYDVR0TBAIwADA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vY3JsMi5hbHBoYXNzbC5jb20vZ3Mv
Z3NhbHBoYXNoYTJnMi5jcmwwJwYDVR0RBCAwHoIcdGVzdGlkcC5mdW5rdGlvbnN0amFuc3Rlci5z
ZTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHwYDVR0jBBgwFoAU9c3VPAhQ+WpPOreX
2laD5mnSaPcwHQYDVR0OBBYEFOXl+5qk0wTxchsAWPsk8RXMORAVMIIBfwYKKwYBBAHWeQIEAgSC
AW8EggFrAWkAdgBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAX0AITwLAAAEAwBH
MEUCIFnc1P0i9SCQ3EGac0bNZelK797oPeb2VEVp8sB2rexcAiEAn0vfo17v9300e7mW2Enm6xDK
9ZV2Q9jC+fnuQfwEPpMAdwApeb7wnjk5IfBWc59jpXflvld9nGAK+PlNXSZcJV3HhAAAAX0AITwA
AAAEAwBIMEYCIQD1XAu5pVWJfJz8XE/iYce8ZRhtfKhmUzQUKCzoM/AkagIhALD23ZawYNQXNU0a
V2BBWBEYUhJUsUzSDI69DenTXItMAHYAUaOw9f0BeZxWbbg3eI8MpHrMGyfL956IQpoN/tSLBeUA
AAF9ACE8LQAABAMARzBFAiB7dupQK5xvdndbrsWytJukg3FZEQi9eNhwTnTdX6IQFwIhAO7maDUo
pcHSqaS8bgdI64Z4rwS3B7wR/GPW7JkfNRB3MA0GCSqGSIb3DQEBCwUAA4IBAQDKsx8H0qfI7J3L
bC5z1ef3Z9RHLy8309VIM41/44+I874oDOFqe9LQSTutoVQ/+JIVtc9f5/7Ed6OAkQsYElgAGDR0
60BvT5C0U/RZmMEn4MV29Ci/YqUGeDUCKDMq16IFrI7dRwcaypf6JZ6F5jFugDWoaHMSz7YfWo6i
wtO3APACHb3iYqnwP3lpcyBXdkPCydEXbWNA+4djMOlZqh82YAom3NQV+zwlzNPzHxGjCYOkSZEf
aw2ZEWQWHVl/cLhbXBoWF3wMGFdvF9gD7iVjsYjTOhfspp7AtuKbCVW6v0ORsP+eGJMblGRXHOXM
/MgVZZeQAc5h2JLaubCVIzpA</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/sloreq/0/27?mgvhostparam=0" ResponseLocation="https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/sloresp/0/27?mgvhostparam=0"/>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/sloreq/0/27?mgvhostparam=0" ResponseLocation="https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/sloresp/0/27?mgvhostparam=0"/>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/req/0/27?mgvhostparam=0"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/req/0/27?mgvhostparam=0"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="sv">CGI Sverige AB</md:OrganizationName>
        <md:OrganizationName xml:lang="en">CGI Sverige AB</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="sv">CGI Sverige AB</md:OrganizationDisplayName>
        <md:OrganizationDisplayName xml:lang="en">CGI Sverige AB</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="en">https://www.cgi.se</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="technical">
        <md:EmailAddress>funktionstjanster@cgi.com</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="support">
        <md:EmailAddress>funktionstjanster@cgi.com</md:EmailAddress>
    </md:ContactPerson>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

WARNING

Certificates

This service share the same certificate for signing and encryption

WARNING

EntityCategory-IdP

This Identity Provider does not have an EntityCategory value for LoA and attribute profile.
It is recommended that IdP's have at least one EntityCategory value that indicates supported attributes

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: CGI Funktionstjänster Test - BankID på samma enhet*
-	*en: CGI Funktionstjänster Test - BankID on same device*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: Autentiseringstjänster via SAML*
-	*en: SAML authentication services*

MDUI-Logotype

Working logotypes present:

H:134

W:216

Type:PNG

MDUI-Logotype

All logotypes are OK but no vector graphic image of type SVG is present. Consider providing images in vector graphic for best UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3-sigmessage

ERROR

LOA

IdP declares the following deprecated Levels of Assurance:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3-sigmessage

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://m00-mg-local.testidp.funktionstjanster.se/samlv2/idp/metadata/0/27 is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (CGI Sverige AB)

CONTACT-SUPP

Support contact e-mail (funktionstjanster@cgi.com) is present

CONTACT-TECH

Technical contact e-mail (funktionstjanster@cgi.com) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

Finansiell ID-Teknik BID AB (https://eidas.systemtest.bankid.com/samlv2/idp/metadata/0/0) (1)

Finansiell ID-Teknik BID AB (https://eidas.systemtest.bankid.com/samlv2/idp/metadata/0/0)

(1)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="https://eidas.systemtest.bankid.com/samlv2/idp/metadata/0/0" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml2:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/eidas-pnr-delivery</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/general-ec/1.0/secure-authenticator-binding</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-sub</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-low</saml2:AttributeValue>
            </saml2:Attribute>
        </mdattr:EntityAttributes>
        <psc:PrincipalSelection xmlns:psc="http://id.swedenconnect.se/authn/1.0/principal-selection/ns">
            <psc:MatchValue Name="urn:oid:1.2.752.29.4.13"/>
        </psc:PrincipalSelection>
    </md:Extensions>
    <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">BankID Test IDP</mdui:DisplayName>
                <mdui:DisplayName xml:lang="sv">BankID Test-IDP</mdui:DisplayName>
                <mdui:Description xml:lang="en">SAML Test IDP for BankID</mdui:Description>
                <mdui:Description xml:lang="sv">SAML Test-IDP för BankID</mdui:Description>
                <mdui:Logo height="150" width="159" xml:lang="en">https://www.bankid.com/assets/logo-bank-id.svg</mdui:Logo>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIE4DCCAsigAwIBAgIIUWxrYADagWQwDQYJKoZIhvcNAQELBQAwYjELMAkGA1UEBhMCU0UxGjAY BgNVBAoMEVRlc3RiYW5rIEEgKHB1YmwpMTcwNQYDVQQDDC5EZXZUZXN0IFRlc3RiYW5rIEEgUlAg Q0EgdjEgZm9yIEJhbmtJRCBEZXZUZXN0MB4XDTIyMDExNjIzMDAwMFoXDTI0MDExNzIyNTk1OVow gZYxCzAJBgNVBAYTAlNFMSQwIgYDVQQKDBtGaW5hbnNpZWxsIElELVRla25payBCSUQgQUIxEzAR BgNVBAUTCjU1NjYzMDQ5MjgxJTAjBgNVBCkMHFNpZ25hdHVyZSBmb3IgU3dlZGVuIENvbm5lY3Qx JTAjBgNVBAMMHFNpZ25hdHVyZSBmb3IgU3dlZGVuIENvbm5lY3QwggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQDbBNcBEFWKBldB8jqrF9YcaTlzLX2T+iPHXO8CsE5mhUwjzweLWzt1eysF M3Lz+HFis3zPMsoRKXZrDZIh5Rd0XiJzn+R7704Gf06wm4BuwHEVCUD6bi6XUj59L5wwVqSWCAjn nyQtBC+VVnBNISzBMC8WAO52TfOSQV/q9AsCiskjaKO0h1tV3iB5c+LSZkA6JbcPb/ci2YHjMiDm O5jWdc5i8ZgjJWQvkBqffnFoIXQfdQedy4qzi5IOj2ulR9lnzZukH9dei9wgam80Fh0AUuL1RxVG j2Hr83c3TOxVmIODRzutQ+qldV+I2ROpf3yAxoz3A4PrAvUIrWBqUxhrAgMBAAGjZTBjMBEGA1Ud IAQKMAgwBgYEKgMEBTAOBgNVHQ8BAf8EBAMCB4AwHwYDVR0jBBgwFoAUcMlZlMJqWqVj9yCanD+P ydF0VpowHQYDVR0OBBYEFNxl8Y7FdgOUAnZITGtSjyP3lX+HMA0GCSqGSIb3DQEBCwUAA4ICAQCq MIK8BY2b4khQ2SpbGI/OrhUBFFkAdkXc+pOr/bQke7nEos7BxcMea+RfM+KAwmQU8fiWLfQHIJVr ZYIbuajM4AqOpB8oOtdLo2703PgGRZxYnhcjpaDgPupZeAtUly7XVcOUWDChXoD1Ey0nLTzwZeUU MoR/1tVwPpDoColWXfZoBrUaXBZG7vvUOfozdBn75hLSKu/JZhW+rqO/IEZJY2gz9tsLgmmuKZVz STpxKkYwBDhpwlV5VGZUh2Lk4YW0b6iNODBZpd+gdiBmr2yoKO+By2nV6/wTNXpGB+i73pHbhgxe kGiFSaTlw6VGNM2imEqMW5P3reqIXlzzqx4qLe0LksGUwoCvkcVRXe4VGbtGKVGGdOZP3Hvxw7EP rYV0dwItuS42TOBykcwOrKXQ8eJwIKOIqV6uSs+EobT7EsoD5drspjlcV51LmF/tK22KAoE+xr29 tG+k8RncMXRM1Qxw1sB/amEt9aecSD5CGMn76dcrwXRD9PZsn6GIx6910klBog9g43zGaBPRsByN E4kGDezmeRKBZ9Q9v1iAWOv9QSVTm/bqh+nZ3YYi7y4afB/TrOQSxmERLR88u3uJKz2qHTPPG4o5 z9LaKrxUa33iCi2R+eTiwbUzZImUMo+CqO6Iuf7eq5l93Gmcac/H5ZBWP6du2oeYu10VSTFpoQ==</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://eidas.systemtest.bankid.com/samlv2/idp/sloreq/0/0?mgvhostparam=0" ResponseLocation="https://eidas.systemtest.bankid.com/samlv2/idp/sloresp/0/0?mgvhostparam=0"/>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://eidas.systemtest.bankid.com/samlv2/idp/sloreq/0/0?mgvhostparam=0" ResponseLocation="https://eidas.systemtest.bankid.com/samlv2/idp/sloresp/0/0?mgvhostparam=0"/>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://eidas.systemtest.bankid.com/samlv2/idp/req/0/0?mgvhostparam=0"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://eidas.systemtest.bankid.com/samlv2/idp/req/0/0?mgvhostparam=0"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="en">Finansiell ID-Teknik BID AB</md:OrganizationName>
        <md:OrganizationName xml:lang="sv">Finansiell ID-Teknik BID AB</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="en">Finansiell ID-Teknik BID AB</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="en">https://bankid.com</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="technical">
        <md:EmailAddress>produktinfo@bankid.com</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="support">
        <md:EmailAddress>produktinfo@bankid.com</md:EmailAddress>
    </md:ContactPerson>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

WARNING

Certificates

This service share the same certificate for signing and encryption

EntityCategory-IdP

This Identity Provider has the following EntityCategory values for LoA and attribute profile:

-	*http://id.elegnamnden.se/ec/1.0/eidas-pnr-delivery*

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/eidas-pnr-delivery" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/eidas-sub,http://id.elegnamnden.se/loa/1.0/eidas-low

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: BankID Test-IDP*
-	*en: BankID Test IDP*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: SAML Test-IDP för BankID*
-	*en: SAML Test IDP for BankID*

MDUI-Logotype

Working logotypes present:

H:150

W:159

Type:SVG

MDUI-Logotype

At least one logo contains vector graphic of type SVG. This gives the best expected UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/eidas-sub

- http://id.elegnamnden.se/loa/1.0/eidas-low

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.elegnamnden.se/loa/1.0/eidas-sub

- http://id.elegnamnden.se/loa/1.0/eidas-low

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://eidas.systemtest.bankid.com/samlv2/idp/metadata/0/0 is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Finansiell ID-Teknik BID AB)

CONTACT-SUPP

Support contact e-mail (produktinfo@bankid.com) is present

CONTACT-TECH

Technical contact e-mail (produktinfo@bankid.com) is present

EIDAS-IdP

This IdP is configured to support the eIDAS proxy service through appropriate EntityCategory declarations and supports eIDAS LoA levels

Finansiell ID-Teknik BID AB (https://eidas.test.bankid.com/samlv2/idp/metadata/0/0) (1)

Finansiell ID-Teknik BID AB (https://eidas.test.bankid.com/samlv2/idp/metadata/0/0)

(1)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="https://eidas.test.bankid.com/samlv2/idp/metadata/0/0" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml2:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/eidas-pnr-delivery</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/general-ec/1.0/secure-authenticator-binding</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-sub</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-low</saml2:AttributeValue>
            </saml2:Attribute>
        </mdattr:EntityAttributes>
        <psc:RequestedPrincipalSelection xmlns:psc="http://id.swedenconnect.se/authn/1.0/principal-selection/ns">
            <psc:MatchValue Name="urn:oid:1.2.752.29.4.13"/>
        </psc:RequestedPrincipalSelection>
    </md:Extensions>
    <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">BankID Test IDP</mdui:DisplayName>
                <mdui:DisplayName xml:lang="sv">BankID Test-IDP</mdui:DisplayName>
                <mdui:Description xml:lang="en">SAML Test IDP for BankID</mdui:Description>
                <mdui:Description xml:lang="sv">SAML Test-IDP för BankID</mdui:Description>
                <mdui:Logo height="150" width="159" xml:lang="en">https://www.bankid.com/assets/logo-bank-id.svg</mdui:Logo>
            </mdui:UIInfo>
        </md:Extensions>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://eidas.test.bankid.com/samlv2/idp/sloreq/0/0?mgvhostparam=0" ResponseLocation="https://eidas.test.bankid.com/samlv2/idp/sloresp/0/0?mgvhostparam=0"/>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://eidas.test.bankid.com/samlv2/idp/sloreq/0/0?mgvhostparam=0" ResponseLocation="https://eidas.test.bankid.com/samlv2/idp/sloresp/0/0?mgvhostparam=0"/>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://eidas.test.bankid.com/samlv2/idp/req/0/0?mgvhostparam=0"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://eidas.test.bankid.com/samlv2/idp/req/0/0?mgvhostparam=0"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="en">Finansiell ID-Teknik BID AB</md:OrganizationName>
        <md:OrganizationName xml:lang="sv">Finansiell ID-Teknik BID AB</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="en">Finansiell ID-Teknik BID AB</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="en">https://bankid.com</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="technical">
        <md:EmailAddress>produktinfo@bankid.com</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="support">
        <md:EmailAddress>produktinfo@bankid.com</md:EmailAddress>
    </md:ContactPerson>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

ERROR

Certificates

This service does not have any valid key certificates

EntityCategory-IdP

This Identity Provider has the following EntityCategory values for LoA and attribute profile:

-	*http://id.elegnamnden.se/ec/1.0/eidas-pnr-delivery*

EntityCategory-Consistency

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: BankID Test-IDP*
-	*en: BankID Test IDP*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: SAML Test-IDP för BankID*
-	*en: SAML Test IDP for BankID*

MDUI-Logotype

Working logotypes present:

H:150

W:159

Type:SVG

MDUI-Logotype

At least one logo contains vector graphic of type SVG. This gives the best expected UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/eidas-sub

- http://id.elegnamnden.se/loa/1.0/eidas-low

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.elegnamnden.se/loa/1.0/eidas-sub

- http://id.elegnamnden.se/loa/1.0/eidas-low

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://eidas.test.bankid.com/samlv2/idp/metadata/0/0 is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Finansiell ID-Teknik BID AB)

CONTACT-SUPP

Support contact e-mail (produktinfo@bankid.com) is present

CONTACT-TECH

Technical contact e-mail (produktinfo@bankid.com) is present

EIDAS-IdP

This IdP is configured to support the eIDAS proxy service through appropriate EntityCategory declarations and supports eIDAS LoA levels

Finansiell ID-Teknik BID AB (https://eidas.test.mobilityguard.com/samlv2/idp/metadata/0/0) (2) (1)

Finansiell ID-Teknik BID AB (https://eidas.test.mobilityguard.com/samlv2/idp/metadata/0/0)

(2)

(1)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="https://eidas.test.mobilityguard.com/samlv2/idp/metadata/0/0" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml2:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/eidas-pnr-delivery</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/general-ec/1.0/secure-authenticator-binding</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-sub</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-low</saml2:AttributeValue>
            </saml2:Attribute>
        </mdattr:EntityAttributes>
        <psc:RequestedPrincipalSelection xmlns:psc="http://id.swedenconnect.se/authn/1.0/principal-selection/ns">
            <psc:MatchValue Name="urn:oid:1.2.752.29.4.13"/>
        </psc:RequestedPrincipalSelection>
    </md:Extensions>
    <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">BankID Test IDP</mdui:DisplayName>
                <mdui:DisplayName xml:lang="sv">BankID Test-IDP</mdui:DisplayName>
                <mdui:Description xml:lang="en">SAML Test IDP for BankID</mdui:Description>
                <mdui:Description xml:lang="sv">SAML Test-IDP för BankID</mdui:Description>
                <mdui:Logo height="150" width="159" xml:lang="en">https://www.bankid.com/_themes/bankid-www/img/logo1-default.svg</mdui:Logo>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIFxTCCA62gAwIBAgIUB5GWkzUFVA1rdYgMB0ddQzlopU4wDQYJKoZIhvcNAQELBQAwcjELMAkG
A1UEBhMCU0UxHTAbBgNVBAgMFFZhc3RyYSBHb3RhbGFuZHMgTGFuMRkwFwYDVQQKDBBNb2JpbGl0
eUd1YXJkIEFCMSkwJwYDVQQDDCBlaWRhcy1pZHAudGVzdC5tb2JpbGl0eWd1YXJkLmNvbTAeFw0y
MTAyMTUxNTM2MzVaFw0zMTAyMTMxNTM2MzVaMHIxCzAJBgNVBAYTAlNFMR0wGwYDVQQIDBRWYXN0
cmEgR290YWxhbmRzIExhbjEZMBcGA1UECgwQTW9iaWxpdHlHdWFyZCBBQjEpMCcGA1UEAwwgZWlk
YXMtaWRwLnRlc3QubW9iaWxpdHlndWFyZC5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
AoICAQDc45gKLJkhp3h0tsPoH6gEwh3njLXWXXSJO+TOElkFlULxZY8y4bcjWD1AtYeTfpnzs8fH
W+MZkH/OF24nBj2tCjTytwDxU8aCHASK6wF5a8KF7m0mD+FDlhvSIT8Ts2W3IL1GRQkpxTNdv2Z9
5gRtMtkKf4ps8qKkdCMOlKgR/MBAxZ/LAKIGK6+o+Yey1koJClzTDFygNTTleeJFZbcevMbP9WPU
k0WfsSV/DVE4qqm+TtsxqIIwsAH+O7r8QOI7Hr5ttDiVK9lOYxvaRhPBMgC7r462qc8lzGY4vyH2
rc76VEIQv5Y0DTGcsfTUoyJFvtDlE8XblDLKQhDzbOmVlu80MEWMXyKriT+MFjtth+mDGjGhc0n8
mSnfqi9Z4CHsyNC/1MLcZw5TMat/RbTZtRhEiqsRfzh0gTSjLKjT2dlF2UVAU5wcSE1AqomODVwY
J0xBiv4u3RwJMADddKyMvh10qiOoN68pFV7vEUFpwRbgP+poSctyqYGcCcjm1C0XbEhQDFEGYK5W
0NqiaxTb5pTbfL+/RMSxoIyyjfgvcPIbLFD+75cmsmUPge9wgIXdD4qRt6nKP1gj5gL6w6EdzdG6
mO746oNWPjwH10eNHX4i/ZhFXyjs9a33SB4/z4MTRjDMVcdkm36dYW2ZADnKF4+PBWsoFUHljKXb
MK4pGwIDAQABo1MwUTAdBgNVHQ4EFgQUsWS+nTCKtelF/fQHN/46SEn+0lcwHwYDVR0jBBgwFoAU
sWS+nTCKtelF/fQHN/46SEn+0lcwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEA
bKfrvjUAaX8Ht3t6782FsgikPkSHxK631QFI20mJB9kbjl9xjglqZNshHyOSMJC6CqgS+Ny0LGNQ
tXiyrKUBRm9UukiGBzELUjR5OLgoA8t/qKQKNQ6ZWgjwXXy4gBLTNYXNuQ0Gjureu+TliBuOwFzq
xNa8lWG2u6aQZFm6NslDTs71Bq2rniMb2TFCsxfQxyrVlVD7YHYlQMu8RXcb6uVancPHrmufn3G2
+AMBAY/vEJ46cqV/RSzr50xQ1snF/RsHJVLdclreTy9mRrg2r94H8m32Z1F8647rRzdvME12zvBJ
jsQpPYw6dpUT4YlWtXZfqyd+siE6VJOqSzW9uEAvxwrKvGl3tkM2oLtn8lL+PMbfeJgP4icqvZ1G
+NVvcSJQOOnw8yQ01ItyaqIwiYST6wapYw9rpvx7Q0isV/Y3khbX6+VKA3wP0VHH0eNx9SJuq+dW
Qxa7niS3EttrurgfX7ubf93O1uFqE2hCCg8DjpiIz6Ouu5/W7DEqaKs2PST0Y+OlqomoILrhuPsS
JnoIBP5v/WSxXUUANl0czeymYwCLQVCo5ulXPzlSvHW3/kq+nHz41smG9CI9oxuNJ3MNCErtUrzM
uvtTwvnIxDbsx5BnUIjEHqOvcAv9oxIPGLr90RrIbYhG/thHLew30YOvjvig8JBUDAWtZBAdK08=</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://eidas.test.mobilityguard.com/samlv2/idp/sloreq/0/0?mgvhostparam=0" ResponseLocation="https://eidas.test.mobilityguard.com/samlv2/idp/sloresp/0/0?mgvhostparam=0"/>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://eidas.test.mobilityguard.com/samlv2/idp/sloreq/0/0?mgvhostparam=0" ResponseLocation="https://eidas.test.mobilityguard.com/samlv2/idp/sloresp/0/0?mgvhostparam=0"/>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://eidas.test.mobilityguard.com/samlv2/idp/req/0/0?mgvhostparam=0"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://eidas.test.mobilityguard.com/samlv2/idp/req/0/0?mgvhostparam=0"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="en">Finansiell ID-Teknik BID AB</md:OrganizationName>
        <md:OrganizationName xml:lang="sv">Finansiell ID-Teknik BID AB</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="en">Finansiell ID-Teknik BID AB</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="en">https://bankid.com</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="technical">
        <md:EmailAddress>produktinfo@bankid.com</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="support">
        <md:EmailAddress>produktinfo@bankid.com</md:EmailAddress>
    </md:ContactPerson>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

WARNING

Certificates

This service share the same certificate for signing and encryption

EntityCategory-IdP

This Identity Provider has the following EntityCategory values for LoA and attribute profile:

-	*http://id.elegnamnden.se/ec/1.0/eidas-pnr-delivery*

EntityCategory-Consistency

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: BankID Test-IDP*
-	*en: BankID Test IDP*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: SAML Test-IDP för BankID*
-	*en: SAML Test IDP for BankID*

ERROR

MDUI-Logotype

No working logotype are present in mdui

ERROR

MDUI-Logotype

The following errors were encountered while processing logotypes:

-	Logotype download from: *https://www.bankid.com/_themes/bankid-www/img/logo1-default.svg* failed with HTTP response code *404*

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/eidas-sub

- http://id.elegnamnden.se/loa/1.0/eidas-low

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.elegnamnden.se/loa/1.0/eidas-sub

- http://id.elegnamnden.se/loa/1.0/eidas-low

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://eidas.test.mobilityguard.com/samlv2/idp/metadata/0/0 is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Finansiell ID-Teknik BID AB)

CONTACT-SUPP

Support contact e-mail (produktinfo@bankid.com) is present

CONTACT-TECH

Technical contact e-mail (produktinfo@bankid.com) is present

EIDAS-IdP

This IdP is configured to support the eIDAS proxy service through appropriate EntityCategory declarations and supports eIDAS LoA levels

Freja eID Group AB (https://idp-eid-board-st.test.frejaeid.com) (2) (1)

Freja eID Group AB (https://idp-eid-board-st.test.frejaeid.com)

(2)

(1)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor entityID="https://idp-eid-board-st.test.frejaeid.com" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml2:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa3</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa3-sigmessage</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-sub</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/loa3-pnr</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/eidas-pnr-delivery</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/contract/sc/eid-choice-2017</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/general-ec/1.0/secure-authenticator-binding</saml2:AttributeValue>
            </saml2:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">Freja eID Plus</mdui:DisplayName>
                <mdui:DisplayName xml:lang="sv">Freja eID Plus</mdui:DisplayName>
                <mdui:Description xml:lang="en">Freja eID is an electronic identity on your mobile that allows you to log in, sign and approve transactions. It comes with two levels of identity assurance, basic level and Freja eID Plus, which is officially approved by the Swedish E-identification board with the quality mark Svensk e-legitimation. Freja eID Plus gives you access to more services and a free ID protection, alerting you if your official residential address is changed.</mdui:Description>
                <mdui:Description xml:lang="sv">Freja eID är en mobil e-legitimation som gör att du kan logga in, skriva under och godkänna transaktioner hos anslutna tjänster. Den utfärdas i två olika tillitsnivåer, Freja eID Bas och Freja eID Plus, varav den senare har statliga E-legitimationsnämnden godkänt för kvalitetsmärket Svensk e-legitimation. Med Freja eID Plus kan du nå ännu fler tjänster och får även ett ID-Skydd som varnar ifall någon ändrar din folkbokföringsadress hos Skatteverket.</mdui:Description>
                <mdui:Logo height="75" width="75">https://idp-eid-board-st.test.frejaeid.com/idp/images/frejaeid_logo.svg</mdui:Logo>
                <mdui:Logo height="120" width="120">https://idp-eid-board-st.test.frejaeid.com/idp/images/frejaeid_logo_vertical.svg</mdui:Logo>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor use="signing" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIEdjCCAt6gAwIBAgIUb6DNeRmHNt+zvGp/agPoZjmXOYYwDQYJKoZIhvcNAQELBQAwgYMxCzAJBgNVBAYTAlNFMSMwIQYDVQRhExpGcmVqYSBlSUQgU1QgSXNzdWluZyBDQSB2NTEdMBsGA1UEChMUVmVyaXNlYyBGcmVqYSBlSUQgQUIxCzAJBgNVBAsTAlNUMSMwIQYDVQQDExpGcmVqYSBlSUQgU1QgSXNzdWluZyBDQSB2NTAeFw0yMTAzMTkxMjU2NDRaFw0yNDAzMTkxMjU2NDRaMHAxHzAdBgNVBAMMFmlkcF9zaWduaW5nX3N5c3RlbXRlc3QxFDASBgNVBGETCzU1NjU4Ny00Mzc2MQ0wCwYDVQQLEwRUZXN0MRswGQYDVQQKExJGcmVqYSBlSUQgR3JvdXAgQUIxCzAJBgNVBAYTAlNFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQHZqhHkQgRq7rK5C2WmRLhSzqRmNOMwYNYInAuSlX8Gq4ZcSNUQOB7tszSGSTvMNoxi6O/0zbVILJKiG3O6aFC5+Zmn445QmsCVzKM02K1Dpd8l4iVbtRnffiMgMYhsG6pBqRFD2C58MbQkyU8+BQsI6dhHZ1ATpN8c5tkVuHFkve7coGCOPsrVlq+t8Y575A9yyg0ESqNY0cqprIxjHwWyZMOiCQWqz2bvQ4yTbDfH0pZXofLz7I88muPa1MtYdo3frc28KTxykJiInSoYwO+SYynLm5LW3z++dauz6PUhHw5hvw1d3Zb9jxaBYBwTGYazNuUVbkDXo9mzmwAS2QIDAQABo3QwcjAOBgNVHQ8BAf8EBAMCBsAwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBTE2rUl52n7mrolaeuq9Eh9u1yNezASBgNVHSAECzAJMAcGBSoDBAUKMB0GA1UdDgQWBBRFa3tp3c3kiYy59wtRSF5D107RuDANBgkqhkiG9w0BAQsFAAOCAYEA4wja8+aOeXz6Q5t28jdfv1MazhAShc3tq4RSYsfkvWp06Ys5xNiPPzAJo+HYur/A9daVbHkXDitJna7PstKoqtM1SM/Te8SMN6wBsVTgK3Zaj+n97NtBwIFjO3y94soQXp+2IaJvOwabOYc9I0AQCBOgmq87BnLe0MP0UY+GwcFDjQkvQDEuiYs74DsUO81ZGGsvGmW9tOufrAB4JJfspQQ7pInLdc0xAx4lGhkaWKcjvomF+IwTdQQyMQcXvRAjohWagWxoxi4Z+A728z8XYvENRPn0kZZq3+poJXXYF2h0GcbygbH4Wx1a/uIhPRjwjzEit8SI7yVuufWCc4JqVfvHkOwDcaZBbBpMvBbO3Q/lparPowE0AVb0sODlrSzgweCRCJJ4St1QMFP/CBw2jvVrOJAKB6bAuDvzPStGAwpNIaeuX0HYyTe0GwMTa2QCPWEt99N+tarzBGfCziPSazA12KjQ6l3Zw5j04/3Vknj/Uwfy79TScUGOTikvhFDO</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="encryption" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIEeTCCAuGgAwIBAgIUO88TD1Y8GztHaZzwKj8voHZSL2YwDQYJKoZIhvcNAQELBQAwgYMxCzAJBgNVBAYTAlNFMSMwIQYDVQRhExpGcmVqYSBlSUQgU1QgSXNzdWluZyBDQSB2NTEdMBsGA1UEChMUVmVyaXNlYyBGcmVqYSBlSUQgQUIxCzAJBgNVBAsTAlNUMSMwIQYDVQQDExpGcmVqYSBlSUQgU1QgSXNzdWluZyBDQSB2NTAeFw0yMTAzMTkxMjU1NDhaFw0yNDAzMTkxMjU1NDhaMHMxIjAgBgNVBAMMGWlkcF9lbmNyeXB0aW9uX3N5c3RlbXRlc3QxFDASBgNVBGETCzU1NjU4Ny00Mzc2MQ0wCwYDVQQLEwRUZXN0MRswGQYDVQQKExJGcmVqYSBlSUQgR3JvdXAgQUIxCzAJBgNVBAYTAlNFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArox17YRX0xBUhvh6HTObhUAUUJAuN08wF5wohfhDZdhFDHCeQxXiGHWsGXg1P+3t2xQ3UVjMmnv8vR68kt3JFKU84s7cJXgjvKw+Y8ZjIkQWDJRaqiAE3LuNqStrC2JbZ+ukI45WLyXNII4KDdH0eWJiBkFPdwaecrO6MqlCiC7AP7iI8tI3hVokb85tPZ1ic4jPoeCdC4b3WvCCE77YYWPBV87DVbXiKfdoxCwOFrzUCLenTuO0Qg9IbfXXvWtoVza6cL8f5ZTnVV35CqMLVFU0/cPzdfzgSQB76j4Bf9HuZEMfvJy311yV7fSEfnGLWV5kIl5TMpT3pL3zAFde8QIDAQABo3QwcjAOBgNVHQ8BAf8EBAMCBDAwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBTE2rUl52n7mrolaeuq9Eh9u1yNezASBgNVHSAECzAJMAcGBSoDBAU4MB0GA1UdDgQWBBR7pVj0H/y+Y3vIKXTuhbZ08rCRrDANBgkqhkiG9w0BAQsFAAOCAYEAduRZfy0SfY9GJleBGLX/tQ0y6K7I4Rl+snoQaSw9RgPEpAPTOMY1oc+ZvE63FdLd1rOdFD86iiN6/sNY+BmoBIL7NJpqMxQpin6DK5n94afvdiur7KXpXT7MQh4LckPyuB7WJeKoLZnBMmtFM1K5fRanR1zJcM6wRGkw92iVb67rucD6zkqyM6w65CqKAN/TOPm+Y2q8n4MMbtYvkDrITtMGXm1G9RByO2V0/J258GVuLXUvK9ytdtYVKSOW9un47G7u6MFeF9sFtTgbpdqIgMbnYzUKGzF4fTE9XaYKlXoD62Jmkd18IcrFLYrnARakdiXcZe92wXFajPPLyvfv8YnVFT+dbqqy9kOCjLT6GEDrWn7Tsv6tbh3rKu0BIDbMhfY/+lWdBzhwQToS063HcHzp4kY1345TntoDJbIZe/n+JAnBX97ITwTKl0M6A4rdwHUwcLhjf7P1fxyhM2nwsKttCIl6PLxdD01HeupZw5H8MNG6aWtQIdtJR3I4U37Z</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
            <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
            <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
            <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
        </md:KeyDescriptor>
        <md:NameIDFormat xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-eid-board-st.test.frejaeid.com/idp/profile/SAML2/Redirect/SSO" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-eid-board-st.test.frejaeid.com/idp/profile/SAML2/POST/SSO" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"/>
    </IDPSSODescriptor>
    <Organization>
        <OrganizationName xml:lang="en">Freja eID Group AB</OrganizationName>
        <OrganizationName xml:lang="sv">Freja eID Group AB</OrganizationName>
        <OrganizationDisplayName xml:lang="en">Freja eID Group AB</OrganizationDisplayName>
        <OrganizationDisplayName xml:lang="sv">Freja eID Group AB</OrganizationDisplayName>
        <OrganizationURL xml:lang="en">https://frejaeid.com/en/</OrganizationURL>
        <OrganizationURL xml:lang="sv">https://frejaeid.com</OrganizationURL>
    </Organization>
    <ContactPerson contactType="technical">
        <Company>Freja eID Group AB</Company>
        <EmailAddress>partnersupport@frejaeid.com</EmailAddress>
    </ContactPerson>
    <ContactPerson contactType="support">
        <Company>Freja eID Group AB</Company>
        <EmailAddress>partnersupport@frejaeid.com</EmailAddress>
    </ContactPerson>
</EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

EntityCategory-IdP

This Identity Provider has the following EntityCategory values for LoA and attribute profile:

-	*http://id.elegnamnden.se/ec/1.0/loa3-pnr*
-	*http://id.elegnamnden.se/ec/1.0/eidas-pnr-delivery*

ERROR

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa3-pnr" does not have the required complementary EntityCategory value "http://id.swedenconnect.se/ec/1.0/loa3-name"

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa3-pnr" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/loa3

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/eidas-pnr-delivery" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/eidas-sub

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: Freja eID Plus*
-	*en: Freja eID Plus*

MDUI-Description

Description in Swedish and English present in mdui:

sv: Freja eID är en mobil e-legitimation som gör att du kan logga in, skriva under och godkänna transaktioner hos anslutna tjänster. Den utfärdas i två olika tillitsnivåer, Freja eID Bas och Freja eID Plus, varav den senare har statliga E-legitimationsnämnden godkänt för kvalitetsmärket Svensk e-legitimation. Med Freja eID Plus kan du nå ännu fler tjänster och får även ett ID-Skydd som varnar ifall någon ändrar din folkbokföringsadress hos Skatteverket.

en: Freja eID is an electronic identity on your mobile that allows you to log in, sign and approve transactions. It comes with two levels of identity assurance, basic level and Freja eID Plus, which is officially approved by the Swedish E-identification board with the quality mark Svensk e-legitimation. Freja eID Plus gives you access to more services and a free ID protection, alerting you if your official residential address is changed.

MDUI-Logotype

Working logotypes present:

H:75	W:75	Type:SVG
H:120	W:120	Type:SVG

WARNING

MDUI-Logotype

SVG image with embedded image:

-	The SVG image at *https://idp-eid-board-st.test.frejaeid.com/idp/images/frejaeid_logo.svg* has an embedded *PNG* pixel image element. This logotype is not a scalable vector graphic image.
-	The SVG image at *https://idp-eid-board-st.test.frejaeid.com/idp/images/frejaeid_logo_vertical.svg* has an embedded *PNG* pixel image element. This logotype is not a scalable vector graphic image.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/loa3

- http://id.elegnamnden.se/loa/1.0/loa3-sigmessage

- http://id.elegnamnden.se/loa/1.0/eidas-sub

ERROR

LOA

IdP declares the following deprecated Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/loa3-sigmessage

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://idp-eid-board-st.test.frejaeid.com is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Freja eID Group AB)

CONTACT-SUPP

Support contact e-mail (partnersupport@frejaeid.com) is present

CONTACT-TECH

Technical contact e-mail (partnersupport@frejaeid.com) is present

EIDAS-IdP

This IdP is configured to support the eIDAS proxy service through appropriate EntityCategory declarations and supports eIDAS LoA levels

Freja eID Group AB (https://idp-sweden-connect-valfr-2017-sandbox.test.frejaeid.com) (2)

Freja eID Group AB (https://idp-sweden-connect-valfr-2017-sandbox.test.frejaeid.com)

(2)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor entityID="https://idp-sweden-connect-valfr-2017-sandbox.test.frejaeid.com" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml2:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa3</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-nf-sub</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/loa3-pnr</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/eidas-pnr-delivery</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/contract/sc/eid-choice-2017</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/general-ec/1.0/secure-authenticator-binding</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/1.0/loa3-orgid</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/contract/sc/prepaid-auth-2021</saml2:AttributeValue>
            </saml2:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">Freja eID Plus</mdui:DisplayName>
                <mdui:DisplayName xml:lang="sv">Freja eID Plus</mdui:DisplayName>
                <mdui:Description xml:lang="en">Freja eID is an electronic identity on your mobile that allows you to log in, sign and approve transactions. It comes with two levels of identity assurance, basic level and Freja eID Plus, which is officially approved by the Swedish E-identification board with the quality mark Svensk e-legitimation. Freja eID Plus gives you access to more services and a free ID protection, alerting you if your official residential address is changed.</mdui:Description>
                <mdui:Description xml:lang="sv">Freja eID är en mobil e-legitimation som gör att du kan logga in, skriva under och godkänna transaktioner hos anslutna tjänster. Den utfärdas i två olika tillitsnivåer, Freja eID Bas och Freja eID Plus, varav den senare har statliga E-legitimationsnämnden godkänt för kvalitetsmärket Svensk e-legitimation. Med Freja eID Plus kan du nå ännu fler tjänster och får även ett ID-Skydd som varnar ifall någon ändrar din folkbokföringsadress hos Skatteverket.</mdui:Description>
                <mdui:Logo height="75" width="75">https://idp-sweden-connect-valfr-2017-sandbox.test.frejaeid.com/idp/images/frejaeid_logo.svg</mdui:Logo>
                <mdui:Logo height="120" width="120">https://idp-sweden-connect-valfr-2017-sandbox.test.frejaeid.com/idp/images/frejaeid_logo_vertical.svg</mdui:Logo>
            </mdui:UIInfo>
            <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0">5565874376</shibmd:Scope>
        </md:Extensions>
        <md:KeyDescriptor use="signing" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIID7jCCAtagAwIBAgIUANNr82B7dxbvJUNYMNnFbvASxAUwDQYJKoZIhvcNAQELBQAwgYMxCzAJBgNVBAYTAlNFMRIwEAYDVQQHEwlTdG9ja2hvbG0xFDASBgNVBGETCzU1OTExMC00ODA2MR0wGwYDVQQKExRWZXJpc2VjIEZyZWphIGVJRCBBQjENMAsGA1UECxMEVGVzdDEcMBoGA1UEAxMTUlNBIFRFU1QgSXNzdWluZyBDQTAeFw0yMTA0MDcwNzUwMTBaFw0yNDA0MDcwNzUwMTBaMGgxFjAUBgNVBAMTDUlEUCAoU2lnbmluZykxFDASBgNVBGETCzU1OTExMC00ODA2MQ0wCwYDVQQLEwRUZXN0MRwwGgYDVQQKExNGcmVqYSBlSUQgU3dlZGVuIEFCMQswCQYDVQQGEwJTRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOnuBjk7hgcK4AxA01DnKAYmNl8kYnt7RFrpL0m++dbDDpuX6/a0qwfGhnQxasU68w4opsV9LMIcx9ZVqrsvK37tBeP8s+IU2YP/Cx1+kEFTKS9eQn0I2OKMkn82Q32y6xYWjKaNVyTi1AMUv7GQZtlTqVJ7u5I/0x9DDXtNgUj/2S79SicAMD0qOunwKSC5grFyYR08oox+e8d4EuKY7hryNt2/pZQgeRU/Xjum/ztjoFxE/LwZIVqRkv/lrEZB+abHoluG2iIIWBbUYErjFo9Ua3r9iQ77wQwh7SkH93wjg+jPwYwzsE1hHjFT1KcxV508e25vhD1LQDewyxIODv8CAwEAAaN0MHIwDgYDVR0PAQH/BAQDAgbAMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUanyKD51wDhzaXy2gPCZfiOgVv5wwEgYDVR0gBAswCTAHBgUqAwQFCjAdBgNVHQ4EFgQUjL9J0am9Rt8oCe06PbclmInrZsYwDQYJKoZIhvcNAQELBQADggEBACuWj2anx0CNgD1yfZyZh+/75s+6G52OAYES8LUH741G0tYDXKdrk3yc4McwpoRuVuUlaScNhpgvZyYZGZbevpkxvLg2Eks5xii/kHoPW4ieOu1auJEe4vbnXPJTwMkuhOjOmbuZtpGmoUwbFizmdaKNPrOzYS3KBsPGRSlQ68Z4MOBwylOZtga1dGU9PTi0BJLoAHpkRP06+4KLY5XLs26Rm2mVzB/q6d2Dfn4xhi+MNkI8JRJ0fBNl6kPoYjmTtTEzIGPLzqN+kCyTgvaEy3MLT7W/dyAW3L7dDZ06oaEN7cqQgh8m09nbOpyqvsTw78lIeW5cjDZO8GgOaKkwRP4=</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="encryption" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIID7jCCAtagAwIBAgIUSznp2oorbBbUTATZ6h2HusyHF2cwDQYJKoZIhvcNAQELBQAwgYMxCzAJBgNVBAYTAlNFMRIwEAYDVQQHEwlTdG9ja2hvbG0xFDASBgNVBGETCzU1OTExMC00ODA2MR0wGwYDVQQKExRWZXJpc2VjIEZyZWphIGVJRCBBQjENMAsGA1UECxMEVGVzdDEcMBoGA1UEAxMTUlNBIFRFU1QgSXNzdWluZyBDQTAeFw0yMTA0MDcwNzUxNTZaFw0yNDA0MDcwNzUxNTZaMGsxGTAXBgNVBAMTEElEUCAoRW5jcnlwdGlvbikxFDASBgNVBGETCzU1OTExMC00ODA2MQ0wCwYDVQQLEwRUZXN0MRwwGgYDVQQKExNGcmVqYSBlSUQgU3dlZGVuIEFCMQswCQYDVQQGEwJTRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJJxKiwo9N99wx312MOV498yevHHnVyJSbf4NNewcrSoPEvAMJ71Cw8Q4Jw4T4T1ih+zhAgUz4wXZwCIQXoNW7AtiM0qxJCZeXIhMZ/6GJX4P1XBflRaR3MoVpsKhkAvVrB4z5oPQ2zE4REnaLs6ZEchBTt9GIEFWwdp5pgPV1mrRuCadNyHK9Gz1iJbsw3Mqh30g4S1RkTVak+Ap9HY6RDfxGy49TU1ZNHjDg0OUO0QOavSEeKnfUUD45PwJLmsSic2565eRq6ph7DlNRFOEN1AV7ZP2NdaY+/qkIML9n588fbnfjmJ1fTPR0AnexFTEH9F6n5SXQgA4lHss8ABDwECAwEAAaNxMG8wDgYDVR0PAQH/BAQDAgQwMB8GA1UdIwQYMBaAFGp8ig+dcA4c2l8toDwmX4joFb+cMBIGA1UdIAQLMAkwBwYFKgMEBQswCQYDVR0TBAIwADAdBgNVHQ4EFgQUCzQzmaBk+bsb86WsYcI+GCru9PQwDQYJKoZIhvcNAQELBQADggEBAFnL/YrIf3ALSWbSCdzS7fq8bf8CuLMpLL/95kMTjjm2TiNk6pc7r5ZouGu0m4WniNxG83awNl8pfKz2ZbwH/JuEFKgadnP3Md3pwoiJAr1EJD4kKSOpBTugKXBwp0aVm3qYkYGb91/bg7dZEIJcOW3JHlyEwBo3+fiNrKKNWUl8nM2D6ZHrMeEKVx/dEX5iYg/FOYBNRcLIiwXM8kFNkHLD29znZzCmyH526Q4N2pNOGfr0qsDOCuvn6UvqKei6Iw5uRffUjEk+G0HbpXACe88hgbFpfW5gfE0mVCcJp8vW7tdel+QtkiFj08KqmrwaL5Icc+agDnTNGZKgh1N6In0=</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
            <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
            <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
            <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
        </md:KeyDescriptor>
        <md:NameIDFormat xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-sweden-connect-valfr-2017-sandbox.test.frejaeid.com/idp/profile/SAML2/Redirect/SSO" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-sweden-connect-valfr-2017-sandbox.test.frejaeid.com/idp/profile/SAML2/POST/SSO" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"/>
    </IDPSSODescriptor>
    <Organization>
        <OrganizationName xml:lang="en">Freja eID Group AB</OrganizationName>
        <OrganizationName xml:lang="sv">Freja eID Group AB</OrganizationName>
        <OrganizationDisplayName xml:lang="en">Freja eID Group AB</OrganizationDisplayName>
        <OrganizationDisplayName xml:lang="sv">Freja eID Group AB</OrganizationDisplayName>
        <OrganizationURL xml:lang="en">https://frejaeid.com/en/</OrganizationURL>
        <OrganizationURL xml:lang="sv">https://frejaeid.com</OrganizationURL>
    </Organization>
    <ContactPerson contactType="technical">
        <Company>Freja eID Group AB</Company>
        <EmailAddress>partnersupport@frejaeid.com</EmailAddress>
    </ContactPerson>
    <ContactPerson contactType="support">
        <Company>Freja eID Group AB</Company>
        <EmailAddress>partnersupport@frejaeid.com</EmailAddress>
    </ContactPerson>
</EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

EntityCategory-IdP

This Identity Provider has the following EntityCategory values for LoA and attribute profile:

-	*http://id.elegnamnden.se/ec/1.0/loa3-pnr*
-	*http://id.elegnamnden.se/ec/1.0/eidas-pnr-delivery*
-	*http://id.swedenconnect.se/ec/1.0/loa3-orgid*

ERROR

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa3-pnr" does not have the required complementary EntityCategory value "http://id.swedenconnect.se/ec/1.0/loa3-name"

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa3-pnr" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/loa3

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/eidas-pnr-delivery" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/eidas-nf-sub

ERROR

EntityCategory-Consistency

The present EntityCategory value "http://id.swedenconnect.se/ec/1.0/loa3-orgid" does not have the required complementary EntityCategory value "http://id.swedenconnect.se/ec/1.0/loa3-name"

EntityCategory-Consistency

The present EntityCategory value "http://id.swedenconnect.se/ec/1.0/loa3-orgid" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/loa3

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: Freja eID Plus*
-	*en: Freja eID Plus*

MDUI-Description

Description in Swedish and English present in mdui:

MDUI-Logotype

Working logotypes present:

H:75	W:75	Type:SVG
H:120	W:120	Type:SVG

MDUI-Logotype

At least one logo contains vector graphic of type SVG. This gives the best expected UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/loa3

- http://id.elegnamnden.se/loa/1.0/eidas-nf-sub

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.elegnamnden.se/loa/1.0/loa3

- http://id.elegnamnden.se/loa/1.0/eidas-nf-sub

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://idp-sweden-connect-valfr-2017-sandbox.test.frejaeid.com is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Freja eID Group AB)

CONTACT-SUPP

Support contact e-mail (partnersupport@frejaeid.com) is present

CONTACT-TECH

Technical contact e-mail (partnersupport@frejaeid.com) is present

EIDAS-IdP

This IdP is configured to support the eIDAS proxy service through appropriate EntityCategory declarations and supports eIDAS LoA levels

Freja eID Group AB (https://idp.frejaeid.com/test/docker) (3)

Freja eID Group AB (https://idp.frejaeid.com/test/docker)

(3)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor entityID="https://idp.frejaeid.com/test/docker" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml2:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa3</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-nf-sub</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/eidas-pnr-delivery</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/general-ec/1.0/secure-authenticator-binding</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/1.0/loa3-orgid</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/contract/sc/prepaid-auth-2021</saml2:AttributeValue>
            </saml2:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <Extensions>
            <shibmd:Scope regexp="false" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0">******.***</shibmd:Scope>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">Freja eID Plus</mdui:DisplayName>
                <mdui:DisplayName xml:lang="sv">Freja eID Plus</mdui:DisplayName>
                <mdui:Description xml:lang="en">Freja eID is an electronic identity on your mobile that allows you to log in, sign and approve transactions. It comes with two levels of identity assurance, basic level and Freja eID Plus, which is officially approved by the Swedish E-identification board with the quality mark Svensk e-legitimation. Freja eID Plus gives you access to more services and a free ID protection, alerting you if your official residential address is changed.</mdui:Description>
                <mdui:Description xml:lang="sv">Freja eID är en mobil e-legitimation som gör att du kan logga in, skriva under och godkänna transaktioner hos anslutna tjänster. Den utfärdas i två olika tillitsnivåer, Freja eID Bas och Freja eID Plus, varav den senare har statliga E-legitimationsnämnden godkänt för kvalitetsmärket Svensk e-legitimation. Med Freja eID Plus kan du nå ännu fler tjänster och får även ett ID-Skydd som varnar ifall någon ändrar din folkbokföringsadress hos Skatteverket.</mdui:Description>
                <mdui:Logo height="75" width="75">https://localhost/idp/images/frejaeid_logo.svg</mdui:Logo>
                <mdui:Logo height="120" width="120">https://localhost/idp/images/frejaeid_logo_vertical.svg</mdui:Logo>
            </mdui:UIInfo>
        </Extensions>
        <md:KeyDescriptor use="signing" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIEcjCCAtqgAwIBAgIUA8DQlMDBwrpTGPB0336jLrJUOkgwDQYJKoZIhvcNAQELBQAwgYMxCzAJBgNVBAYTAlNFMSMwIQYDVQRhExpGcmVqYSBlSUQgU1QgSXNzdWluZyBDQSB2NTEdMBsGA1UEChMUVmVyaXNlYyBGcmVqYSBlSUQgQUIxCzAJBgNVBAsTAlNUMSMwIQYDVQQDExpGcmVqYSBlSUQgU1QgSXNzdWluZyBDQSB2NTAeFw0yMTAzMTIxMzI4MTFaFw0yNDAzMTIxMzI4MTFaMGwxGzAZBgNVBAMMEmlkcF9zaWduaW5nX2RvY2tlcjEUMBIGA1UEYRMLNTU2NTg3LTQzNzYxDTALBgNVBAsTBFRlc3QxGzAZBgNVBAoTEkZyZWphIGVJRCBHcm91cCBBQjELMAkGA1UEBhMCU0UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCqU7+eC1HcvsBylsJdw+Ln4gNCVvfg7qDtdxiTcxcowREXLQNeORQLWVTa5mHaH8RHm1afgfUf9lbY1dI9YXK/nb4p8W5IuQ08PfyvU19OgUJd6VWJsbcy+Jzm9OxF4qAZFh/43pC3j9JoZwE03vLG8/IIJBg/BXh7olqmY/9mCu8kUrhFq8oEbOW8b6+JopQkQc7/lnsJpSW+6ROJIm4exMWRh6ycpX7twh5fy7188t21Ndl1vJ0mO0erQc1rOqGIHjcl3b+B3nIaH7Skrcy1bLrI7KCS9cSzLVriYyKMOznPB+Z9k467QpUfBrQhTPPRMkKwg2SsZ9JVogqAs7xAgMBAAGjdDByMA4GA1UdDwEB/wQEAwIGwDAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFMTatSXnafuauiVp66r0SH27XI17MBIGA1UdIAQLMAkwBwYFKgMEBQowHQYDVR0OBBYEFIPkvvLrQ4B7aRp7jSm6LE9/zhU8MA0GCSqGSIb3DQEBCwUAA4IBgQB++d/dmtiPD5h1ZdcyGkbOB4wb46JpEcNeVY2ZZQVX+x58WnwnEWZXKiXn1xIKc7AdWJKTTEUGki0zgOTzLqPSTewLguUFoD33yCqWdktwxU3ydPGkCfE9MKl9ZCaWK2+E9fQ6UnPVVkrnJjfYnRb3sO+ZOC5xCNAe9QOnIj82QCXpgfWDIHU1Hhwowfey46C+Ya7kfG4z3kYf4PFprEOHzFnYu8Ys41yfT/QKC1vj28Kw9CLgYLJYSWLni6TQqO0wIbqeuVckB5n/AyDMO9gOGXCTbHfjtKCR+chS2n7d6Jt70jemtDv/UQ+JI3SgI35fsaWm0GE8mJJUb0VISZOdqltXz+5FcqwE339mKPoLo3dteYYvVWsOBOV5cyYa/kl7m2vcocdVVpAFBAXGho35rp7XzsIUYnMlDNRpFSXrvDOWn91c0zmESuKgviariXdp9wbfaYzKvZaHo5baDIe6hpAuJlubX1OLtTUHx0T2ho2RStV6nGCuFfugVLcz4W8=</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="encryption" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIEdTCCAt2gAwIBAgIUSoZExwT8eJ7p8Yd0LuEWtCNRIMMwDQYJKoZIhvcNAQELBQAwgYMxCzAJBgNVBAYTAlNFMSMwIQYDVQRhExpGcmVqYSBlSUQgU1QgSXNzdWluZyBDQSB2NTEdMBsGA1UEChMUVmVyaXNlYyBGcmVqYSBlSUQgQUIxCzAJBgNVBAsTAlNUMSMwIQYDVQQDExpGcmVqYSBlSUQgU1QgSXNzdWluZyBDQSB2NTAeFw0yMTAzMTIxMzI3MDlaFw0yNDAzMTIxMzI3MDlaMG8xHjAcBgNVBAMMFWlkcF9lbmNyeXB0aW9uX2RvY2tlcjEUMBIGA1UEYRMLNTU2NTg3LTQzNzYxDTALBgNVBAsTBFRlc3QxGzAZBgNVBAoTEkZyZWphIGVJRCBHcm91cCBBQjELMAkGA1UEBhMCU0UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgIVDuF068t6AqwkMHKOd4cR8J6qxCiHExh+3jzZQ4lsHHqoY55hPk1kN+JxBPd4EPKdtRRCp5dcWbJ6rjVGMM23DLHgN3493kV3ePG+8SrjHmACRK8UIVcW7Jjnp0jXhxeLD/Lne1WZ9Q+52NkXc2meZdfWwFu4adp4DFoaF+kDimD+pa1QOy2RX8qLmTLugK898UR2W7zPsYWAQOHcU3wbq/vRT9c2HAc7dRUarFG6kkGXhi93g7+TcVJ7l3t0Pf3Vqz77nCKuJj0Et3mkHoZA1h7Fo+EWUUSCMC5l0Sk6ZMdr2lIy+EzAdqNrzFM8BbFuH3eJak2Oq6uSUUr2eJAgMBAAGjdDByMA4GA1UdDwEB/wQEAwIEMDAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFMTatSXnafuauiVp66r0SH27XI17MBIGA1UdIAQLMAkwBwYFKgMEBTgwHQYDVR0OBBYEFJ1z2g6LJ4tw45E6cR/+nUw+laLaMA0GCSqGSIb3DQEBCwUAA4IBgQB60goD0M7VUhW2H8yHh/eMqfRGHP3QeWmGBhftLYhmpRPVpO7xu5DRj22YZwJ3vFF4F7FsKkAkgm0SjKkRfYeUblItkZZO28bbdLEYeoAfSjisSs2DKX573mLFDiMEr0R4c/43vTR/+Rf9yRvUlujM1pjZKndoXHRYs8Uw5TuUSaOXLqFxIGsvSZ+JejibRLxIxm4XXTiJfHB2t9djOhuEPhWl+WrPhneq8Uzq1tHWCiIFwZXsKodtIPnVyAGwWV4N8Np+fiv7FZ4q0dmJc/GBKY8WValCfCsPjkPRgd+6y7uSwoYKlYTCiGqLEI9iDgxN4aRxjWj7pU9NAszcPnXPRAb61j3rlcEMlnc0n5eWmUy6cAhYL4arlGQrb5eoNrqTyhTRCP5u/2YcF0Z9zEAU8nah0peKXzm0JXb0Hv6XJuPZnlibZFA10fNTWI7iVF9laINQv0YQ8BFkdf7FYdN9WPHfZG7wRhKdjsQ3c+nPNzp8Hvm+I9De/dD8rZlmeGw=</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
            <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
            <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
            <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
        </md:KeyDescriptor>
        <md:NameIDFormat xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://localhost/idp/profile/SAML2/Redirect/SSO" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://localhost/idp/profile/SAML2/POST/SSO" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"/>
    </IDPSSODescriptor>
    <Organization>
        <OrganizationName xml:lang="en">Freja eID Group AB</OrganizationName>
        <OrganizationName xml:lang="sv">Freja eID Group AB</OrganizationName>
        <OrganizationDisplayName xml:lang="en">Freja eID Group AB</OrganizationDisplayName>
        <OrganizationDisplayName xml:lang="sv">Freja eID Group AB</OrganizationDisplayName>
        <OrganizationURL xml:lang="en">https://frejaeid.com/en/</OrganizationURL>
        <OrganizationURL xml:lang="sv">https://frejaeid.com</OrganizationURL>
    </Organization>
    <ContactPerson contactType="technical">
        <Company>Freja eID Group AB</Company>
        <EmailAddress>partnersupport@frejaeid.com</EmailAddress>
    </ContactPerson>
    <ContactPerson contactType="support">
        <Company>Freja eID Group AB</Company>
        <EmailAddress>partnersupport@frejaeid.com</EmailAddress>
    </ContactPerson>
</EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

EntityCategory-IdP

This Identity Provider has the following EntityCategory values for LoA and attribute profile:

-	*http://id.elegnamnden.se/ec/1.0/eidas-pnr-delivery*
-	*http://id.swedenconnect.se/ec/1.0/loa3-orgid*

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/eidas-pnr-delivery" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/eidas-nf-sub

ERROR

EntityCategory-Consistency

The present EntityCategory value "http://id.swedenconnect.se/ec/1.0/loa3-orgid" does not have the required complementary EntityCategory value "http://id.swedenconnect.se/ec/1.0/loa3-name"

EntityCategory-Consistency

The present EntityCategory value "http://id.swedenconnect.se/ec/1.0/loa3-orgid" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/loa3

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: Freja eID Plus*
-	*en: Freja eID Plus*

MDUI-Description

Description in Swedish and English present in mdui:

ERROR

MDUI-Logotype

No working logotype are present in mdui

ERROR

MDUI-Logotype

The following errors were encountered while processing logotypes:

-	Logotype download from: *https://localhost/idp/images/frejaeid_logo.svg* failed with HTTP response code 0
-	Logotype download from: *https://localhost/idp/images/frejaeid_logo_vertical.svg* failed with HTTP response code 0

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/loa3

- http://id.elegnamnden.se/loa/1.0/eidas-nf-sub

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.elegnamnden.se/loa/1.0/loa3

- http://id.elegnamnden.se/loa/1.0/eidas-nf-sub

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://idp.frejaeid.com/test/docker is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Freja eID Group AB)

CONTACT-SUPP

Support contact e-mail (partnersupport@frejaeid.com) is present

CONTACT-TECH

Technical contact e-mail (partnersupport@frejaeid.com) is present

EIDAS-IdP

This IdP is configured to support the eIDAS proxy service through appropriate EntityCategory declarations and supports eIDAS LoA levels

Knowit Connectivity AB (https://devidp.identityhub.se/bankid) (1)

Knowit Connectivity AB (https://devidp.identityhub.se/bankid)

(1)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor entityID="https://devidp.identityhub.se/bankid" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
    <Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3</saml:AttributeValue>
            </saml:Attribute>
            <saml:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/sc/uncertified-loa3-pnr</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/contract/Cybercom/Pensionsmyndigheten/Leveransavtal-SYS-2015-71</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/contract/Cybercom/Bolagsverket/Leveransavtal-AVT-2015-105</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/contract/Cybercom/Domstolsverket/Elektronisk-Underskrift-1420-2018</saml:AttributeValue>
            </saml:Attribute>
        </mdattr:EntityAttributes>
        <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
    </Extensions>
    <IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <Extensions>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="sv">BankID</mdui:DisplayName>
                <mdui:DisplayName xml:lang="en">BankID</mdui:DisplayName>
                <mdui:Description xml:lang="sv">Legitimering eller underskrift med svenskt BankID på fil eller kort</mdui:Description>
                <mdui:Description xml:lang="en">Authentication or signing using a Swedish file-based or card-based BankID</mdui:Description>
                <mdui:Logo height="27" width="119">data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMTE5IiBoZWlnaHQ9IjI3IiB2aWV3Qm94PSIwIDAgMTE5IDI3IiBmaWxsPSJub25lIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPgo8bWFzayBpZD0ibWFzazAiIG1hc2stdHlwZT0iYWxwaGEiIG1hc2tVbml0cz0idXNlclNwYWNlT25Vc2UiIHg9IjAiIHk9IjIiIHdpZHRoPSIyMSIgaGVpZ2h0PSIyNSI+CjxwYXRoIGQ9Ik0wIDIuMDI3ODZIMjAuNDQ4NFYyNi41MjU2SDBWMi4wMjc4NloiIGZpbGw9IndoaXRlIi8+CjwvbWFzaz4KPGcgbWFzaz0idXJsKCNtYXNrMCkiPgo8cGF0aCBmaWxsLXJ1bGU9ImV2ZW5vZGQiIGNsaXAtcnVsZT0iZXZlbm9kZCIgZD0iTTE5LjcwMiA2Ljg0ODg5SDE2Ljg3MzVDMTUuOTg4NiA2Ljg0ODg5IDE1Ljg3OTggNi45NTgyMyAxNC44NTM1IDcuOTkxNTlDMTQuMzM3NCA4LjUxMDMxIDUuODIwNzMgMTcuMDg3NSA1LjgyMDczIDE3LjA4NzVWMi43NzI4OEM1LjgyMDczIDIuMjkyMzEgNS41NTgzMiAyLjAyNzg2IDUuMDc1NyAyLjAyNzg2SDAuNzQ1NDI4QzAuMjYyODE3IDIuMDI3ODYgLTAuMDAwNjEwMzUyIDIuMjkyMzEgLTAuMDAwNjEwMzUyIDIuNzcyODhWNC42OTc3M0MtMC4wMDA2MTAzNTIgNS4xODM0IDAuMjYyODE3IDUuNDQ2MzIgMC43NDU0MjggNS40NDYzMkgyLjMyOTU1VjIzLjEwMkgwLjc1MzU2NUMwLjI3MTQ2MiAyMy4xMDIgMC4wMDgwMzQ5NSAyMy4zNjU1IDAuMDA4MDM0OTUgMjMuODQ2MVYyNS43NzA5QzAuMDA4MDM0OTUgMjYuMjU0IDAuMjcxNDYyIDI2LjUyNTYgMC43NTM1NjUgMjYuNTI1Nkg3LjM3Njg4QzcuODYgMjYuNTI1NiA4LjEyNDk1IDI2LjI2MjIgOC4xMjQ5NSAyNS43ODAxVjIzLjg1MzdDOC4xMjQ5NSAyMy4zNjggNy44NiAyMy4xMDIgNy4zNzY4OCAyMy4xMDJINS44MjA3M1YyMS42NzQ2TDkuMjEyNzQgMTguMjI5N0wxNS4xODMxIDI1LjUyNzhDMTUuOTY4MyAyNi41MjU2IDE1Ljk2ODMgMjYuNTI1NiAxNy4xMTc2IDI2LjUyNTZIMTkuNjk2NEMyMC4xNzYgMjYuNTI1NiAyMC40Mzk5IDI2LjI2MjIgMjAuNDM5OSAyNS43ODAxVjIzLjg1MzdDMjAuNDM5OSAyMy4zNzE2IDIwLjE3NiAyMy4xMDkyIDE5LjY5NjQgMjMuMTA5MkgxNy41Njk3TDExLjYyOTkgMTUuNzc4NUwxNy4wNTg2IDEwLjI3NDVIMTkuNzAyQzIwLjE5MjMgMTAuMjc0NSAyMC40NDgxIDEwLjAzMjkgMjAuNDQ4MSA5LjU1NzQxVjcuNTk2NDVDMjAuNDQ4MSA3LjExMzg0IDIwLjE4MzYgNi44NDg4OSAxOS43MDIgNi44NDg4OVoiIGZpbGw9IiMzMzMzMzMiLz4KPC9nPgo8cGF0aCBmaWxsLXJ1bGU9ImV2ZW5vZGQiIGNsaXAtcnVsZT0iZXZlbm9kZCIgZD0iTTQzLjAyOCAyMy4xMDkySDQxLjQ1OTZWMTQuNjg3N0M0MS40NTk2IDkuNjc0NDMgMzguMzAyIDYuNDM0NDggMzMuNDE3OSA2LjQzNDQ4QzMxLjE2NjEgNi40MzQ0OCAyOS4yNzU4IDcuMTI5MTUgMjcuNzk4NSA4LjQ5NzY1VjcuNjA0NjVDMjcuNzk4NSA3LjEyMjAzIDI3LjUzNDYgNi44NTc1OSAyNy4wNTM1IDYuODU3NTlIMjIuNzgxMkMyMi4yOTgxIDYuODU3NTkgMjIuMDM0MSA3LjExMzM5IDIyLjAzNDEgNy41OTg1NFY5LjUyMjM4QzIyLjAzNDEgMTAuMDA0NSAyMi4yOTgxIDEwLjI3NCAyMi43ODA3IDEwLjI3NEgyNC4zNDc1VjIzLjEwOTJIMjIuNzgwN0MyMi4yOTgxIDIzLjEwOTIgMjIuMDM0MSAyMy4zNzE2IDIyLjAzNDEgMjMuODUzN1YyNS43ODAxQzIyLjAzNDEgMjYuMjYwNyAyMi4yOTgxIDI2LjUyNTYgMjIuNzgwNyAyNi41MjU2SDI5LjM2ODRDMjkuODUxIDI2LjUyNTYgMzAuMTEzOSAyNi4yNjA3IDMwLjExMzkgMjUuNzgwMVYyMy44NTM3QzMwLjExMzkgMjMuMzcxNiAyOS44NTEgMjMuMTA5MiAyOS4zNjg0IDIzLjEwOTJIMjcuNzk4NVYxNS4yODgzQzI3Ljc5ODUgMTIuMDc2MyAzMC4wNTcgOS43NDQxIDMzLjE2NjIgOS43NDQxQzM2LjE5NDEgOS43NDQxIDM4LjAwMyAxMS43MDk2IDM4LjAwMyAxNS4wMDZWMjMuMTA5MkgzNi40MzcyQzM1Ljk1MyAyMy4xMDkyIDM1LjY4ODEgMjMuMzcxNiAzNS42ODgxIDIzLjg1MzdWMjUuNzgwMUMzNS42ODgxIDI2LjI2MDcgMzUuOTUzIDI2LjUyNTYgMzYuNDM3MiAyNi41MjU2SDQzLjAyOEM0My41MTA2IDI2LjUyNTYgNDMuNzc0IDI2LjI2MDcgNDMuNzc0IDI1Ljc4MDFWMjMuODUzN0M0My43NzQgMjMuMzcxNiA0My41MTA2IDIzLjEwOTIgNDMuMDI4IDIzLjEwOTJaIiBmaWxsPSIjMzMzMzMzIi8+CjxtYXNrIGlkPSJtYXNrMSIgbWFzay10eXBlPSJhbHBoYSIgbWFza1VuaXRzPSJ1c2VyU3BhY2VPblVzZSIgeD0iNDMiIHk9IjYiIHdpZHRoPSIyMSIgaGVpZ2h0PSIyMSI+CjxwYXRoIGQ9Ik00My42NjcyIDYuNDY0NjlINjMuNzY0NVYyNi45MTU5SDQzLjY2NzJWNi40NjQ2OVoiIGZpbGw9IndoaXRlIi8+CjwvbWFzaz4KPGcgbWFzaz0idXJsKCNtYXNrMSkiPgo8cGF0aCBmaWxsLXJ1bGU9ImV2ZW5vZGQiIGNsaXAtcnVsZT0iZXZlbm9kZCIgZD0iTTUzLjcyOTkgMjMuNTY3NkM1MC4xMDI5IDIzLjU2NzYgNDcuMjYwMSAyMC41MjMgNDcuMjYwMSAxNi42Mzc3QzQ3LjI2MDEgMTIuNzUwOCA1MC4wMTM0IDkuODE3MDMgNTMuNjYxNyA5LjgxNzAzQzU3LjMwOSA5LjgxNzAzIDYwLjE2ODEgMTIuODYwMiA2MC4xNjgxIDE2Ljc0MzRDNjAuMTY4MSAyMC42MzM4IDU3LjQwMDYgMjMuNTY3NiA1My43Mjk5IDIzLjU2NzZaTTUzLjcyOTkgNi40NjQ2OUM0OC4wODc1IDYuNDY0NjkgNDMuNjY3MiAxMC45ODExIDQzLjY2NzIgMTYuNzQzNEM0My42NjcyIDIyLjQ0NTggNDguMDU3NSAyNi45MTU5IDUzLjY2MTcgMjYuOTE1OUM1OS4zMjc0IDI2LjkxNTkgNjMuNzY0NSAyMi40MDIgNjMuNzY0NSAxNi42Mzc3QzYzLjc2NDUgMTAuOTMyMyA1OS4zNTc0IDYuNDY0NjkgNTMuNzI5OSA2LjQ2NDY5WiIgZmlsbD0iIzMzMzMzMyIvPgo8L2c+CjxwYXRoIGZpbGwtcnVsZT0iZXZlbm9kZCIgY2xpcC1ydWxlPSJldmVub2RkIiBkPSJNOTMuMDMzOSA2Ljg1NzYySDg2LjI2NTJDODUuNzgyNiA2Ljg1NzYyIDg1LjUxODEgNy4xMjI1NyA4NS41MTgxIDcuNjA0NjhWOS41MjkwMkM4NS41MTgxIDEwLjAxMDEgODUuNzgyNiAxMC4yNzQgODYuMjY1MiAxMC4yNzRIODcuNzg2Mkw4NC41NjEgMjAuNjk4Mkw3OS45OTYzIDcuNDE3MDJDNzkuODcxNyA3LjA2MDUzIDc5LjUzODYgNi44MjM1NSA3OS4xNjc5IDYuODIzNTVINzcuODE4N0M3Ny40NDI5IDYuODIzNTUgNzcuMTA5OCA3LjA2MDUzIDc2Ljk4NjcgNy40MTcwMkw3Mi40Njc4IDIwLjY5MjFMNjkuMjQwNiAxMC4yNzRINzAuNzYzNkM3MS4yNDUyIDEwLjI3NCA3MS41MDg3IDEwLjAxMDEgNzEuNTA4NyA5LjUyOTAyVjcuNjA0NjhDNzEuNTA4NyA3LjEyMjU3IDcxLjI0NTIgNi44NTc2MiA3MC43NjM2IDYuODU3NjJINjMuOTE5NkM2My40MzU1IDYuODU3NjIgNjMuMTcwNSA3LjEyMjU3IDYzLjE3MDUgNy42MDQ2OFY5LjUyOTAyQzYzLjE3MDUgMTAuMDEwMSA2My40MzU1IDEwLjI3NCA2My45MTk2IDEwLjI3NEg2NS41MjcxTDcwLjg5MTggMjYuMDIxN0M3MS4wMTY0IDI2LjM2NTUgNzEuMzQ2NCAyNi41OTk5IDcxLjcxMzYgMjYuNTk5OUg3My4xNzExQzczLjU0NDkgMjYuNTk5OSA3My44NzcgMjYuMzYwOSA3My45OTc1IDI2LjAwNTlMNzguNDg2NCAxMy4xMDExTDgyLjk1MzUgMjYuMDA1OUM4My4wNzMgMjYuMzYwOSA4My40MDYxIDI2LjU5OTkgODMuNzgxOSAyNi41OTk5SDg1LjI0MUM4NS42MDgxIDI2LjU5OTkgODUuOTM4MiAyNi4zNjU1IDg2LjA2MTMgMjYuMDIzN0w5MS40Mjg1IDEwLjI3NEg5My4wMzM5QzkzLjUxOTEgMTAuMjc0IDkzLjc4NCAxMC4wMTAxIDkzLjc4NCA5LjUyOTAyVjcuNjA0NjhDOTMuNzg0IDcuMTIyNTcgOTMuNTE5MSA2Ljg1NzYyIDkzLjAzMzkgNi44NTc2MloiIGZpbGw9IiMzMzMzMzMiLz4KPG1hc2sgaWQ9Im1hc2syIiBtYXNrLXR5cGU9ImFscGhhIiBtYXNrVW5pdHM9InVzZXJTcGFjZU9uVXNlIiB4PSIxMDMiIHk9IjIiIHdpZHRoPSIxNiIgaGVpZ2h0PSIyNSI+CjxwYXRoIGQ9Ik0xMDMuODk4IDIuMDE5MkgxMTguNjc0VjI2Ljg0NDRIMTAzLjg5OFYyLjAxOTJaIiBmaWxsPSJ3aGl0ZSIvPgo8L21hc2s+CjxnIG1hc2s9InVybCgjbWFzazIpIj4KPHBhdGggZmlsbC1ydWxlPSJldmVub2RkIiBjbGlwLXJ1bGU9ImV2ZW5vZGQiIGQ9Ik0xMTcuOTI4IDE2LjUyNEgxMTYuMDMxQzExNS41NDggMTYuNTI0IDExNS4yODMgMTYuNzg2NCAxMTUuMjgzIDE3LjI2OVYyMC45MTQzQzExNS4yODMgMjIuMTY3MyAxMTQuMzkxIDIzLjQ2NTEgMTEyLjg5NiAyMy40NjUxQzExMS4wMiAyMy40NjUxIDExMC4yMiAyMi42ODQ1IDExMC4yMiAyMC44NjA0VjEwLjI3NDRIMTE0Ljc5OUMxMTUuMjgyIDEwLjI3NDQgMTE1LjU0NyAxMC4wMSAxMTUuNTQ3IDkuNTI5NDJWNy42MDQ1N0MxMTUuNTQ3IDcuMTIyNDYgMTE1LjI4MiA2Ljg1NzUxIDExNC43OTkgNi44NTc1MUgxMTAuMjJWMi43NjYyNUMxMTAuMjIgMi4yODM2NCAxMDkuOTU2IDIuMDE5MiAxMDkuNDc0IDIuMDE5MkgxMDcuNDhDMTA2Ljk5NSAyLjAxOTIgMTA2LjczIDIuMjgzNjQgMTA2LjczIDIuNzY2MjVWNi44NTc1MUgxMDQuNjQ1QzEwNC4xNjMgNi44NTc1MSAxMDMuODk4IDcuMTIyNDYgMTAzLjg5OCA3LjYwNDU3VjkuNTI5NDJDMTAzLjg5OCAxMC4wMSAxMDQuMTYzIDEwLjI3NDQgMTA0LjY0NSAxMC4yNzQ0SDEwNi43M1YyMS4wMzUzQzEwNi43MyAyNC41NjQxIDEwOS4wMzggMjYuODQ0NCAxMTIuNjA4IDI2Ljg0NDRDMTE2LjI5NCAyNi44NDQ0IDExOC42NzQgMjQuNjM3OCAxMTguNjc0IDIxLjIyMTRWMTcuMjY5QzExOC42NzQgMTYuNzg2NCAxMTguNDExIDE2LjUyNCAxMTcuOTI4IDE2LjUyNFoiIGZpbGw9IiMzMzMzMzMiLz4KPC9nPgo8cGF0aCBmaWxsLXJ1bGU9ImV2ZW5vZGQiIGNsaXAtcnVsZT0iZXZlbm9kZCIgZD0iTTEwMi42MTMgMjMuMTA5MkgxMDEuMDQ2VjcuNjA0NjZDMTAxLjA0NiA3LjEyMjA1IDEwMC43ODEgNi44NTc2IDEwMC4yOTcgNi44NTc2SDk1Ljk4NkM5NS41MDI0IDYuODU3NiA5NS4yMzg5IDcuMTIyMDUgOTUuMjM4OSA3LjYwNDY2VjkuNTI5Qzk1LjIzODkgMTAuMDEwMSA5NS41MDI0IDEwLjI3NCA5NS45ODYgMTAuMjc0SDk3LjU1NTlWMjMuMTA5Mkg5NC43MDY1Qzk0LjIyNDQgMjMuMTA5MiA5My45NjA0IDIzLjM3MTcgOTMuOTYwNCAyMy44NTM4VjI1Ljc4MDFDOTMuOTYwNCAyNi4yNjA3IDk0LjIyNDQgMjYuNTI1NyA5NC43MDY1IDI2LjUyNTdIMTAyLjYxM0MxMDMuMDk3IDI2LjUyNTcgMTAzLjM2MiAyNi4yNjA3IDEwMy4zNjIgMjUuNzgwMVYyMy44NTM4QzEwMy4zNjIgMjMuMzcxNyAxMDMuMDk3IDIzLjEwOTIgMTAyLjYxMyAyMy4xMDkyWiIgZmlsbD0iIzMzMzMzMyIvPgo8bWFzayBpZD0ibWFzazMiIG1hc2stdHlwZT0iYWxwaGEiIG1hc2tVbml0cz0idXNlclNwYWNlT25Vc2UiIHg9Ijk3IiB5PSIwIiB3aWR0aD0iNSIgaGVpZ2h0PSI1Ij4KPHBhdGggZD0iTTk3LjA3MDcgMEgxMDEuNDQ0VjQuMzczSDk3LjA3MDdWMFoiIGZpbGw9IndoaXRlIi8+CjwvbWFzaz4KPGcgbWFzaz0idXJsKCNtYXNrMykiPgo8cGF0aCBmaWxsLXJ1bGU9ImV2ZW5vZGQiIGNsaXAtcnVsZT0iZXZlbm9kZCIgZD0iTTk5LjI1NjkgNC4zNzNDMTAwLjQ2NSA0LjM3MyAxMDEuNDQ0IDMuMzk0MDQgMTAxLjQ0NCAyLjE4NjI0QzEwMS40NDQgMC45ODE0OTYgMTAwLjQ2NSAwIDk5LjI1NjkgMEM5OC4wNTEyIDAgOTcuMDcwNyAwLjk4MTQ5NiA5Ny4wNzA3IDIuMTg2MjRDOTcuMDcwNyAzLjM5NDA0IDk4LjA1MTIgNC4zNzMgOTkuMjU2OSA0LjM3M1oiIGZpbGw9IiMzMzMzMzMiLz4KPC9nPgo8L3N2Zz4K</mdui:Logo>
            </mdui:UIInfo>
            <psc:RequestedPrincipalSelection xmlns:psc="http://id.swedenconnect.se/authn/1.0/principal-selection/ns">
                <psc:MatchValue Name="urn:oid:1.2.752.29.4.13"/>
            </psc:RequestedPrincipalSelection>
        </Extensions>
        <KeyDescriptor use="signing">
            <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
                <X509Data>
                    <X509Certificate>MIIDBDCCAfCgAwIBAgIQqhpqLrofNo5FBvsRrnKzBTAJBgUrDgMCHQUAMBQxEjAQBgNVBAMTCWxvY2FsaG9zdDAeFw0xNDA0MDgwODU1MDZaFw0zOTEyMzEyMzU5NTlaMBQxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBGoAgIUr5FryIq4ZUtCy45ZanGPxnD9tH8WVzBuKzZZfOY+R0f5RGSYLURzyhajYO9e1MWRO71wPF/Nl8b15PvhsshooZUSK7YZ5VwiPe9jxFPPs1DGENIlla8NBPQkFPvyJ9BnIjFH6dlUAjaaC0N4HOb+rPF34NZUN7SWlA86PEkA0AR3gF4tBti3bx43yCRBvKcyoyYAHIIlASgqfxnrPVBnIFWUm0d1aQyRtTsm5xKK0/oYbwwpKEUBNef88XC4gGtfU/1C3diKXGFSEiGjqYQ8TZOM2IP2/mRx1ONa/ASOAhj3GRysda8occnODMuMzi0yQ8LqZ8K2j8YqvUCAwEAAaNaMFgwDwYDVR0TAQH/BAUwAwEB/zBFBgNVHQEEPjA8gBC5QDzTwIrxwmviqMXSWFHyoRYwFDESMBAGA1UEAxMJbG9jYWxob3N0ghCqGmouuh82jkUG+xGucrMFMAkGBSsOAwIdBQADggEBACahnay2R/0JWHdJtcpv297CUYxnRD1c1AEmRv2RtQZN0hcRjOnyIkojzzkLf6Svg9ugonOZoZz/LDxP6ffGeYwZnswo/hmwLcMUtRw0oIHuNp/H9w1D8Dq7iRG5jQknJrePlgBqJTKozSl7ZLG+S2WKr6QimWhWJuublF3wRfKTpsIWj8Crzh+WlV+fIle8qvft041iRd9xAoXyJ+/onGm/cpZflkKHWwkfIpGNgkMKVXyeLnVn8P5D4G2Hy+oDRRNOaHwo/lNrqCMvCO5FCRoqHAlErJrrrQXpeB1q9TgjnsZyd3/FeDmTNTl46ZhLQV+wOnhV2FATZiBZ4dvVWmA=</X509Certificate>
                </X509Data>
            </KeyInfo>
        </KeyDescriptor>
        <KeyDescriptor use="encryption">
            <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
                <X509Data>
                    <X509Certificate>MIIDEDCCAfigAwIBAgIQhVXzPJyWTaRA34KusDqWVjANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDEwlsb2NhbGhvc3QwHhcNMTYwNTI3MDcyODA4WhcNMjYwNTI3MDcyODA3WjAUMRIwEAYDVQQDEwlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRdtzF/pnJHsjCrcBP0PRB0pbUrGzssIiJjdsxi9JeDFiapfr0aK5Db6C60yUZ54qpx+vpeJJ7Vv/Ol+OlOhm4o6NeLouCfyg7egqu2vngcn7LEBIc4Nbsa6exrDeRF2qyc6oagzb+PVoIdjFa1rwNnLqAvCbWxR5VD70wi6rOyqjuXyd/fFau/xO9BQwJHrWLMxiSmEAWh0DxdsOzxBON+qOxh+2/eoOxh4PUUv11Mfi1nmV5NHqg4imhHCE+DLDvOeMpe1r9xGMMDdkmpvDlRiZriWleYk7YTX9UDI/48DRTCjVdd5Zbofw3S8S+283SFE/pv4/AKtF3GoAmN7BRAgMBAAGjXjBcMBMGA1UdJQQMMAoGCCsGAQUFBwMCMEUGA1UdAQQ+MDyAEB/i9rZREw5DFiy0GTaxDD6hFjAUMRIwEAYDVQQDEwlsb2NhbGhvc3SCEIVV8zyclk2kQN+CrrA6llYwDQYJKoZIhvcNAQELBQADggEBACTbLMvq1anQUPxIEoGyaBco+CjFNb8L19Hy0XbeNPpGPyS8b1SHi3GUZasIH+0T92f35UCe0a97QqunqKl75ZBFVFY3JsxSIS8IpgOT2TriL4xoqW0/qOs41C8SkyEfWUmFu5mwNjl+wWK9yD4Gxbza+9vNC02AveKdQXWwcRxzSBpD8L3GFGf1yQL0Vvi9GhxVWUFkfB61nSmQYlJz83+hDCdyhrTbq+r07JiLKiUpaVeP8SxXwhBcIvwAbh7PF01n51fbIjq5WFtVrJTH9jyUOMriSckSLcRZeAnD80w6fiUTFqfWDGouYWWULPwSeqaSw776n8JJ641tfs1Cx5E=</X509Certificate>
                </X509Data>
            </KeyInfo>
            <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
                <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" xmlns="http://www.w3.org/2000/09/xmldsig#"/>
            </EncryptionMethod>
            <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep">
                <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" xmlns="http://www.w3.org/2000/09/xmldsig#"/>
            </EncryptionMethod>
            <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
            <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
            <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
            <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
            <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
            <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
        </KeyDescriptor>
        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://devidp.identityhub.se/bankid/Logout/REDIRECT/"/>
        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://devidp.identityhub.se/bankid/Logout/POST/"/>
        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://devidp.identityhub.se/bankid/Authn/REDIRECT/"/>
        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://devidp.identityhub.se/bankid/Authn/POST/"/>
    </IDPSSODescriptor>
    <Organization>
        <OrganizationName xml:lang="sv">Knowit Connectivity AB</OrganizationName>
        <OrganizationName xml:lang="en">Knowit Connectivity AB</OrganizationName>
        <OrganizationDisplayName xml:lang="sv">Knowit Connectivity AB</OrganizationDisplayName>
        <OrganizationDisplayName xml:lang="en">Knowit Connectivity AB</OrganizationDisplayName>
        <OrganizationURL xml:lang="sv">https://knowit.se/</OrganizationURL>
        <OrganizationURL xml:lang="en">https://knowit.se/</OrganizationURL>
    </Organization>
    <ContactPerson contactType="support">
        <EmailAddress>servicedesk@cybercom.com</EmailAddress>
    </ContactPerson>
    <ContactPerson contactType="technical">
        <EmailAddress>servicedesk@cybercom.com</EmailAddress>
    </ContactPerson>
</EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

WARNING

EntityCategory-IdP

This Identity Provider does not have an EntityCategory value for LoA and attribute profile.
It is recommended that IdP's have at least one EntityCategory value that indicates supported attributes

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: BankID*
-	*en: BankID*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: Legitimering eller underskrift med svenskt BankID på fil eller kort*
-	*en: Authentication or signing using a Swedish file-based or card-based BankID*

MDUI-Logotype

Working logotypes present:

H:27

W:119

Type:SVG

MDUI-Logotype

At least one logo contains vector graphic of type SVG. This gives the best expected UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://devidp.identityhub.se/bankid is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Knowit Connectivity AB)

CONTACT-SUPP

Support contact e-mail (servicedesk@cybercom.com) is present

CONTACT-TECH

Technical contact e-mail (servicedesk@cybercom.com) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

Knowit Connectivity AB (https://devidp.identityhub.se/mobilt-bankid) (1)

Knowit Connectivity AB (https://devidp.identityhub.se/mobilt-bankid)

(1)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor entityID="https://devidp.identityhub.se/mobilt-bankid" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
    <Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/general-ec/1.0/secure-authenticator-binding</saml:AttributeValue>
            </saml:Attribute>
            <saml:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/sc/uncertified-loa3-pnr</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/contract/Cybercom/Pensionsmyndigheten/Leveransavtal-SYS-2015-71</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/contract/Cybercom/Bolagsverket/Leveransavtal-AVT-2015-105</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/contract/Cybercom/Domstolsverket/Elektronisk-Underskrift-1420-2018</saml:AttributeValue>
            </saml:Attribute>
        </mdattr:EntityAttributes>
        <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
    </Extensions>
    <IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <Extensions>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="sv">Mobilt BankID</mdui:DisplayName>
                <mdui:DisplayName xml:lang="en">Mobile BankID</mdui:DisplayName>
                <mdui:Description xml:lang="sv">Legitimering eller underskrift med svenskt Mobilt BankID</mdui:Description>
                <mdui:Description xml:lang="en">Authentication or signing using a Swedish Mobile BankID</mdui:Description>
                <mdui:Logo height="27" width="119">data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMTE5IiBoZWlnaHQ9IjI3IiB2aWV3Qm94PSIwIDAgMTE5IDI3IiBmaWxsPSJub25lIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPgo8bWFzayBpZD0ibWFzazAiIG1hc2stdHlwZT0iYWxwaGEiIG1hc2tVbml0cz0idXNlclNwYWNlT25Vc2UiIHg9IjAiIHk9IjIiIHdpZHRoPSIyMSIgaGVpZ2h0PSIyNSI+CjxwYXRoIGQ9Ik0wIDIuMDI3ODZIMjAuNDQ4NFYyNi41MjU2SDBWMi4wMjc4NloiIGZpbGw9IndoaXRlIi8+CjwvbWFzaz4KPGcgbWFzaz0idXJsKCNtYXNrMCkiPgo8cGF0aCBmaWxsLXJ1bGU9ImV2ZW5vZGQiIGNsaXAtcnVsZT0iZXZlbm9kZCIgZD0iTTE5LjcwMiA2Ljg0ODg5SDE2Ljg3MzVDMTUuOTg4NiA2Ljg0ODg5IDE1Ljg3OTggNi45NTgyMyAxNC44NTM1IDcuOTkxNTlDMTQuMzM3NCA4LjUxMDMxIDUuODIwNzMgMTcuMDg3NSA1LjgyMDczIDE3LjA4NzVWMi43NzI4OEM1LjgyMDczIDIuMjkyMzEgNS41NTgzMiAyLjAyNzg2IDUuMDc1NyAyLjAyNzg2SDAuNzQ1NDI4QzAuMjYyODE3IDIuMDI3ODYgLTAuMDAwNjEwMzUyIDIuMjkyMzEgLTAuMDAwNjEwMzUyIDIuNzcyODhWNC42OTc3M0MtMC4wMDA2MTAzNTIgNS4xODM0IDAuMjYyODE3IDUuNDQ2MzIgMC43NDU0MjggNS40NDYzMkgyLjMyOTU1VjIzLjEwMkgwLjc1MzU2NUMwLjI3MTQ2MiAyMy4xMDIgMC4wMDgwMzQ5NSAyMy4zNjU1IDAuMDA4MDM0OTUgMjMuODQ2MVYyNS43NzA5QzAuMDA4MDM0OTUgMjYuMjU0IDAuMjcxNDYyIDI2LjUyNTYgMC43NTM1NjUgMjYuNTI1Nkg3LjM3Njg4QzcuODYgMjYuNTI1NiA4LjEyNDk1IDI2LjI2MjIgOC4xMjQ5NSAyNS43ODAxVjIzLjg1MzdDOC4xMjQ5NSAyMy4zNjggNy44NiAyMy4xMDIgNy4zNzY4OCAyMy4xMDJINS44MjA3M1YyMS42NzQ2TDkuMjEyNzQgMTguMjI5N0wxNS4xODMxIDI1LjUyNzhDMTUuOTY4MyAyNi41MjU2IDE1Ljk2ODMgMjYuNTI1NiAxNy4xMTc2IDI2LjUyNTZIMTkuNjk2NEMyMC4xNzYgMjYuNTI1NiAyMC40Mzk5IDI2LjI2MjIgMjAuNDM5OSAyNS43ODAxVjIzLjg1MzdDMjAuNDM5OSAyMy4zNzE2IDIwLjE3NiAyMy4xMDkyIDE5LjY5NjQgMjMuMTA5MkgxNy41Njk3TDExLjYyOTkgMTUuNzc4NUwxNy4wNTg2IDEwLjI3NDVIMTkuNzAyQzIwLjE5MjMgMTAuMjc0NSAyMC40NDgxIDEwLjAzMjkgMjAuNDQ4MSA5LjU1NzQxVjcuNTk2NDVDMjAuNDQ4MSA3LjExMzg0IDIwLjE4MzYgNi44NDg4OSAxOS43MDIgNi44NDg4OVoiIGZpbGw9IiMzMzMzMzMiLz4KPC9nPgo8cGF0aCBmaWxsLXJ1bGU9ImV2ZW5vZGQiIGNsaXAtcnVsZT0iZXZlbm9kZCIgZD0iTTQzLjAyOCAyMy4xMDkySDQxLjQ1OTZWMTQuNjg3N0M0MS40NTk2IDkuNjc0NDMgMzguMzAyIDYuNDM0NDggMzMuNDE3OSA2LjQzNDQ4QzMxLjE2NjEgNi40MzQ0OCAyOS4yNzU4IDcuMTI5MTUgMjcuNzk4NSA4LjQ5NzY1VjcuNjA0NjVDMjcuNzk4NSA3LjEyMjAzIDI3LjUzNDYgNi44NTc1OSAyNy4wNTM1IDYuODU3NTlIMjIuNzgxMkMyMi4yOTgxIDYuODU3NTkgMjIuMDM0MSA3LjExMzM5IDIyLjAzNDEgNy41OTg1NFY5LjUyMjM4QzIyLjAzNDEgMTAuMDA0NSAyMi4yOTgxIDEwLjI3NCAyMi43ODA3IDEwLjI3NEgyNC4zNDc1VjIzLjEwOTJIMjIuNzgwN0MyMi4yOTgxIDIzLjEwOTIgMjIuMDM0MSAyMy4zNzE2IDIyLjAzNDEgMjMuODUzN1YyNS43ODAxQzIyLjAzNDEgMjYuMjYwNyAyMi4yOTgxIDI2LjUyNTYgMjIuNzgwNyAyNi41MjU2SDI5LjM2ODRDMjkuODUxIDI2LjUyNTYgMzAuMTEzOSAyNi4yNjA3IDMwLjExMzkgMjUuNzgwMVYyMy44NTM3QzMwLjExMzkgMjMuMzcxNiAyOS44NTEgMjMuMTA5MiAyOS4zNjg0IDIzLjEwOTJIMjcuNzk4NVYxNS4yODgzQzI3Ljc5ODUgMTIuMDc2MyAzMC4wNTcgOS43NDQxIDMzLjE2NjIgOS43NDQxQzM2LjE5NDEgOS43NDQxIDM4LjAwMyAxMS43MDk2IDM4LjAwMyAxNS4wMDZWMjMuMTA5MkgzNi40MzcyQzM1Ljk1MyAyMy4xMDkyIDM1LjY4ODEgMjMuMzcxNiAzNS42ODgxIDIzLjg1MzdWMjUuNzgwMUMzNS42ODgxIDI2LjI2MDcgMzUuOTUzIDI2LjUyNTYgMzYuNDM3MiAyNi41MjU2SDQzLjAyOEM0My41MTA2IDI2LjUyNTYgNDMuNzc0IDI2LjI2MDcgNDMuNzc0IDI1Ljc4MDFWMjMuODUzN0M0My43NzQgMjMuMzcxNiA0My41MTA2IDIzLjEwOTIgNDMuMDI4IDIzLjEwOTJaIiBmaWxsPSIjMzMzMzMzIi8+CjxtYXNrIGlkPSJtYXNrMSIgbWFzay10eXBlPSJhbHBoYSIgbWFza1VuaXRzPSJ1c2VyU3BhY2VPblVzZSIgeD0iNDMiIHk9IjYiIHdpZHRoPSIyMSIgaGVpZ2h0PSIyMSI+CjxwYXRoIGQ9Ik00My42NjcyIDYuNDY0NjlINjMuNzY0NVYyNi45MTU5SDQzLjY2NzJWNi40NjQ2OVoiIGZpbGw9IndoaXRlIi8+CjwvbWFzaz4KPGcgbWFzaz0idXJsKCNtYXNrMSkiPgo8cGF0aCBmaWxsLXJ1bGU9ImV2ZW5vZGQiIGNsaXAtcnVsZT0iZXZlbm9kZCIgZD0iTTUzLjcyOTkgMjMuNTY3NkM1MC4xMDI5IDIzLjU2NzYgNDcuMjYwMSAyMC41MjMgNDcuMjYwMSAxNi42Mzc3QzQ3LjI2MDEgMTIuNzUwOCA1MC4wMTM0IDkuODE3MDMgNTMuNjYxNyA5LjgxNzAzQzU3LjMwOSA5LjgxNzAzIDYwLjE2ODEgMTIuODYwMiA2MC4xNjgxIDE2Ljc0MzRDNjAuMTY4MSAyMC42MzM4IDU3LjQwMDYgMjMuNTY3NiA1My43Mjk5IDIzLjU2NzZaTTUzLjcyOTkgNi40NjQ2OUM0OC4wODc1IDYuNDY0NjkgNDMuNjY3MiAxMC45ODExIDQzLjY2NzIgMTYuNzQzNEM0My42NjcyIDIyLjQ0NTggNDguMDU3NSAyNi45MTU5IDUzLjY2MTcgMjYuOTE1OUM1OS4zMjc0IDI2LjkxNTkgNjMuNzY0NSAyMi40MDIgNjMuNzY0NSAxNi42Mzc3QzYzLjc2NDUgMTAuOTMyMyA1OS4zNTc0IDYuNDY0NjkgNTMuNzI5OSA2LjQ2NDY5WiIgZmlsbD0iIzMzMzMzMyIvPgo8L2c+CjxwYXRoIGZpbGwtcnVsZT0iZXZlbm9kZCIgY2xpcC1ydWxlPSJldmVub2RkIiBkPSJNOTMuMDMzOSA2Ljg1NzYySDg2LjI2NTJDODUuNzgyNiA2Ljg1NzYyIDg1LjUxODEgNy4xMjI1NyA4NS41MTgxIDcuNjA0NjhWOS41MjkwMkM4NS41MTgxIDEwLjAxMDEgODUuNzgyNiAxMC4yNzQgODYuMjY1MiAxMC4yNzRIODcuNzg2Mkw4NC41NjEgMjAuNjk4Mkw3OS45OTYzIDcuNDE3MDJDNzkuODcxNyA3LjA2MDUzIDc5LjUzODYgNi44MjM1NSA3OS4xNjc5IDYuODIzNTVINzcuODE4N0M3Ny40NDI5IDYuODIzNTUgNzcuMTA5OCA3LjA2MDUzIDc2Ljk4NjcgNy40MTcwMkw3Mi40Njc4IDIwLjY5MjFMNjkuMjQwNiAxMC4yNzRINzAuNzYzNkM3MS4yNDUyIDEwLjI3NCA3MS41MDg3IDEwLjAxMDEgNzEuNTA4NyA5LjUyOTAyVjcuNjA0NjhDNzEuNTA4NyA3LjEyMjU3IDcxLjI0NTIgNi44NTc2MiA3MC43NjM2IDYuODU3NjJINjMuOTE5NkM2My40MzU1IDYuODU3NjIgNjMuMTcwNSA3LjEyMjU3IDYzLjE3MDUgNy42MDQ2OFY5LjUyOTAyQzYzLjE3MDUgMTAuMDEwMSA2My40MzU1IDEwLjI3NCA2My45MTk2IDEwLjI3NEg2NS41MjcxTDcwLjg5MTggMjYuMDIxN0M3MS4wMTY0IDI2LjM2NTUgNzEuMzQ2NCAyNi41OTk5IDcxLjcxMzYgMjYuNTk5OUg3My4xNzExQzczLjU0NDkgMjYuNTk5OSA3My44NzcgMjYuMzYwOSA3My45OTc1IDI2LjAwNTlMNzguNDg2NCAxMy4xMDExTDgyLjk1MzUgMjYuMDA1OUM4My4wNzMgMjYuMzYwOSA4My40MDYxIDI2LjU5OTkgODMuNzgxOSAyNi41OTk5SDg1LjI0MUM4NS42MDgxIDI2LjU5OTkgODUuOTM4MiAyNi4zNjU1IDg2LjA2MTMgMjYuMDIzN0w5MS40Mjg1IDEwLjI3NEg5My4wMzM5QzkzLjUxOTEgMTAuMjc0IDkzLjc4NCAxMC4wMTAxIDkzLjc4NCA5LjUyOTAyVjcuNjA0NjhDOTMuNzg0IDcuMTIyNTcgOTMuNTE5MSA2Ljg1NzYyIDkzLjAzMzkgNi44NTc2MloiIGZpbGw9IiMzMzMzMzMiLz4KPG1hc2sgaWQ9Im1hc2syIiBtYXNrLXR5cGU9ImFscGhhIiBtYXNrVW5pdHM9InVzZXJTcGFjZU9uVXNlIiB4PSIxMDMiIHk9IjIiIHdpZHRoPSIxNiIgaGVpZ2h0PSIyNSI+CjxwYXRoIGQ9Ik0xMDMuODk4IDIuMDE5MkgxMTguNjc0VjI2Ljg0NDRIMTAzLjg5OFYyLjAxOTJaIiBmaWxsPSJ3aGl0ZSIvPgo8L21hc2s+CjxnIG1hc2s9InVybCgjbWFzazIpIj4KPHBhdGggZmlsbC1ydWxlPSJldmVub2RkIiBjbGlwLXJ1bGU9ImV2ZW5vZGQiIGQ9Ik0xMTcuOTI4IDE2LjUyNEgxMTYuMDMxQzExNS41NDggMTYuNTI0IDExNS4yODMgMTYuNzg2NCAxMTUuMjgzIDE3LjI2OVYyMC45MTQzQzExNS4yODMgMjIuMTY3MyAxMTQuMzkxIDIzLjQ2NTEgMTEyLjg5NiAyMy40NjUxQzExMS4wMiAyMy40NjUxIDExMC4yMiAyMi42ODQ1IDExMC4yMiAyMC44NjA0VjEwLjI3NDRIMTE0Ljc5OUMxMTUuMjgyIDEwLjI3NDQgMTE1LjU0NyAxMC4wMSAxMTUuNTQ3IDkuNTI5NDJWNy42MDQ1N0MxMTUuNTQ3IDcuMTIyNDYgMTE1LjI4MiA2Ljg1NzUxIDExNC43OTkgNi44NTc1MUgxMTAuMjJWMi43NjYyNUMxMTAuMjIgMi4yODM2NCAxMDkuOTU2IDIuMDE5MiAxMDkuNDc0IDIuMDE5MkgxMDcuNDhDMTA2Ljk5NSAyLjAxOTIgMTA2LjczIDIuMjgzNjQgMTA2LjczIDIuNzY2MjVWNi44NTc1MUgxMDQuNjQ1QzEwNC4xNjMgNi44NTc1MSAxMDMuODk4IDcuMTIyNDYgMTAzLjg5OCA3LjYwNDU3VjkuNTI5NDJDMTAzLjg5OCAxMC4wMSAxMDQuMTYzIDEwLjI3NDQgMTA0LjY0NSAxMC4yNzQ0SDEwNi43M1YyMS4wMzUzQzEwNi43MyAyNC41NjQxIDEwOS4wMzggMjYuODQ0NCAxMTIuNjA4IDI2Ljg0NDRDMTE2LjI5NCAyNi44NDQ0IDExOC42NzQgMjQuNjM3OCAxMTguNjc0IDIxLjIyMTRWMTcuMjY5QzExOC42NzQgMTYuNzg2NCAxMTguNDExIDE2LjUyNCAxMTcuOTI4IDE2LjUyNFoiIGZpbGw9IiMzMzMzMzMiLz4KPC9nPgo8cGF0aCBmaWxsLXJ1bGU9ImV2ZW5vZGQiIGNsaXAtcnVsZT0iZXZlbm9kZCIgZD0iTTEwMi42MTMgMjMuMTA5MkgxMDEuMDQ2VjcuNjA0NjZDMTAxLjA0NiA3LjEyMjA1IDEwMC43ODEgNi44NTc2IDEwMC4yOTcgNi44NTc2SDk1Ljk4NkM5NS41MDI0IDYuODU3NiA5NS4yMzg5IDcuMTIyMDUgOTUuMjM4OSA3LjYwNDY2VjkuNTI5Qzk1LjIzODkgMTAuMDEwMSA5NS41MDI0IDEwLjI3NCA5NS45ODYgMTAuMjc0SDk3LjU1NTlWMjMuMTA5Mkg5NC43MDY1Qzk0LjIyNDQgMjMuMTA5MiA5My45NjA0IDIzLjM3MTcgOTMuOTYwNCAyMy44NTM4VjI1Ljc4MDFDOTMuOTYwNCAyNi4yNjA3IDk0LjIyNDQgMjYuNTI1NyA5NC43MDY1IDI2LjUyNTdIMTAyLjYxM0MxMDMuMDk3IDI2LjUyNTcgMTAzLjM2MiAyNi4yNjA3IDEwMy4zNjIgMjUuNzgwMVYyMy44NTM4QzEwMy4zNjIgMjMuMzcxNyAxMDMuMDk3IDIzLjEwOTIgMTAyLjYxMyAyMy4xMDkyWiIgZmlsbD0iIzMzMzMzMyIvPgo8bWFzayBpZD0ibWFzazMiIG1hc2stdHlwZT0iYWxwaGEiIG1hc2tVbml0cz0idXNlclNwYWNlT25Vc2UiIHg9Ijk3IiB5PSIwIiB3aWR0aD0iNSIgaGVpZ2h0PSI1Ij4KPHBhdGggZD0iTTk3LjA3MDcgMEgxMDEuNDQ0VjQuMzczSDk3LjA3MDdWMFoiIGZpbGw9IndoaXRlIi8+CjwvbWFzaz4KPGcgbWFzaz0idXJsKCNtYXNrMykiPgo8cGF0aCBmaWxsLXJ1bGU9ImV2ZW5vZGQiIGNsaXAtcnVsZT0iZXZlbm9kZCIgZD0iTTk5LjI1NjkgNC4zNzNDMTAwLjQ2NSA0LjM3MyAxMDEuNDQ0IDMuMzk0MDQgMTAxLjQ0NCAyLjE4NjI0QzEwMS40NDQgMC45ODE0OTYgMTAwLjQ2NSAwIDk5LjI1NjkgMEM5OC4wNTEyIDAgOTcuMDcwNyAwLjk4MTQ5NiA5Ny4wNzA3IDIuMTg2MjRDOTcuMDcwNyAzLjM5NDA0IDk4LjA1MTIgNC4zNzMgOTkuMjU2OSA0LjM3M1oiIGZpbGw9IiMzMzMzMzMiLz4KPC9nPgo8L3N2Zz4K</mdui:Logo>
            </mdui:UIInfo>
            <psc:RequestedPrincipalSelection xmlns:psc="http://id.swedenconnect.se/authn/1.0/principal-selection/ns">
                <psc:MatchValue Name="urn:oid:1.2.752.29.4.13"/>
            </psc:RequestedPrincipalSelection>
        </Extensions>
        <KeyDescriptor use="signing">
            <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
                <X509Data>
                    <X509Certificate>MIIDBDCCAfCgAwIBAgIQqhpqLrofNo5FBvsRrnKzBTAJBgUrDgMCHQUAMBQxEjAQBgNVBAMTCWxvY2FsaG9zdDAeFw0xNDA0MDgwODU1MDZaFw0zOTEyMzEyMzU5NTlaMBQxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBGoAgIUr5FryIq4ZUtCy45ZanGPxnD9tH8WVzBuKzZZfOY+R0f5RGSYLURzyhajYO9e1MWRO71wPF/Nl8b15PvhsshooZUSK7YZ5VwiPe9jxFPPs1DGENIlla8NBPQkFPvyJ9BnIjFH6dlUAjaaC0N4HOb+rPF34NZUN7SWlA86PEkA0AR3gF4tBti3bx43yCRBvKcyoyYAHIIlASgqfxnrPVBnIFWUm0d1aQyRtTsm5xKK0/oYbwwpKEUBNef88XC4gGtfU/1C3diKXGFSEiGjqYQ8TZOM2IP2/mRx1ONa/ASOAhj3GRysda8occnODMuMzi0yQ8LqZ8K2j8YqvUCAwEAAaNaMFgwDwYDVR0TAQH/BAUwAwEB/zBFBgNVHQEEPjA8gBC5QDzTwIrxwmviqMXSWFHyoRYwFDESMBAGA1UEAxMJbG9jYWxob3N0ghCqGmouuh82jkUG+xGucrMFMAkGBSsOAwIdBQADggEBACahnay2R/0JWHdJtcpv297CUYxnRD1c1AEmRv2RtQZN0hcRjOnyIkojzzkLf6Svg9ugonOZoZz/LDxP6ffGeYwZnswo/hmwLcMUtRw0oIHuNp/H9w1D8Dq7iRG5jQknJrePlgBqJTKozSl7ZLG+S2WKr6QimWhWJuublF3wRfKTpsIWj8Crzh+WlV+fIle8qvft041iRd9xAoXyJ+/onGm/cpZflkKHWwkfIpGNgkMKVXyeLnVn8P5D4G2Hy+oDRRNOaHwo/lNrqCMvCO5FCRoqHAlErJrrrQXpeB1q9TgjnsZyd3/FeDmTNTl46ZhLQV+wOnhV2FATZiBZ4dvVWmA=</X509Certificate>
                </X509Data>
            </KeyInfo>
        </KeyDescriptor>
        <KeyDescriptor use="encryption">
            <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
                <X509Data>
                    <X509Certificate>MIIDEDCCAfigAwIBAgIQhVXzPJyWTaRA34KusDqWVjANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDEwlsb2NhbGhvc3QwHhcNMTYwNTI3MDcyODA4WhcNMjYwNTI3MDcyODA3WjAUMRIwEAYDVQQDEwlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRdtzF/pnJHsjCrcBP0PRB0pbUrGzssIiJjdsxi9JeDFiapfr0aK5Db6C60yUZ54qpx+vpeJJ7Vv/Ol+OlOhm4o6NeLouCfyg7egqu2vngcn7LEBIc4Nbsa6exrDeRF2qyc6oagzb+PVoIdjFa1rwNnLqAvCbWxR5VD70wi6rOyqjuXyd/fFau/xO9BQwJHrWLMxiSmEAWh0DxdsOzxBON+qOxh+2/eoOxh4PUUv11Mfi1nmV5NHqg4imhHCE+DLDvOeMpe1r9xGMMDdkmpvDlRiZriWleYk7YTX9UDI/48DRTCjVdd5Zbofw3S8S+283SFE/pv4/AKtF3GoAmN7BRAgMBAAGjXjBcMBMGA1UdJQQMMAoGCCsGAQUFBwMCMEUGA1UdAQQ+MDyAEB/i9rZREw5DFiy0GTaxDD6hFjAUMRIwEAYDVQQDEwlsb2NhbGhvc3SCEIVV8zyclk2kQN+CrrA6llYwDQYJKoZIhvcNAQELBQADggEBACTbLMvq1anQUPxIEoGyaBco+CjFNb8L19Hy0XbeNPpGPyS8b1SHi3GUZasIH+0T92f35UCe0a97QqunqKl75ZBFVFY3JsxSIS8IpgOT2TriL4xoqW0/qOs41C8SkyEfWUmFu5mwNjl+wWK9yD4Gxbza+9vNC02AveKdQXWwcRxzSBpD8L3GFGf1yQL0Vvi9GhxVWUFkfB61nSmQYlJz83+hDCdyhrTbq+r07JiLKiUpaVeP8SxXwhBcIvwAbh7PF01n51fbIjq5WFtVrJTH9jyUOMriSckSLcRZeAnD80w6fiUTFqfWDGouYWWULPwSeqaSw776n8JJ641tfs1Cx5E=</X509Certificate>
                </X509Data>
            </KeyInfo>
            <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
                <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" xmlns="http://www.w3.org/2000/09/xmldsig#"/>
            </EncryptionMethod>
            <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep">
                <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" xmlns="http://www.w3.org/2000/09/xmldsig#"/>
            </EncryptionMethod>
            <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
            <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
            <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
            <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
            <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
            <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
        </KeyDescriptor>
        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://devidp.identityhub.se/mobilt-bankid/Logout/REDIRECT/"/>
        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://devidp.identityhub.se/mobilt-bankid/Logout/POST/"/>
        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://devidp.identityhub.se/mobilt-bankid/Authn/REDIRECT/"/>
        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://devidp.identityhub.se/mobilt-bankid/Authn/POST/"/>
    </IDPSSODescriptor>
    <Organization>
        <OrganizationName xml:lang="sv">Knowit Connectivity AB</OrganizationName>
        <OrganizationName xml:lang="en">Knowit Connectivity AB</OrganizationName>
        <OrganizationDisplayName xml:lang="sv">Knowit Connectivity AB</OrganizationDisplayName>
        <OrganizationDisplayName xml:lang="en">Knowit Connectivity AB</OrganizationDisplayName>
        <OrganizationURL xml:lang="sv">https://knowit.se/</OrganizationURL>
        <OrganizationURL xml:lang="en">https://knowit.se/</OrganizationURL>
    </Organization>
    <ContactPerson contactType="support">
        <EmailAddress>servicedesk@cybercom.com</EmailAddress>
    </ContactPerson>
    <ContactPerson contactType="technical">
        <EmailAddress>servicedesk@cybercom.com</EmailAddress>
    </ContactPerson>
</EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

WARNING

EntityCategory-IdP

This Identity Provider does not have an EntityCategory value for LoA and attribute profile.
It is recommended that IdP's have at least one EntityCategory value that indicates supported attributes

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: Mobilt BankID*
-	*en: Mobile BankID*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: Legitimering eller underskrift med svenskt Mobilt BankID*
-	*en: Authentication or signing using a Swedish Mobile BankID*

MDUI-Logotype

Working logotypes present:

H:27

W:119

Type:SVG

MDUI-Logotype

At least one logo contains vector graphic of type SVG. This gives the best expected UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

- http://id.swedenconnect.se/general-ec/1.0/secure-authenticator-binding

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://devidp.identityhub.se/mobilt-bankid is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Knowit Connectivity AB)

CONTACT-SUPP

Support contact e-mail (servicedesk@cybercom.com) is present

CONTACT-TECH

Technical contact e-mail (servicedesk@cybercom.com) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

Knowit Connectivity AB (https://devidp.identityhub.se/mock) (1)

Knowit Connectivity AB (https://devidp.identityhub.se/mock)

(1)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor entityID="https://devidp.identityhub.se/mock" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
    <Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3</saml:AttributeValue>
            </saml:Attribute>
            <saml:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/sc/uncertified-loa3-pnr</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/contract/Cybercom/Pensionsmyndigheten/Leveransavtal-SYS-2015-71</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/contract/Cybercom/Bolagsverket/Leveransavtal-AVT-2015-105</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/contract/Cybercom/Domstolsverket/Elektronisk-Underskrift-1420-2018</saml:AttributeValue>
            </saml:Attribute>
        </mdattr:EntityAttributes>
        <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
    </Extensions>
    <IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <Extensions>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="sv">Knowit IdentityHub IdP - Mock</mdui:DisplayName>
                <mdui:DisplayName xml:lang="en">Knowit IdentityHub IdP - Mock</mdui:DisplayName>
                <mdui:Description xml:lang="sv">Knowit IdentityHub IdP - Mock</mdui:Description>
                <mdui:Description xml:lang="en">Knowit IdentityHub IdP - Mock</mdui:Description>
                <mdui:Logo height="27" width="119">data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMTE5IiBoZWlnaHQ9IjI3IiB2aWV3Qm94PSIwIDAgMTE5IDI3IiBmaWxsPSJub25lIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPgo8bWFzayBpZD0ibWFzazAiIG1hc2stdHlwZT0iYWxwaGEiIG1hc2tVbml0cz0idXNlclNwYWNlT25Vc2UiIHg9IjAiIHk9IjIiIHdpZHRoPSIyMSIgaGVpZ2h0PSIyNSI+CjxwYXRoIGQ9Ik0wIDIuMDI3ODZIMjAuNDQ4NFYyNi41MjU2SDBWMi4wMjc4NloiIGZpbGw9IndoaXRlIi8+CjwvbWFzaz4KPGcgbWFzaz0idXJsKCNtYXNrMCkiPgo8cGF0aCBmaWxsLXJ1bGU9ImV2ZW5vZGQiIGNsaXAtcnVsZT0iZXZlbm9kZCIgZD0iTTE5LjcwMiA2Ljg0ODg5SDE2Ljg3MzVDMTUuOTg4NiA2Ljg0ODg5IDE1Ljg3OTggNi45NTgyMyAxNC44NTM1IDcuOTkxNTlDMTQuMzM3NCA4LjUxMDMxIDUuODIwNzMgMTcuMDg3NSA1LjgyMDczIDE3LjA4NzVWMi43NzI4OEM1LjgyMDczIDIuMjkyMzEgNS41NTgzMiAyLjAyNzg2IDUuMDc1NyAyLjAyNzg2SDAuNzQ1NDI4QzAuMjYyODE3IDIuMDI3ODYgLTAuMDAwNjEwMzUyIDIuMjkyMzEgLTAuMDAwNjEwMzUyIDIuNzcyODhWNC42OTc3M0MtMC4wMDA2MTAzNTIgNS4xODM0IDAuMjYyODE3IDUuNDQ2MzIgMC43NDU0MjggNS40NDYzMkgyLjMyOTU1VjIzLjEwMkgwLjc1MzU2NUMwLjI3MTQ2MiAyMy4xMDIgMC4wMDgwMzQ5NSAyMy4zNjU1IDAuMDA4MDM0OTUgMjMuODQ2MVYyNS43NzA5QzAuMDA4MDM0OTUgMjYuMjU0IDAuMjcxNDYyIDI2LjUyNTYgMC43NTM1NjUgMjYuNTI1Nkg3LjM3Njg4QzcuODYgMjYuNTI1NiA4LjEyNDk1IDI2LjI2MjIgOC4xMjQ5NSAyNS43ODAxVjIzLjg1MzdDOC4xMjQ5NSAyMy4zNjggNy44NiAyMy4xMDIgNy4zNzY4OCAyMy4xMDJINS44MjA3M1YyMS42NzQ2TDkuMjEyNzQgMTguMjI5N0wxNS4xODMxIDI1LjUyNzhDMTUuOTY4MyAyNi41MjU2IDE1Ljk2ODMgMjYuNTI1NiAxNy4xMTc2IDI2LjUyNTZIMTkuNjk2NEMyMC4xNzYgMjYuNTI1NiAyMC40Mzk5IDI2LjI2MjIgMjAuNDM5OSAyNS43ODAxVjIzLjg1MzdDMjAuNDM5OSAyMy4zNzE2IDIwLjE3NiAyMy4xMDkyIDE5LjY5NjQgMjMuMTA5MkgxNy41Njk3TDExLjYyOTkgMTUuNzc4NUwxNy4wNTg2IDEwLjI3NDVIMTkuNzAyQzIwLjE5MjMgMTAuMjc0NSAyMC40NDgxIDEwLjAzMjkgMjAuNDQ4MSA5LjU1NzQxVjcuNTk2NDVDMjAuNDQ4MSA3LjExMzg0IDIwLjE4MzYgNi44NDg4OSAxOS43MDIgNi44NDg4OVoiIGZpbGw9IiMzMzMzMzMiLz4KPC9nPgo8cGF0aCBmaWxsLXJ1bGU9ImV2ZW5vZGQiIGNsaXAtcnVsZT0iZXZlbm9kZCIgZD0iTTQzLjAyOCAyMy4xMDkySDQxLjQ1OTZWMTQuNjg3N0M0MS40NTk2IDkuNjc0NDMgMzguMzAyIDYuNDM0NDggMzMuNDE3OSA2LjQzNDQ4QzMxLjE2NjEgNi40MzQ0OCAyOS4yNzU4IDcuMTI5MTUgMjcuNzk4NSA4LjQ5NzY1VjcuNjA0NjVDMjcuNzk4NSA3LjEyMjAzIDI3LjUzNDYgNi44NTc1OSAyNy4wNTM1IDYuODU3NTlIMjIuNzgxMkMyMi4yOTgxIDYuODU3NTkgMjIuMDM0MSA3LjExMzM5IDIyLjAzNDEgNy41OTg1NFY5LjUyMjM4QzIyLjAzNDEgMTAuMDA0NSAyMi4yOTgxIDEwLjI3NCAyMi43ODA3IDEwLjI3NEgyNC4zNDc1VjIzLjEwOTJIMjIuNzgwN0MyMi4yOTgxIDIzLjEwOTIgMjIuMDM0MSAyMy4zNzE2IDIyLjAzNDEgMjMuODUzN1YyNS43ODAxQzIyLjAzNDEgMjYuMjYwNyAyMi4yOTgxIDI2LjUyNTYgMjIuNzgwNyAyNi41MjU2SDI5LjM2ODRDMjkuODUxIDI2LjUyNTYgMzAuMTEzOSAyNi4yNjA3IDMwLjExMzkgMjUuNzgwMVYyMy44NTM3QzMwLjExMzkgMjMuMzcxNiAyOS44NTEgMjMuMTA5MiAyOS4zNjg0IDIzLjEwOTJIMjcuNzk4NVYxNS4yODgzQzI3Ljc5ODUgMTIuMDc2MyAzMC4wNTcgOS43NDQxIDMzLjE2NjIgOS43NDQxQzM2LjE5NDEgOS43NDQxIDM4LjAwMyAxMS43MDk2IDM4LjAwMyAxNS4wMDZWMjMuMTA5MkgzNi40MzcyQzM1Ljk1MyAyMy4xMDkyIDM1LjY4ODEgMjMuMzcxNiAzNS42ODgxIDIzLjg1MzdWMjUuNzgwMUMzNS42ODgxIDI2LjI2MDcgMzUuOTUzIDI2LjUyNTYgMzYuNDM3MiAyNi41MjU2SDQzLjAyOEM0My41MTA2IDI2LjUyNTYgNDMuNzc0IDI2LjI2MDcgNDMuNzc0IDI1Ljc4MDFWMjMuODUzN0M0My43NzQgMjMuMzcxNiA0My41MTA2IDIzLjEwOTIgNDMuMDI4IDIzLjEwOTJaIiBmaWxsPSIjMzMzMzMzIi8+CjxtYXNrIGlkPSJtYXNrMSIgbWFzay10eXBlPSJhbHBoYSIgbWFza1VuaXRzPSJ1c2VyU3BhY2VPblVzZSIgeD0iNDMiIHk9IjYiIHdpZHRoPSIyMSIgaGVpZ2h0PSIyMSI+CjxwYXRoIGQ9Ik00My42NjcyIDYuNDY0NjlINjMuNzY0NVYyNi45MTU5SDQzLjY2NzJWNi40NjQ2OVoiIGZpbGw9IndoaXRlIi8+CjwvbWFzaz4KPGcgbWFzaz0idXJsKCNtYXNrMSkiPgo8cGF0aCBmaWxsLXJ1bGU9ImV2ZW5vZGQiIGNsaXAtcnVsZT0iZXZlbm9kZCIgZD0iTTUzLjcyOTkgMjMuNTY3NkM1MC4xMDI5IDIzLjU2NzYgNDcuMjYwMSAyMC41MjMgNDcuMjYwMSAxNi42Mzc3QzQ3LjI2MDEgMTIuNzUwOCA1MC4wMTM0IDkuODE3MDMgNTMuNjYxNyA5LjgxNzAzQzU3LjMwOSA5LjgxNzAzIDYwLjE2ODEgMTIuODYwMiA2MC4xNjgxIDE2Ljc0MzRDNjAuMTY4MSAyMC42MzM4IDU3LjQwMDYgMjMuNTY3NiA1My43Mjk5IDIzLjU2NzZaTTUzLjcyOTkgNi40NjQ2OUM0OC4wODc1IDYuNDY0NjkgNDMuNjY3MiAxMC45ODExIDQzLjY2NzIgMTYuNzQzNEM0My42NjcyIDIyLjQ0NTggNDguMDU3NSAyNi45MTU5IDUzLjY2MTcgMjYuOTE1OUM1OS4zMjc0IDI2LjkxNTkgNjMuNzY0NSAyMi40MDIgNjMuNzY0NSAxNi42Mzc3QzYzLjc2NDUgMTAuOTMyMyA1OS4zNTc0IDYuNDY0NjkgNTMuNzI5OSA2LjQ2NDY5WiIgZmlsbD0iIzMzMzMzMyIvPgo8L2c+CjxwYXRoIGZpbGwtcnVsZT0iZXZlbm9kZCIgY2xpcC1ydWxlPSJldmVub2RkIiBkPSJNOTMuMDMzOSA2Ljg1NzYySDg2LjI2NTJDODUuNzgyNiA2Ljg1NzYyIDg1LjUxODEgNy4xMjI1NyA4NS41MTgxIDcuNjA0NjhWOS41MjkwMkM4NS41MTgxIDEwLjAxMDEgODUuNzgyNiAxMC4yNzQgODYuMjY1MiAxMC4yNzRIODcuNzg2Mkw4NC41NjEgMjAuNjk4Mkw3OS45OTYzIDcuNDE3MDJDNzkuODcxNyA3LjA2MDUzIDc5LjUzODYgNi44MjM1NSA3OS4xNjc5IDYuODIzNTVINzcuODE4N0M3Ny40NDI5IDYuODIzNTUgNzcuMTA5OCA3LjA2MDUzIDc2Ljk4NjcgNy40MTcwMkw3Mi40Njc4IDIwLjY5MjFMNjkuMjQwNiAxMC4yNzRINzAuNzYzNkM3MS4yNDUyIDEwLjI3NCA3MS41MDg3IDEwLjAxMDEgNzEuNTA4NyA5LjUyOTAyVjcuNjA0NjhDNzEuNTA4NyA3LjEyMjU3IDcxLjI0NTIgNi44NTc2MiA3MC43NjM2IDYuODU3NjJINjMuOTE5NkM2My40MzU1IDYuODU3NjIgNjMuMTcwNSA3LjEyMjU3IDYzLjE3MDUgNy42MDQ2OFY5LjUyOTAyQzYzLjE3MDUgMTAuMDEwMSA2My40MzU1IDEwLjI3NCA2My45MTk2IDEwLjI3NEg2NS41MjcxTDcwLjg5MTggMjYuMDIxN0M3MS4wMTY0IDI2LjM2NTUgNzEuMzQ2NCAyNi41OTk5IDcxLjcxMzYgMjYuNTk5OUg3My4xNzExQzczLjU0NDkgMjYuNTk5OSA3My44NzcgMjYuMzYwOSA3My45OTc1IDI2LjAwNTlMNzguNDg2NCAxMy4xMDExTDgyLjk1MzUgMjYuMDA1OUM4My4wNzMgMjYuMzYwOSA4My40MDYxIDI2LjU5OTkgODMuNzgxOSAyNi41OTk5SDg1LjI0MUM4NS42MDgxIDI2LjU5OTkgODUuOTM4MiAyNi4zNjU1IDg2LjA2MTMgMjYuMDIzN0w5MS40Mjg1IDEwLjI3NEg5My4wMzM5QzkzLjUxOTEgMTAuMjc0IDkzLjc4NCAxMC4wMTAxIDkzLjc4NCA5LjUyOTAyVjcuNjA0NjhDOTMuNzg0IDcuMTIyNTcgOTMuNTE5MSA2Ljg1NzYyIDkzLjAzMzkgNi44NTc2MloiIGZpbGw9IiMzMzMzMzMiLz4KPG1hc2sgaWQ9Im1hc2syIiBtYXNrLXR5cGU9ImFscGhhIiBtYXNrVW5pdHM9InVzZXJTcGFjZU9uVXNlIiB4PSIxMDMiIHk9IjIiIHdpZHRoPSIxNiIgaGVpZ2h0PSIyNSI+CjxwYXRoIGQ9Ik0xMDMuODk4IDIuMDE5MkgxMTguNjc0VjI2Ljg0NDRIMTAzLjg5OFYyLjAxOTJaIiBmaWxsPSJ3aGl0ZSIvPgo8L21hc2s+CjxnIG1hc2s9InVybCgjbWFzazIpIj4KPHBhdGggZmlsbC1ydWxlPSJldmVub2RkIiBjbGlwLXJ1bGU9ImV2ZW5vZGQiIGQ9Ik0xMTcuOTI4IDE2LjUyNEgxMTYuMDMxQzExNS41NDggMTYuNTI0IDExNS4yODMgMTYuNzg2NCAxMTUuMjgzIDE3LjI2OVYyMC45MTQzQzExNS4yODMgMjIuMTY3MyAxMTQuMzkxIDIzLjQ2NTEgMTEyLjg5NiAyMy40NjUxQzExMS4wMiAyMy40NjUxIDExMC4yMiAyMi42ODQ1IDExMC4yMiAyMC44NjA0VjEwLjI3NDRIMTE0Ljc5OUMxMTUuMjgyIDEwLjI3NDQgMTE1LjU0NyAxMC4wMSAxMTUuNTQ3IDkuNTI5NDJWNy42MDQ1N0MxMTUuNTQ3IDcuMTIyNDYgMTE1LjI4MiA2Ljg1NzUxIDExNC43OTkgNi44NTc1MUgxMTAuMjJWMi43NjYyNUMxMTAuMjIgMi4yODM2NCAxMDkuOTU2IDIuMDE5MiAxMDkuNDc0IDIuMDE5MkgxMDcuNDhDMTA2Ljk5NSAyLjAxOTIgMTA2LjczIDIuMjgzNjQgMTA2LjczIDIuNzY2MjVWNi44NTc1MUgxMDQuNjQ1QzEwNC4xNjMgNi44NTc1MSAxMDMuODk4IDcuMTIyNDYgMTAzLjg5OCA3LjYwNDU3VjkuNTI5NDJDMTAzLjg5OCAxMC4wMSAxMDQuMTYzIDEwLjI3NDQgMTA0LjY0NSAxMC4yNzQ0SDEwNi43M1YyMS4wMzUzQzEwNi43MyAyNC41NjQxIDEwOS4wMzggMjYuODQ0NCAxMTIuNjA4IDI2Ljg0NDRDMTE2LjI5NCAyNi44NDQ0IDExOC42NzQgMjQuNjM3OCAxMTguNjc0IDIxLjIyMTRWMTcuMjY5QzExOC42NzQgMTYuNzg2NCAxMTguNDExIDE2LjUyNCAxMTcuOTI4IDE2LjUyNFoiIGZpbGw9IiMzMzMzMzMiLz4KPC9nPgo8cGF0aCBmaWxsLXJ1bGU9ImV2ZW5vZGQiIGNsaXAtcnVsZT0iZXZlbm9kZCIgZD0iTTEwMi42MTMgMjMuMTA5MkgxMDEuMDQ2VjcuNjA0NjZDMTAxLjA0NiA3LjEyMjA1IDEwMC43ODEgNi44NTc2IDEwMC4yOTcgNi44NTc2SDk1Ljk4NkM5NS41MDI0IDYuODU3NiA5NS4yMzg5IDcuMTIyMDUgOTUuMjM4OSA3LjYwNDY2VjkuNTI5Qzk1LjIzODkgMTAuMDEwMSA5NS41MDI0IDEwLjI3NCA5NS45ODYgMTAuMjc0SDk3LjU1NTlWMjMuMTA5Mkg5NC43MDY1Qzk0LjIyNDQgMjMuMTA5MiA5My45NjA0IDIzLjM3MTcgOTMuOTYwNCAyMy44NTM4VjI1Ljc4MDFDOTMuOTYwNCAyNi4yNjA3IDk0LjIyNDQgMjYuNTI1NyA5NC43MDY1IDI2LjUyNTdIMTAyLjYxM0MxMDMuMDk3IDI2LjUyNTcgMTAzLjM2MiAyNi4yNjA3IDEwMy4zNjIgMjUuNzgwMVYyMy44NTM4QzEwMy4zNjIgMjMuMzcxNyAxMDMuMDk3IDIzLjEwOTIgMTAyLjYxMyAyMy4xMDkyWiIgZmlsbD0iIzMzMzMzMyIvPgo8bWFzayBpZD0ibWFzazMiIG1hc2stdHlwZT0iYWxwaGEiIG1hc2tVbml0cz0idXNlclNwYWNlT25Vc2UiIHg9Ijk3IiB5PSIwIiB3aWR0aD0iNSIgaGVpZ2h0PSI1Ij4KPHBhdGggZD0iTTk3LjA3MDcgMEgxMDEuNDQ0VjQuMzczSDk3LjA3MDdWMFoiIGZpbGw9IndoaXRlIi8+CjwvbWFzaz4KPGcgbWFzaz0idXJsKCNtYXNrMykiPgo8cGF0aCBmaWxsLXJ1bGU9ImV2ZW5vZGQiIGNsaXAtcnVsZT0iZXZlbm9kZCIgZD0iTTk5LjI1NjkgNC4zNzNDMTAwLjQ2NSA0LjM3MyAxMDEuNDQ0IDMuMzk0MDQgMTAxLjQ0NCAyLjE4NjI0QzEwMS40NDQgMC45ODE0OTYgMTAwLjQ2NSAwIDk5LjI1NjkgMEM5OC4wNTEyIDAgOTcuMDcwNyAwLjk4MTQ5NiA5Ny4wNzA3IDIuMTg2MjRDOTcuMDcwNyAzLjM5NDA0IDk4LjA1MTIgNC4zNzMgOTkuMjU2OSA0LjM3M1oiIGZpbGw9IiMzMzMzMzMiLz4KPC9nPgo8L3N2Zz4K</mdui:Logo>
            </mdui:UIInfo>
            <psc:RequestedPrincipalSelection xmlns:psc="http://id.swedenconnect.se/authn/1.0/principal-selection/ns">
                <psc:MatchValue Name="urn:oid:1.2.752.29.4.13"/>
            </psc:RequestedPrincipalSelection>
        </Extensions>
        <KeyDescriptor use="signing">
            <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
                <X509Data>
                    <X509Certificate>MIIDBDCCAfCgAwIBAgIQqhpqLrofNo5FBvsRrnKzBTAJBgUrDgMCHQUAMBQxEjAQBgNVBAMTCWxvY2FsaG9zdDAeFw0xNDA0MDgwODU1MDZaFw0zOTEyMzEyMzU5NTlaMBQxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBGoAgIUr5FryIq4ZUtCy45ZanGPxnD9tH8WVzBuKzZZfOY+R0f5RGSYLURzyhajYO9e1MWRO71wPF/Nl8b15PvhsshooZUSK7YZ5VwiPe9jxFPPs1DGENIlla8NBPQkFPvyJ9BnIjFH6dlUAjaaC0N4HOb+rPF34NZUN7SWlA86PEkA0AR3gF4tBti3bx43yCRBvKcyoyYAHIIlASgqfxnrPVBnIFWUm0d1aQyRtTsm5xKK0/oYbwwpKEUBNef88XC4gGtfU/1C3diKXGFSEiGjqYQ8TZOM2IP2/mRx1ONa/ASOAhj3GRysda8occnODMuMzi0yQ8LqZ8K2j8YqvUCAwEAAaNaMFgwDwYDVR0TAQH/BAUwAwEB/zBFBgNVHQEEPjA8gBC5QDzTwIrxwmviqMXSWFHyoRYwFDESMBAGA1UEAxMJbG9jYWxob3N0ghCqGmouuh82jkUG+xGucrMFMAkGBSsOAwIdBQADggEBACahnay2R/0JWHdJtcpv297CUYxnRD1c1AEmRv2RtQZN0hcRjOnyIkojzzkLf6Svg9ugonOZoZz/LDxP6ffGeYwZnswo/hmwLcMUtRw0oIHuNp/H9w1D8Dq7iRG5jQknJrePlgBqJTKozSl7ZLG+S2WKr6QimWhWJuublF3wRfKTpsIWj8Crzh+WlV+fIle8qvft041iRd9xAoXyJ+/onGm/cpZflkKHWwkfIpGNgkMKVXyeLnVn8P5D4G2Hy+oDRRNOaHwo/lNrqCMvCO5FCRoqHAlErJrrrQXpeB1q9TgjnsZyd3/FeDmTNTl46ZhLQV+wOnhV2FATZiBZ4dvVWmA=</X509Certificate>
                </X509Data>
            </KeyInfo>
        </KeyDescriptor>
        <KeyDescriptor use="encryption">
            <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
                <X509Data>
                    <X509Certificate>MIIDEDCCAfigAwIBAgIQhVXzPJyWTaRA34KusDqWVjANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDEwlsb2NhbGhvc3QwHhcNMTYwNTI3MDcyODA4WhcNMjYwNTI3MDcyODA3WjAUMRIwEAYDVQQDEwlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRdtzF/pnJHsjCrcBP0PRB0pbUrGzssIiJjdsxi9JeDFiapfr0aK5Db6C60yUZ54qpx+vpeJJ7Vv/Ol+OlOhm4o6NeLouCfyg7egqu2vngcn7LEBIc4Nbsa6exrDeRF2qyc6oagzb+PVoIdjFa1rwNnLqAvCbWxR5VD70wi6rOyqjuXyd/fFau/xO9BQwJHrWLMxiSmEAWh0DxdsOzxBON+qOxh+2/eoOxh4PUUv11Mfi1nmV5NHqg4imhHCE+DLDvOeMpe1r9xGMMDdkmpvDlRiZriWleYk7YTX9UDI/48DRTCjVdd5Zbofw3S8S+283SFE/pv4/AKtF3GoAmN7BRAgMBAAGjXjBcMBMGA1UdJQQMMAoGCCsGAQUFBwMCMEUGA1UdAQQ+MDyAEB/i9rZREw5DFiy0GTaxDD6hFjAUMRIwEAYDVQQDEwlsb2NhbGhvc3SCEIVV8zyclk2kQN+CrrA6llYwDQYJKoZIhvcNAQELBQADggEBACTbLMvq1anQUPxIEoGyaBco+CjFNb8L19Hy0XbeNPpGPyS8b1SHi3GUZasIH+0T92f35UCe0a97QqunqKl75ZBFVFY3JsxSIS8IpgOT2TriL4xoqW0/qOs41C8SkyEfWUmFu5mwNjl+wWK9yD4Gxbza+9vNC02AveKdQXWwcRxzSBpD8L3GFGf1yQL0Vvi9GhxVWUFkfB61nSmQYlJz83+hDCdyhrTbq+r07JiLKiUpaVeP8SxXwhBcIvwAbh7PF01n51fbIjq5WFtVrJTH9jyUOMriSckSLcRZeAnD80w6fiUTFqfWDGouYWWULPwSeqaSw776n8JJ641tfs1Cx5E=</X509Certificate>
                </X509Data>
            </KeyInfo>
            <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
                <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" xmlns="http://www.w3.org/2000/09/xmldsig#"/>
            </EncryptionMethod>
            <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep">
                <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" xmlns="http://www.w3.org/2000/09/xmldsig#"/>
            </EncryptionMethod>
            <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
            <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
            <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
            <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
            <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
            <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
        </KeyDescriptor>
        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://devidp.identityhub.se/mock/Logout/REDIRECT/"/>
        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://devidp.identityhub.se/mock/Logout/POST/"/>
        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://devidp.identityhub.se/mock/Authn/REDIRECT/"/>
        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://devidp.identityhub.se/mock/Authn/POST/"/>
    </IDPSSODescriptor>
    <Organization>
        <OrganizationName xml:lang="sv">Knowit Connectivity AB</OrganizationName>
        <OrganizationName xml:lang="en">Knowit Connectivity AB</OrganizationName>
        <OrganizationDisplayName xml:lang="sv">Knowit Connectivity AB</OrganizationDisplayName>
        <OrganizationDisplayName xml:lang="en">Knowit Connectivity AB</OrganizationDisplayName>
        <OrganizationURL xml:lang="sv">https://knowit.se/</OrganizationURL>
        <OrganizationURL xml:lang="en">https://knowit.se/</OrganizationURL>
    </Organization>
    <ContactPerson contactType="support">
        <EmailAddress>servicedesk@cybercom.com</EmailAddress>
    </ContactPerson>
    <ContactPerson contactType="technical">
        <EmailAddress>servicedesk@cybercom.com</EmailAddress>
    </ContactPerson>
</EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

WARNING

EntityCategory-IdP

This Identity Provider does not have an EntityCategory value for LoA and attribute profile.
It is recommended that IdP's have at least one EntityCategory value that indicates supported attributes

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: Knowit IdentityHub IdP - Mock*
-	*en: Knowit IdentityHub IdP - Mock*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: Knowit IdentityHub IdP - Mock*
-	*en: Knowit IdentityHub IdP - Mock*

MDUI-Logotype

Working logotypes present:

H:27

W:119

Type:SVG

MDUI-Logotype

At least one logo contains vector graphic of type SVG. This gives the best expected UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://devidp.identityhub.se/mock is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Knowit Connectivity AB)

CONTACT-SUPP

Support contact e-mail (servicedesk@cybercom.com) is present

CONTACT-TECH

Technical contact e-mail (servicedesk@cybercom.com) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

Knowit Connectivity AB (https://devidp.identityhub.se/siths-hsaid) (1)

Knowit Connectivity AB (https://devidp.identityhub.se/siths-hsaid)

(1)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor entityID="https://devidp.identityhub.se/siths-hsaid" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
    <Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3</saml:AttributeValue>
            </saml:Attribute>
            <saml:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/sc/uncertified-loa3-hsaid</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/contract/Cybercom/Pensionsmyndigheten/Leveransavtal-SYS-2015-71</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/contract/Cybercom/Bolagsverket/Leveransavtal-AVT-2015-105</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/contract/Cybercom/Domstolsverket/Elektronisk-Underskrift-1420-2018</saml:AttributeValue>
            </saml:Attribute>
        </mdattr:EntityAttributes>
        <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
    </Extensions>
    <IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <Extensions>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="sv">SITHS e-legitimation</mdui:DisplayName>
                <mdui:DisplayName xml:lang="en">SITHS e-ID</mdui:DisplayName>
                <mdui:Description xml:lang="sv">Legitimering eller underskrift med SITHS e-legitimation (HSA-id, ej personnummer) via Net iD plugin</mdui:Description>
                <mdui:Description xml:lang="en">Authentication or signing using SITHS eID via Net iD plugin</mdui:Description>
                <mdui:Logo height="27" width="119">data:image/svg+xml;base64,PHN2ZyB3aWR0aD0iMTE5IiBoZWlnaHQ9IjI3IiB2aWV3Qm94PSIwIDAgMTE5IDI3IiBmaWxsPSJub25lIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPgo8bWFzayBpZD0ibWFzazAiIG1hc2stdHlwZT0iYWxwaGEiIG1hc2tVbml0cz0idXNlclNwYWNlT25Vc2UiIHg9IjAiIHk9IjIiIHdpZHRoPSIyMSIgaGVpZ2h0PSIyNSI+CjxwYXRoIGQ9Ik0wIDIuMDI3ODZIMjAuNDQ4NFYyNi41MjU2SDBWMi4wMjc4NloiIGZpbGw9IndoaXRlIi8+CjwvbWFzaz4KPGcgbWFzaz0idXJsKCNtYXNrMCkiPgo8cGF0aCBmaWxsLXJ1bGU9ImV2ZW5vZGQiIGNsaXAtcnVsZT0iZXZlbm9kZCIgZD0iTTE5LjcwMiA2Ljg0ODg5SDE2Ljg3MzVDMTUuOTg4NiA2Ljg0ODg5IDE1Ljg3OTggNi45NTgyMyAxNC44NTM1IDcuOTkxNTlDMTQuMzM3NCA4LjUxMDMxIDUuODIwNzMgMTcuMDg3NSA1LjgyMDczIDE3LjA4NzVWMi43NzI4OEM1LjgyMDczIDIuMjkyMzEgNS41NTgzMiAyLjAyNzg2IDUuMDc1NyAyLjAyNzg2SDAuNzQ1NDI4QzAuMjYyODE3IDIuMDI3ODYgLTAuMDAwNjEwMzUyIDIuMjkyMzEgLTAuMDAwNjEwMzUyIDIuNzcyODhWNC42OTc3M0MtMC4wMDA2MTAzNTIgNS4xODM0IDAuMjYyODE3IDUuNDQ2MzIgMC43NDU0MjggNS40NDYzMkgyLjMyOTU1VjIzLjEwMkgwLjc1MzU2NUMwLjI3MTQ2MiAyMy4xMDIgMC4wMDgwMzQ5NSAyMy4zNjU1IDAuMDA4MDM0OTUgMjMuODQ2MVYyNS43NzA5QzAuMDA4MDM0OTUgMjYuMjU0IDAuMjcxNDYyIDI2LjUyNTYgMC43NTM1NjUgMjYuNTI1Nkg3LjM3Njg4QzcuODYgMjYuNTI1NiA4LjEyNDk1IDI2LjI2MjIgOC4xMjQ5NSAyNS43ODAxVjIzLjg1MzdDOC4xMjQ5NSAyMy4zNjggNy44NiAyMy4xMDIgNy4zNzY4OCAyMy4xMDJINS44MjA3M1YyMS42NzQ2TDkuMjEyNzQgMTguMjI5N0wxNS4xODMxIDI1LjUyNzhDMTUuOTY4MyAyNi41MjU2IDE1Ljk2ODMgMjYuNTI1NiAxNy4xMTc2IDI2LjUyNTZIMTkuNjk2NEMyMC4xNzYgMjYuNTI1NiAyMC40Mzk5IDI2LjI2MjIgMjAuNDM5OSAyNS43ODAxVjIzLjg1MzdDMjAuNDM5OSAyMy4zNzE2IDIwLjE3NiAyMy4xMDkyIDE5LjY5NjQgMjMuMTA5MkgxNy41Njk3TDExLjYyOTkgMTUuNzc4NUwxNy4wNTg2IDEwLjI3NDVIMTkuNzAyQzIwLjE5MjMgMTAuMjc0NSAyMC40NDgxIDEwLjAzMjkgMjAuNDQ4MSA5LjU1NzQxVjcuNTk2NDVDMjAuNDQ4MSA3LjExMzg0IDIwLjE4MzYgNi44NDg4OSAxOS43MDIgNi44NDg4OVoiIGZpbGw9IiMzMzMzMzMiLz4KPC9nPgo8cGF0aCBmaWxsLXJ1bGU9ImV2ZW5vZGQiIGNsaXAtcnVsZT0iZXZlbm9kZCIgZD0iTTQzLjAyOCAyMy4xMDkySDQxLjQ1OTZWMTQuNjg3N0M0MS40NTk2IDkuNjc0NDMgMzguMzAyIDYuNDM0NDggMzMuNDE3OSA2LjQzNDQ4QzMxLjE2NjEgNi40MzQ0OCAyOS4yNzU4IDcuMTI5MTUgMjcuNzk4NSA4LjQ5NzY1VjcuNjA0NjVDMjcuNzk4NSA3LjEyMjAzIDI3LjUzNDYgNi44NTc1OSAyNy4wNTM1IDYuODU3NTlIMjIuNzgxMkMyMi4yOTgxIDYuODU3NTkgMjIuMDM0MSA3LjExMzM5IDIyLjAzNDEgNy41OTg1NFY5LjUyMjM4QzIyLjAzNDEgMTAuMDA0NSAyMi4yOTgxIDEwLjI3NCAyMi43ODA3IDEwLjI3NEgyNC4zNDc1VjIzLjEwOTJIMjIuNzgwN0MyMi4yOTgxIDIzLjEwOTIgMjIuMDM0MSAyMy4zNzE2IDIyLjAzNDEgMjMuODUzN1YyNS43ODAxQzIyLjAzNDEgMjYuMjYwNyAyMi4yOTgxIDI2LjUyNTYgMjIuNzgwNyAyNi41MjU2SDI5LjM2ODRDMjkuODUxIDI2LjUyNTYgMzAuMTEzOSAyNi4yNjA3IDMwLjExMzkgMjUuNzgwMVYyMy44NTM3QzMwLjExMzkgMjMuMzcxNiAyOS44NTEgMjMuMTA5MiAyOS4zNjg0IDIzLjEwOTJIMjcuNzk4NVYxNS4yODgzQzI3Ljc5ODUgMTIuMDc2MyAzMC4wNTcgOS43NDQxIDMzLjE2NjIgOS43NDQxQzM2LjE5NDEgOS43NDQxIDM4LjAwMyAxMS43MDk2IDM4LjAwMyAxNS4wMDZWMjMuMTA5MkgzNi40MzcyQzM1Ljk1MyAyMy4xMDkyIDM1LjY4ODEgMjMuMzcxNiAzNS42ODgxIDIzLjg1MzdWMjUuNzgwMUMzNS42ODgxIDI2LjI2MDcgMzUuOTUzIDI2LjUyNTYgMzYuNDM3MiAyNi41MjU2SDQzLjAyOEM0My41MTA2IDI2LjUyNTYgNDMuNzc0IDI2LjI2MDcgNDMuNzc0IDI1Ljc4MDFWMjMuODUzN0M0My43NzQgMjMuMzcxNiA0My41MTA2IDIzLjEwOTIgNDMuMDI4IDIzLjEwOTJaIiBmaWxsPSIjMzMzMzMzIi8+CjxtYXNrIGlkPSJtYXNrMSIgbWFzay10eXBlPSJhbHBoYSIgbWFza1VuaXRzPSJ1c2VyU3BhY2VPblVzZSIgeD0iNDMiIHk9IjYiIHdpZHRoPSIyMSIgaGVpZ2h0PSIyMSI+CjxwYXRoIGQ9Ik00My42NjcyIDYuNDY0NjlINjMuNzY0NVYyNi45MTU5SDQzLjY2NzJWNi40NjQ2OVoiIGZpbGw9IndoaXRlIi8+CjwvbWFzaz4KPGcgbWFzaz0idXJsKCNtYXNrMSkiPgo8cGF0aCBmaWxsLXJ1bGU9ImV2ZW5vZGQiIGNsaXAtcnVsZT0iZXZlbm9kZCIgZD0iTTUzLjcyOTkgMjMuNTY3NkM1MC4xMDI5IDIzLjU2NzYgNDcuMjYwMSAyMC41MjMgNDcuMjYwMSAxNi42Mzc3QzQ3LjI2MDEgMTIuNzUwOCA1MC4wMTM0IDkuODE3MDMgNTMuNjYxNyA5LjgxNzAzQzU3LjMwOSA5LjgxNzAzIDYwLjE2ODEgMTIuODYwMiA2MC4xNjgxIDE2Ljc0MzRDNjAuMTY4MSAyMC42MzM4IDU3LjQwMDYgMjMuNTY3NiA1My43Mjk5IDIzLjU2NzZaTTUzLjcyOTkgNi40NjQ2OUM0OC4wODc1IDYuNDY0NjkgNDMuNjY3MiAxMC45ODExIDQzLjY2NzIgMTYuNzQzNEM0My42NjcyIDIyLjQ0NTggNDguMDU3NSAyNi45MTU5IDUzLjY2MTcgMjYuOTE1OUM1OS4zMjc0IDI2LjkxNTkgNjMuNzY0NSAyMi40MDIgNjMuNzY0NSAxNi42Mzc3QzYzLjc2NDUgMTAuOTMyMyA1OS4zNTc0IDYuNDY0NjkgNTMuNzI5OSA2LjQ2NDY5WiIgZmlsbD0iIzMzMzMzMyIvPgo8L2c+CjxwYXRoIGZpbGwtcnVsZT0iZXZlbm9kZCIgY2xpcC1ydWxlPSJldmVub2RkIiBkPSJNOTMuMDMzOSA2Ljg1NzYySDg2LjI2NTJDODUuNzgyNiA2Ljg1NzYyIDg1LjUxODEgNy4xMjI1NyA4NS41MTgxIDcuNjA0NjhWOS41MjkwMkM4NS41MTgxIDEwLjAxMDEgODUuNzgyNiAxMC4yNzQgODYuMjY1MiAxMC4yNzRIODcuNzg2Mkw4NC41NjEgMjAuNjk4Mkw3OS45OTYzIDcuNDE3MDJDNzkuODcxNyA3LjA2MDUzIDc5LjUzODYgNi44MjM1NSA3OS4xNjc5IDYuODIzNTVINzcuODE4N0M3Ny40NDI5IDYuODIzNTUgNzcuMTA5OCA3LjA2MDUzIDc2Ljk4NjcgNy40MTcwMkw3Mi40Njc4IDIwLjY5MjFMNjkuMjQwNiAxMC4yNzRINzAuNzYzNkM3MS4yNDUyIDEwLjI3NCA3MS41MDg3IDEwLjAxMDEgNzEuNTA4NyA5LjUyOTAyVjcuNjA0NjhDNzEuNTA4NyA3LjEyMjU3IDcxLjI0NTIgNi44NTc2MiA3MC43NjM2IDYuODU3NjJINjMuOTE5NkM2My40MzU1IDYuODU3NjIgNjMuMTcwNSA3LjEyMjU3IDYzLjE3MDUgNy42MDQ2OFY5LjUyOTAyQzYzLjE3MDUgMTAuMDEwMSA2My40MzU1IDEwLjI3NCA2My45MTk2IDEwLjI3NEg2NS41MjcxTDcwLjg5MTggMjYuMDIxN0M3MS4wMTY0IDI2LjM2NTUgNzEuMzQ2NCAyNi41OTk5IDcxLjcxMzYgMjYuNTk5OUg3My4xNzExQzczLjU0NDkgMjYuNTk5OSA3My44NzcgMjYuMzYwOSA3My45OTc1IDI2LjAwNTlMNzguNDg2NCAxMy4xMDExTDgyLjk1MzUgMjYuMDA1OUM4My4wNzMgMjYuMzYwOSA4My40MDYxIDI2LjU5OTkgODMuNzgxOSAyNi41OTk5SDg1LjI0MUM4NS42MDgxIDI2LjU5OTkgODUuOTM4MiAyNi4zNjU1IDg2LjA2MTMgMjYuMDIzN0w5MS40Mjg1IDEwLjI3NEg5My4wMzM5QzkzLjUxOTEgMTAuMjc0IDkzLjc4NCAxMC4wMTAxIDkzLjc4NCA5LjUyOTAyVjcuNjA0NjhDOTMuNzg0IDcuMTIyNTcgOTMuNTE5MSA2Ljg1NzYyIDkzLjAzMzkgNi44NTc2MloiIGZpbGw9IiMzMzMzMzMiLz4KPG1hc2sgaWQ9Im1hc2syIiBtYXNrLXR5cGU9ImFscGhhIiBtYXNrVW5pdHM9InVzZXJTcGFjZU9uVXNlIiB4PSIxMDMiIHk9IjIiIHdpZHRoPSIxNiIgaGVpZ2h0PSIyNSI+CjxwYXRoIGQ9Ik0xMDMuODk4IDIuMDE5MkgxMTguNjc0VjI2Ljg0NDRIMTAzLjg5OFYyLjAxOTJaIiBmaWxsPSJ3aGl0ZSIvPgo8L21hc2s+CjxnIG1hc2s9InVybCgjbWFzazIpIj4KPHBhdGggZmlsbC1ydWxlPSJldmVub2RkIiBjbGlwLXJ1bGU9ImV2ZW5vZGQiIGQ9Ik0xMTcuOTI4IDE2LjUyNEgxMTYuMDMxQzExNS41NDggMTYuNTI0IDExNS4yODMgMTYuNzg2NCAxMTUuMjgzIDE3LjI2OVYyMC45MTQzQzExNS4yODMgMjIuMTY3MyAxMTQuMzkxIDIzLjQ2NTEgMTEyLjg5NiAyMy40NjUxQzExMS4wMiAyMy40NjUxIDExMC4yMiAyMi42ODQ1IDExMC4yMiAyMC44NjA0VjEwLjI3NDRIMTE0Ljc5OUMxMTUuMjgyIDEwLjI3NDQgMTE1LjU0NyAxMC4wMSAxMTUuNTQ3IDkuNTI5NDJWNy42MDQ1N0MxMTUuNTQ3IDcuMTIyNDYgMTE1LjI4MiA2Ljg1NzUxIDExNC43OTkgNi44NTc1MUgxMTAuMjJWMi43NjYyNUMxMTAuMjIgMi4yODM2NCAxMDkuOTU2IDIuMDE5MiAxMDkuNDc0IDIuMDE5MkgxMDcuNDhDMTA2Ljk5NSAyLjAxOTIgMTA2LjczIDIuMjgzNjQgMTA2LjczIDIuNzY2MjVWNi44NTc1MUgxMDQuNjQ1QzEwNC4xNjMgNi44NTc1MSAxMDMuODk4IDcuMTIyNDYgMTAzLjg5OCA3LjYwNDU3VjkuNTI5NDJDMTAzLjg5OCAxMC4wMSAxMDQuMTYzIDEwLjI3NDQgMTA0LjY0NSAxMC4yNzQ0SDEwNi43M1YyMS4wMzUzQzEwNi43MyAyNC41NjQxIDEwOS4wMzggMjYuODQ0NCAxMTIuNjA4IDI2Ljg0NDRDMTE2LjI5NCAyNi44NDQ0IDExOC42NzQgMjQuNjM3OCAxMTguNjc0IDIxLjIyMTRWMTcuMjY5QzExOC42NzQgMTYuNzg2NCAxMTguNDExIDE2LjUyNCAxMTcuOTI4IDE2LjUyNFoiIGZpbGw9IiMzMzMzMzMiLz4KPC9nPgo8cGF0aCBmaWxsLXJ1bGU9ImV2ZW5vZGQiIGNsaXAtcnVsZT0iZXZlbm9kZCIgZD0iTTEwMi42MTMgMjMuMTA5MkgxMDEuMDQ2VjcuNjA0NjZDMTAxLjA0NiA3LjEyMjA1IDEwMC43ODEgNi44NTc2IDEwMC4yOTcgNi44NTc2SDk1Ljk4NkM5NS41MDI0IDYuODU3NiA5NS4yMzg5IDcuMTIyMDUgOTUuMjM4OSA3LjYwNDY2VjkuNTI5Qzk1LjIzODkgMTAuMDEwMSA5NS41MDI0IDEwLjI3NCA5NS45ODYgMTAuMjc0SDk3LjU1NTlWMjMuMTA5Mkg5NC43MDY1Qzk0LjIyNDQgMjMuMTA5MiA5My45NjA0IDIzLjM3MTcgOTMuOTYwNCAyMy44NTM4VjI1Ljc4MDFDOTMuOTYwNCAyNi4yNjA3IDk0LjIyNDQgMjYuNTI1NyA5NC43MDY1IDI2LjUyNTdIMTAyLjYxM0MxMDMuMDk3IDI2LjUyNTcgMTAzLjM2MiAyNi4yNjA3IDEwMy4zNjIgMjUuNzgwMVYyMy44NTM4QzEwMy4zNjIgMjMuMzcxNyAxMDMuMDk3IDIzLjEwOTIgMTAyLjYxMyAyMy4xMDkyWiIgZmlsbD0iIzMzMzMzMyIvPgo8bWFzayBpZD0ibWFzazMiIG1hc2stdHlwZT0iYWxwaGEiIG1hc2tVbml0cz0idXNlclNwYWNlT25Vc2UiIHg9Ijk3IiB5PSIwIiB3aWR0aD0iNSIgaGVpZ2h0PSI1Ij4KPHBhdGggZD0iTTk3LjA3MDcgMEgxMDEuNDQ0VjQuMzczSDk3LjA3MDdWMFoiIGZpbGw9IndoaXRlIi8+CjwvbWFzaz4KPGcgbWFzaz0idXJsKCNtYXNrMykiPgo8cGF0aCBmaWxsLXJ1bGU9ImV2ZW5vZGQiIGNsaXAtcnVsZT0iZXZlbm9kZCIgZD0iTTk5LjI1NjkgNC4zNzNDMTAwLjQ2NSA0LjM3MyAxMDEuNDQ0IDMuMzk0MDQgMTAxLjQ0NCAyLjE4NjI0QzEwMS40NDQgMC45ODE0OTYgMTAwLjQ2NSAwIDk5LjI1NjkgMEM5OC4wNTEyIDAgOTcuMDcwNyAwLjk4MTQ5NiA5Ny4wNzA3IDIuMTg2MjRDOTcuMDcwNyAzLjM5NDA0IDk4LjA1MTIgNC4zNzMgOTkuMjU2OSA0LjM3M1oiIGZpbGw9IiMzMzMzMzMiLz4KPC9nPgo8L3N2Zz4K</mdui:Logo>
            </mdui:UIInfo>
            <psc:RequestedPrincipalSelection xmlns:psc="http://id.swedenconnect.se/authn/1.0/principal-selection/ns">
                <psc:MatchValue Name="urn:oid:1.2.752.29.6.2.1"/>
            </psc:RequestedPrincipalSelection>
        </Extensions>
        <KeyDescriptor use="signing">
            <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
                <X509Data>
                    <X509Certificate>MIIDBDCCAfCgAwIBAgIQqhpqLrofNo5FBvsRrnKzBTAJBgUrDgMCHQUAMBQxEjAQBgNVBAMTCWxvY2FsaG9zdDAeFw0xNDA0MDgwODU1MDZaFw0zOTEyMzEyMzU5NTlaMBQxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBGoAgIUr5FryIq4ZUtCy45ZanGPxnD9tH8WVzBuKzZZfOY+R0f5RGSYLURzyhajYO9e1MWRO71wPF/Nl8b15PvhsshooZUSK7YZ5VwiPe9jxFPPs1DGENIlla8NBPQkFPvyJ9BnIjFH6dlUAjaaC0N4HOb+rPF34NZUN7SWlA86PEkA0AR3gF4tBti3bx43yCRBvKcyoyYAHIIlASgqfxnrPVBnIFWUm0d1aQyRtTsm5xKK0/oYbwwpKEUBNef88XC4gGtfU/1C3diKXGFSEiGjqYQ8TZOM2IP2/mRx1ONa/ASOAhj3GRysda8occnODMuMzi0yQ8LqZ8K2j8YqvUCAwEAAaNaMFgwDwYDVR0TAQH/BAUwAwEB/zBFBgNVHQEEPjA8gBC5QDzTwIrxwmviqMXSWFHyoRYwFDESMBAGA1UEAxMJbG9jYWxob3N0ghCqGmouuh82jkUG+xGucrMFMAkGBSsOAwIdBQADggEBACahnay2R/0JWHdJtcpv297CUYxnRD1c1AEmRv2RtQZN0hcRjOnyIkojzzkLf6Svg9ugonOZoZz/LDxP6ffGeYwZnswo/hmwLcMUtRw0oIHuNp/H9w1D8Dq7iRG5jQknJrePlgBqJTKozSl7ZLG+S2WKr6QimWhWJuublF3wRfKTpsIWj8Crzh+WlV+fIle8qvft041iRd9xAoXyJ+/onGm/cpZflkKHWwkfIpGNgkMKVXyeLnVn8P5D4G2Hy+oDRRNOaHwo/lNrqCMvCO5FCRoqHAlErJrrrQXpeB1q9TgjnsZyd3/FeDmTNTl46ZhLQV+wOnhV2FATZiBZ4dvVWmA=</X509Certificate>
                </X509Data>
            </KeyInfo>
        </KeyDescriptor>
        <KeyDescriptor use="encryption">
            <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
                <X509Data>
                    <X509Certificate>MIIDEDCCAfigAwIBAgIQhVXzPJyWTaRA34KusDqWVjANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDEwlsb2NhbGhvc3QwHhcNMTYwNTI3MDcyODA4WhcNMjYwNTI3MDcyODA3WjAUMRIwEAYDVQQDEwlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRdtzF/pnJHsjCrcBP0PRB0pbUrGzssIiJjdsxi9JeDFiapfr0aK5Db6C60yUZ54qpx+vpeJJ7Vv/Ol+OlOhm4o6NeLouCfyg7egqu2vngcn7LEBIc4Nbsa6exrDeRF2qyc6oagzb+PVoIdjFa1rwNnLqAvCbWxR5VD70wi6rOyqjuXyd/fFau/xO9BQwJHrWLMxiSmEAWh0DxdsOzxBON+qOxh+2/eoOxh4PUUv11Mfi1nmV5NHqg4imhHCE+DLDvOeMpe1r9xGMMDdkmpvDlRiZriWleYk7YTX9UDI/48DRTCjVdd5Zbofw3S8S+283SFE/pv4/AKtF3GoAmN7BRAgMBAAGjXjBcMBMGA1UdJQQMMAoGCCsGAQUFBwMCMEUGA1UdAQQ+MDyAEB/i9rZREw5DFiy0GTaxDD6hFjAUMRIwEAYDVQQDEwlsb2NhbGhvc3SCEIVV8zyclk2kQN+CrrA6llYwDQYJKoZIhvcNAQELBQADggEBACTbLMvq1anQUPxIEoGyaBco+CjFNb8L19Hy0XbeNPpGPyS8b1SHi3GUZasIH+0T92f35UCe0a97QqunqKl75ZBFVFY3JsxSIS8IpgOT2TriL4xoqW0/qOs41C8SkyEfWUmFu5mwNjl+wWK9yD4Gxbza+9vNC02AveKdQXWwcRxzSBpD8L3GFGf1yQL0Vvi9GhxVWUFkfB61nSmQYlJz83+hDCdyhrTbq+r07JiLKiUpaVeP8SxXwhBcIvwAbh7PF01n51fbIjq5WFtVrJTH9jyUOMriSckSLcRZeAnD80w6fiUTFqfWDGouYWWULPwSeqaSw776n8JJ641tfs1Cx5E=</X509Certificate>
                </X509Data>
            </KeyInfo>
            <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
                <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" xmlns="http://www.w3.org/2000/09/xmldsig#"/>
            </EncryptionMethod>
            <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep">
                <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" xmlns="http://www.w3.org/2000/09/xmldsig#"/>
            </EncryptionMethod>
            <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
            <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
            <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
            <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
            <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
            <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
        </KeyDescriptor>
        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://devidp.identityhub.se/siths-hsaid/Logout/REDIRECT/"/>
        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://devidp.identityhub.se/siths-hsaid/Logout/POST/"/>
        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://devidp.identityhub.se/siths-hsaid/Authn/REDIRECT/"/>
        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://devidp.identityhub.se/siths-hsaid/Authn/POST/"/>
    </IDPSSODescriptor>
    <Organization>
        <OrganizationName xml:lang="sv">Knowit Connectivity AB</OrganizationName>
        <OrganizationName xml:lang="en">Knowit Connectivity AB</OrganizationName>
        <OrganizationDisplayName xml:lang="sv">Knowit Connectivity AB</OrganizationDisplayName>
        <OrganizationDisplayName xml:lang="en">Knowit Connectivity AB</OrganizationDisplayName>
        <OrganizationURL xml:lang="sv">https://knowit.se/</OrganizationURL>
        <OrganizationURL xml:lang="en">https://knowit.se/</OrganizationURL>
    </Organization>
    <ContactPerson contactType="support">
        <EmailAddress>servicedesk@cybercom.com</EmailAddress>
    </ContactPerson>
    <ContactPerson contactType="technical">
        <EmailAddress>servicedesk@cybercom.com</EmailAddress>
    </ContactPerson>
</EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

WARNING

EntityCategory-IdP

This Identity Provider does not have an EntityCategory value for LoA and attribute profile.
It is recommended that IdP's have at least one EntityCategory value that indicates supported attributes

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: SITHS e-legitimation*
-	*en: SITHS e-ID*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: Legitimering eller underskrift med SITHS e-legitimation (HSA-id, ej personnummer) via Net iD plugin*
-	*en: Authentication or signing using SITHS eID via Net iD plugin*

MDUI-Logotype

Working logotypes present:

H:27

W:119

Type:SVG

MDUI-Logotype

At least one logo contains vector graphic of type SVG. This gives the best expected UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://devidp.identityhub.se/siths-hsaid is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Knowit Connectivity AB)

CONTACT-SUPP

Support contact e-mail (servicedesk@cybercom.com) is present

CONTACT-TECH

Technical contact e-mail (servicedesk@cybercom.com) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

Knowit Connectivity AB (https://devidp.identityhub.se/telia-browserplugin) (1)

Knowit Connectivity AB (https://devidp.identityhub.se/telia-browserplugin)

(1)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor entityID="https://devidp.identityhub.se/telia-browserplugin" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
    <Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3</saml:AttributeValue>
            </saml:Attribute>
            <saml:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/sc/uncertified-loa3-pnr</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/contract/Cybercom/Pensionsmyndigheten/Leveransavtal-SYS-2015-71</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/contract/Cybercom/Bolagsverket/Leveransavtal-AVT-2015-105</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/contract/Cybercom/Domstolsverket/Elektronisk-Underskrift-1420-2018</saml:AttributeValue>
            </saml:Attribute>
        </mdattr:EntityAttributes>
        <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
        <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256" xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport"/>
    </Extensions>
    <IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <Extensions>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="sv">Telia e-legitimation</mdui:DisplayName>
                <mdui:DisplayName xml:lang="en">Telia e-ID</mdui:DisplayName>
                <mdui:Description xml:lang="sv">Legitimering eller underskrift med Telia e-legitimation via Net iD plugin</mdui:Description>
                <mdui:Description xml:lang="en">Authentication or signing using Telia eID via Net iD plugin</mdui:Description>
                <mdui:Logo height="75" width="75">data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAZAAAAGQCAYAAACAvzbMAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAFOdJREFUeNrs3X+oVnWewPGTM5AJji6FLtV17/zhj3/SO6SwMwjr9fZftjYNyJKBOoHkX9MPiA2KmShWEKaxv4ygVNAWhN26k7EsdNMFyT805pb/pP0xlhVrJJsraP635/Pc57pmV33O4/Oc55zzfb3g4caMpc95Hs/7fM/3nO/JMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB66DaboFq2Lt8+nP+4+hXm5a8RW4fEnM5fn7f/+bv8NRn/2+ufPHfaphEQsZiKxZr8taIdiDW2CnRksv36r/iZR2XSJhGQFKLxcP5jfTsWw7YI9ESMUN7JX+P563AelO9sEgFpSjQiFpvyV8Rjvi0CfbcnYpKH5B2bQkDqGI0Ixeb89TsjDRiY0/lrb/7aaVQiIHUJx5PtcBhtQLVGJS+ahBcQ4QBuJSRPGZEISFXisTn/8SfhgNqIeLyaR+QPNoWADCocI+1wrLE1oJZO568teUgO2xQCUmY84sjl97YENMLObGp+xGktAelrOIbzH7uNOqBxJtujETcldugnNkGheEQ0DuWvZbYGNM7f5q9/un/hA2c/OjshIgLS03jEFVb/mr9m2xrQWPH3++E8IvPziPynzXFjTmF1Fo84ZbXZloCkxF3sW8yLCIh4AN2IU1mjIiIgRcMR93TEfIdl1EFERGQGs2yC6xIPIGvvBw61DyoRkJuOPnaLByAiAtJNPDbbEsAMEdltM/w/l/H+MB4Rjj/YEsB1LHOJr4DMFI81+Y+3bQngJv4+j8jnbjZ0FdZ0POK85l8zq+kCnYkrskZTX/bEHMiUt8UDKCD2F7tTn1RPPiDtJUrW+PsAFBST6kmvyJ30Kaz2yrp/MfoAbsFoqs8TSX0Esls8gB7sR5KU7FVY+ejj4fzHP/vuA7do/v0LH7jto7MTyY1CkjyF1Z74ilNXw777QA/EVVk/T229rFRPYT0pHkAvRyH5609GIGmMPtzzAfRDjEJOG4E0e/QhHkA/JHVZb4oB+Z3vONAnm1O6uTCpgLQXSzT6APrpSQEx+gDoxiYBad7oI5Yd8JAooN+G2/eZCYijAoDC1gtIszzsOw2UJInJ9CQC0j59New7DZRojYAYfQB0o/GnsWb5IAGMQLrR+KVM2uch/8d3GRiAXzT5sbcpjEBcugvY/wiIYSRQK/8gIPW2wncYMAIREB8gYP8jIKUZ9h0GBmXr8u2N3QfNavgHZ/QBOIgVkK5Yuh0YtMYeyDY9IMO+u4ADWQEREAABAUjG3wkIAN0YFhAAEBAABAQAAQGgPn5qE3Ajc+bOzlaMLs7uumdedufdUy9u7I+Pv9Xxr/3lP96XHf3zCRsNAaE5lqxclI09tiobyeNB//xq/X3Z0lWLsj0vvGdjICDU34ZnH8jGNq60IUoSo5AgIggItRWnq55+49FsaOkCG0NE4KZMonOFeAw+IptfetCGQECol4e2rRYPEQEBoZi4smrdE6ttCBEBAaH46AMRAQGhsBWjS2wEEQEBoZi432PO3NttCBEBAaGYoaULbQQRAQGhuDk/M/oQEeiOGwmplIsXLmenjn+RfXnybHby2Bc/Gi3dec+81vIqKa7J5WZDBARmENGY2Hc8mzx06oa/JhzY8X4rJmOPrbyyUxUREBASc+7r862d4XQcOnUmH6HEv/furiOtUztxMYCIQLnMgTAwk4c+y17esLtwPK4NUCyffmDHRHIjEXMiCAhJimdg7Hry37KLF77vyX9vYv+xVkhiDkVEQEBocDz6cfolRjJ7EzutIyIICMk4c/Kbvp67j0n4g68dEREQEJomTlv1W0ys38q8ioiAgFAxMTKISe8yRERSIyIICI0V93mUJUYgqY1CRAQBoZHikt1eXXHVqQ/HTyS5rUUEAaFZAfngVOm/58d5tFIlIggIjTGI00kx4knxNJaIICA0SlmT59eKy4ZTJiIICEYfXbpU8rxLFcMqIggI1MScubM7HyF9Ws4ISUQQEKiBe5cu6PjX3mj5ehFBQLBDTeyxuUUeExynsMo8xSciCAi1Mmfu7YVO6/TSIJ4TMrRsQaFfX/Zd8yKCgFArg3rg0yBGPytGlxT69TECmSz5npWIyNjGVb6YCAjVN7J2cfm/Z74jj9HPIEZcIwUjEsvQl33J8YZnx5J7JDACQg2taO3Myz2NNYhodft7x02Przz+VukRiVNZIoKAUGlxVD722MrSfr8775430B1j/N7xZ+gmIhP7j5f6ZxURBITKW7txVWmjkA3PPjDw9/vQttWF/52IyIEd77cezxtPbhQRquynNgFljkI25Tuqfj9UKuYfRkYXD/z9xg45lrA/c/Js4X93ejn6AzsmWveVLF3V/4sQ7rpnXivwFyt+9z4CQqJixx5X/0zsP9aX/37cg7GpQpeoxkR1jCa6Nb0gZMqLQlJdTmExkJ1qP06XRDyefuPRgVx5dT1x+XI3p7JAQOA64px7L3essaOuWjymrXtideHLekFA4DouXrjcuslvqEc3+v1q/X2VXnk3TqsNJbakC81nDoTSxLpPccf10fETXU0s38ieF95r/YxLZ+Nof8mqRZWYSJ8WI6MYIU3d63HWlwEBgU7E5ajdXo3UTaRigj5eEZMYmXRzT0Y/IxJ3nZe5Ci8ICLUSp6g+iB15Ho5BXRYaMYmFCuMVEYk5l0GHJCKybecjrZsF434PEBC4Spymip3joB5je71RULwiIlM3NA52sn1s48rWxH9sJ5foIiAYdeSjjtghlnkHdVExGpn84LP2pPaCgf5Z4vd/5o1HWwGJP5eQUDeuwqJn8Xil5OU3uhVzMfFnLXsJ9euJkUiE5PkDv22dahvUs1PACISBxaNOVxfFvEwsqVKlNaBiRDL9oKdYlTdGJOe+Ov+D7WqUgoAgHhUxtdbUwoGfzpopJoP4M8WyKyJFp5zC4pYc3HWk1vc1TI9EIoSAgFCSOFLt16KIZYqrxQ6W/FxyEBCS9m6DdroRwipddgwCQmNNT/I2SR2uIAMBof472/Hm7Ww/HBcQEBD6rolX6sQprBhZAQJCn8QVS01dUfZLK+WCgGAn240znxqBgIDQN02+WsmzOkBAEBBAQKA8l9yRDgJC/9zR4NVi7xjwc0JAQGi0eNZ4U5ccj0fgAgJCn8RjYePZ3kNLFzbqPcXTCquytDvUgeXc6UosNf78gS2tf46bCuMGvOlnV1yq8H0iMXK6N/+zRzDuumfelaXcB/2sdBAQkhRP1IvXTCIsly583/rnuAHxeveQnDzW3Z3t0yG4VszTXP08jQjFHPMbICDUa6RytZg/mcm6J2wrqBtzIAAICAACAoCAACAgACAgAAgIAAICgIAAICAAICAACAgAAgKAgAAgIAAgIAD0jgdK0bV4lO2H4yeyc1+fr/X7iMfcjqxd7HnoICCU4cCOiWxi/7HGvJ/JQ6eyiX3Hs6ffeNSjb6FDTmFR2MHXjjQqHtPOnDybvfL4Wz5gEBD6IU5XvbvrSGPfX0RkYv/xZD/fSxcu+5IjIPTH5KHPGv8ej46fSPKz3fPCe62AQqfMgVDIqWNfNP49prgTjXgc/XNvwnnn3fNar6WrFl3537796nxr9PrlyW+yixe+9xdJQEhR7BiaLq7KEo9ihpYuzMYeW5ktWbnopt+RM3lEYpQXv6eYCAgJGVq2oPHvMXaC4tH5AcXmlx4stM2Gli7Ihp4dy9ZtW519sP9Yo+fUms4cCIWsGF3S+FFIHEmLRwfbaeOq7F/+Y1vXwY3Lpdc9sTp7/sBvWyMYBISGi7/0ccTZ2HjkO8UURiC3Go/4DmzIRxE9GdXmI5K4/2YkPzhBQGi42MHGUWOTRiIx7/HQttU92yk2PR69vms/Dky27XxERGrGHAhdHzXG6YtYziRedRYhjFNzKdyBXsV4XG1T/t8/9/h5lxMLCKmMRlKadE45HjFC6/d6YRHxiMjLG970gdWAU1ggHh2JtcLiEtwyRrcRKwQEaEA8QtyzEWuFlRGRtRtXJXc/joAAjYxH2RGJU1krRhf7AAUEaEI8yo7IyFpXZAkI0Jh4lBmRESMQAQGaFY8yI+IOdQEBGhaPsiJyh6dDCghQ/Xh0u7JAPyNiBCIgQMXjEXeY38qihmVe4ouAABWKR9xhHpfOxqKGVYqIJU0EBKh4PKZVMSIICFDxeFQxInVfqFNAgGTiUaWIGMUICFCzeFQlIvHcdAQEqFk8qhCRyUOnfOACAtQxHoOMSLzPc1+f96ELCFDXeAwiIhcvXM4O7JjwoQsIUPd4lB2Rvfn7jV9L9XmkLV2LSyynnlJ31umGiur1M8ynIzIVguI3+U1HZCpEC370/x987Yi5DyMQUjgq/mO+I4i/7OKRRjz6PRKJUda7u4744ASEJovz02Wu+Ep14tGviMT3KQ5KEBAaLEYbE/uP2RAJx6PXEYkDEvEQEBJg5CEevY6IAxIBIRFnPrW8hHj0NiIICIno9qFDNDMeIiIg0LGhZQtsBPEQEQSE4mJHZRQiHiKCgNCVbTt/k+8oZtsQ4iEiAgLFxB3EsYNYsnKRjSEeIpIwS5nQdUSeyXcQcSNYLGlyydpFhdzKHddVj8e1EXl5w5tWKxAQmDkkM61pxPXFek9Nj8e0jy1102hOYUGJWnfy7zueRDwsTyIgQA/FqatulioXDwQEEhYPSupmKRjxQEAgceKBgABdmdhXbNHAkdEl4oGAQOricuciVyPFjZqb8tGHeCAgkLi4V6aIscdWtu6jEA8EBFIPyLFiAanLqSvxEBCgz86cPNvxr425jzosWCkeCAj0Wcx9FJn/WLKq+muMiQcCAiUoOv9R9aVhxAMBgZKcLDj/UeVVjsUDAYESfXzoM/FAQIBi4v6PImtfLa3o/Id4ICBQsqLzH1UcgYgHAgKDCEjN5z/EAwGBGoxAxAMBAVrqPP8hHnTCI23p2uShz7Kj4yfyn6dsjB6oyghEPBAQ+ip2MN0834JqB0Q8KMIpLAo7sGNCPMQDBIRiYk2nif3HbIgeG/T8h3ggIJSyo6FZIxDxQEAoxZlPv7ERGhQQ8UBAKE0dnlMhHuJBOVyFRSFDyxbYCD02iPmPuBDCXBZGIJQqHrVqFFLfEUjc3Pjyht3igYAwGNt2/iabM3e2DVGjgEQ44nTVyxveLPR4XbgRp7AoLJ6Y9/Qbj2YHdrxfeLVZynHxwuXWZxOLOcZKAUUeqQsCQt8j8kwekdgxxdHtl45qr/j2q/OlX+58dTDip1EGAkLlxXxIvEZGF9sYbbEDLxKQWFOs6PYTDAQEGujepQsL/fo4FRjzIHPm3i4YCAikLEIQo7JO5x3i18Xk9kPbVmcrRpe0/n3BQEAgUSN5CIpcKhsRmbqpz4191IfLeKEPfrn+PhsBAQGKi6vUqvaI2k5GTUMF528QEKAPYk6jDmK+Jm4O3bbzkeyOG0zkw7XMgUCfxAgkjuqr+sjfCEdELpanAQGBitn00oPZucfPV+oqqojayNrFwoGAQJXFJblxaigWMLx44fuB/BliXiNGQ7GS8vRlwiAgUANxquj5A1uyXU/+eykjkelgLFm16KY3KIKAQA0iEgtQHtx1pOdLqQsGAsJAXPzfyzZCSWLHvuHZsdb8w7t5SLpdybifwbBqLwJCxyyRUb7Y6cdKxrGK8dHxEzddqqSsEUYsnyIgCAgdi51X7Dic9ihf3Gw4lI9Irv4sZopNmd8FEBAKiaXHxzautCEqMDIZ6Pdg/IQPgULciU42se9YaxRCuuJ0WlVveERAqLA47x1XB5GuvS9YBRgBodtRyP5jpT+GlWqIZeRdTIGAcMs7EhHxmUOnTKLz46PRT7/J1m1b7cqsBpt+gJUrrxAQeipOZ8WE6tWPWKU54ZjYd7w16hjU2lwICIkcocYjVlsL8S1dmM35mZDU1bdfnc++PPmNuQ4EhHLFaQ6nOoBrmUQHQEAAEBAABAQAAQGgqEkBAaAbjX3IStMDMum7CyAg3fjORwwM2GkBERAAAUklIK9/8pxTWICACEjXRAQY5IGsgKg/QGGHm/zmUgjIx77DwIA0+gxICgE57DsMOIAVkMJe/+Q5AQEcwAqIDxGojdNNnkBPKSDjvsuAA1cB8UECDlwr4LZUPsmty7f/Nf8x7DsNlOC71z957m+MQJpjr+80UJJ3UniTKQVkj+804IBVQAprXw1x2Pca6LPTqdw+kNoDpZzGAvrt1VTeaFIByY8K9mTWxgL6Jx4hsUdAmutF33GgX6OP/EA1mecQJRcQoxCgj6OPnSm94VmJftBGIYDRh4AYhQBGHwJSri2+80CPPJXa6CPclvInvnX59rfzHw/77gO34HAej9EU3/isxD/4Le2hJ0DXo49U33jSAWkPOZ3KArr1Yr4fmUz1zd/m83cqC+jKZB6PX6S8AWb5DrTEKOS0zQB0KM5e/Dr1jSAg2ZVTWb/OzIcAHR50Nv1xtZ34ie/BlI/OTvz3/QsfOJs5lQXc2FPte8mSJyA/jMhkHpGYF1pjawAz2JPH4zmbQUCuF5HDeUSG838csTWAa+Lhqs2rmAOZQftLYogKTItLdZ+yGYxAOh2JjBuJAO14jKa4VMnNuA/kJrYu3747/7HZloAkOW1lBHLLIxET6yAeCEhXEYmJ9c/bEZlti0DjPeVqq5tzCquArcu3x3xILHsybGtAI7VuKs7jcdimuDlXYRXQXjQt1r55x9aAxolo/Fw8jEDKGI3EHesxwT7f1oDajzpiVd2dNoWAlBmR+e2IWP4E6jvqsK6VgAw0JGvaIRm2NaAWTrdHHXtsCgGpSkg25z9+LyRQWXG66tX8tdONgQIiJIBwCEhjQ7IpcxMiDEpcOfmqU1UCUueQxEhkOiZGJdBfp7OpS+33pvy8cgFpZkxG2iOS9UYm0NORxniEQzQEJKWgrGmHZEV7dGL1X7j5CCMi8XE2dRnupHkNAeGHo5T57ZegIBhTr++MLgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHr4PwEGAGqmff0xBrNNAAAAAElFTkSuQmCC</mdui:Logo>
                <mdui:Logo height="120" width="120">data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAZAAAAGQCAYAAACAvzbMAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAFOdJREFUeNrs3X+oVnWewPGTM5AJji6FLtV17/zhj3/SO6SwMwjr9fZftjYNyJKBOoHkX9MPiA2KmShWEKaxv4ygVNAWhN26k7EsdNMFyT805pb/pP0xlhVrJJsraP635/Pc57pmV33O4/Oc55zzfb3g4caMpc95Hs/7fM/3nO/JMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB66DaboFq2Lt8+nP+4+hXm5a8RW4fEnM5fn7f/+bv8NRn/2+ufPHfaphEQsZiKxZr8taIdiDW2CnRksv36r/iZR2XSJhGQFKLxcP5jfTsWw7YI9ESMUN7JX+P563AelO9sEgFpSjQiFpvyV8Rjvi0CfbcnYpKH5B2bQkDqGI0Ixeb89TsjDRiY0/lrb/7aaVQiIHUJx5PtcBhtQLVGJS+ahBcQ4QBuJSRPGZEISFXisTn/8SfhgNqIeLyaR+QPNoWADCocI+1wrLE1oJZO568teUgO2xQCUmY84sjl97YENMLObGp+xGktAelrOIbzH7uNOqBxJtujETcldugnNkGheEQ0DuWvZbYGNM7f5q9/un/hA2c/OjshIgLS03jEFVb/mr9m2xrQWPH3++E8IvPziPynzXFjTmF1Fo84ZbXZloCkxF3sW8yLCIh4AN2IU1mjIiIgRcMR93TEfIdl1EFERGQGs2yC6xIPIGvvBw61DyoRkJuOPnaLByAiAtJNPDbbEsAMEdltM/w/l/H+MB4Rjj/YEsB1LHOJr4DMFI81+Y+3bQngJv4+j8jnbjZ0FdZ0POK85l8zq+kCnYkrskZTX/bEHMiUt8UDKCD2F7tTn1RPPiDtJUrW+PsAFBST6kmvyJ30Kaz2yrp/MfoAbsFoqs8TSX0Esls8gB7sR5KU7FVY+ejj4fzHP/vuA7do/v0LH7jto7MTyY1CkjyF1Z74ilNXw777QA/EVVk/T229rFRPYT0pHkAvRyH5609GIGmMPtzzAfRDjEJOG4E0e/QhHkA/JHVZb4oB+Z3vONAnm1O6uTCpgLQXSzT6APrpSQEx+gDoxiYBad7oI5Yd8JAooN+G2/eZCYijAoDC1gtIszzsOw2UJInJ9CQC0j59New7DZRojYAYfQB0o/GnsWb5IAGMQLrR+KVM2uch/8d3GRiAXzT5sbcpjEBcugvY/wiIYSRQK/8gIPW2wncYMAIREB8gYP8jIKUZ9h0GBmXr8u2N3QfNavgHZ/QBOIgVkK5Yuh0YtMYeyDY9IMO+u4ADWQEREAABAUjG3wkIAN0YFhAAEBAABAQAAQGgPn5qE3Ajc+bOzlaMLs7uumdedufdUy9u7I+Pv9Xxr/3lP96XHf3zCRsNAaE5lqxclI09tiobyeNB//xq/X3Z0lWLsj0vvGdjICDU34ZnH8jGNq60IUoSo5AgIggItRWnq55+49FsaOkCG0NE4KZMonOFeAw+IptfetCGQECol4e2rRYPEQEBoZi4smrdE6ttCBEBAaH46AMRAQGhsBWjS2wEEQEBoZi432PO3NttCBEBAaGYoaULbQQRAQGhuDk/M/oQEeiOGwmplIsXLmenjn+RfXnybHby2Bc/Gi3dec+81vIqKa7J5WZDBARmENGY2Hc8mzx06oa/JhzY8X4rJmOPrbyyUxUREBASc+7r862d4XQcOnUmH6HEv/furiOtUztxMYCIQLnMgTAwk4c+y17esLtwPK4NUCyffmDHRHIjEXMiCAhJimdg7Hry37KLF77vyX9vYv+xVkhiDkVEQEBocDz6cfolRjJ7EzutIyIICMk4c/Kbvp67j0n4g68dEREQEJomTlv1W0ys38q8ioiAgFAxMTKISe8yRERSIyIICI0V93mUJUYgqY1CRAQBoZHikt1eXXHVqQ/HTyS5rUUEAaFZAfngVOm/58d5tFIlIggIjTGI00kx4knxNJaIICA0SlmT59eKy4ZTJiIICEYfXbpU8rxLFcMqIggI1MScubM7HyF9Ws4ISUQQEKiBe5cu6PjX3mj5ehFBQLBDTeyxuUUeExynsMo8xSciCAi1Mmfu7YVO6/TSIJ4TMrRsQaFfX/Zd8yKCgFArg3rg0yBGPytGlxT69TECmSz5npWIyNjGVb6YCAjVN7J2cfm/Z74jj9HPIEZcIwUjEsvQl33J8YZnx5J7JDACQg2taO3Myz2NNYhodft7x02Przz+VukRiVNZIoKAUGlxVD722MrSfr8775430B1j/N7xZ+gmIhP7j5f6ZxURBITKW7txVWmjkA3PPjDw9/vQttWF/52IyIEd77cezxtPbhQRquynNgFljkI25Tuqfj9UKuYfRkYXD/z9xg45lrA/c/Js4X93ejn6AzsmWveVLF3V/4sQ7rpnXivwFyt+9z4CQqJixx5X/0zsP9aX/37cg7GpQpeoxkR1jCa6Nb0gZMqLQlJdTmExkJ1qP06XRDyefuPRgVx5dT1x+XI3p7JAQOA64px7L3essaOuWjymrXtideHLekFA4DouXrjcuslvqEc3+v1q/X2VXnk3TqsNJbakC81nDoTSxLpPccf10fETXU0s38ieF95r/YxLZ+Nof8mqRZWYSJ8WI6MYIU3d63HWlwEBgU7E5ajdXo3UTaRigj5eEZMYmXRzT0Y/IxJ3nZe5Ci8ICLUSp6g+iB15Ho5BXRYaMYmFCuMVEYk5l0GHJCKybecjrZsF434PEBC4Spymip3joB5je71RULwiIlM3NA52sn1s48rWxH9sJ5foIiAYdeSjjtghlnkHdVExGpn84LP2pPaCgf5Z4vd/5o1HWwGJP5eQUDeuwqJn8Xil5OU3uhVzMfFnLXsJ9euJkUiE5PkDv22dahvUs1PACISBxaNOVxfFvEwsqVKlNaBiRDL9oKdYlTdGJOe+Ov+D7WqUgoAgHhUxtdbUwoGfzpopJoP4M8WyKyJFp5zC4pYc3HWk1vc1TI9EIoSAgFCSOFLt16KIZYqrxQ6W/FxyEBCS9m6DdroRwipddgwCQmNNT/I2SR2uIAMBof472/Hm7Ww/HBcQEBD6rolX6sQprBhZAQJCn8QVS01dUfZLK+WCgGAn240znxqBgIDQN02+WsmzOkBAEBBAQKA8l9yRDgJC/9zR4NVi7xjwc0JAQGi0eNZ4U5ccj0fgAgJCn8RjYePZ3kNLFzbqPcXTCquytDvUgeXc6UosNf78gS2tf46bCuMGvOlnV1yq8H0iMXK6N/+zRzDuumfelaXcB/2sdBAQkhRP1IvXTCIsly583/rnuAHxeveQnDzW3Z3t0yG4VszTXP08jQjFHPMbICDUa6RytZg/mcm6J2wrqBtzIAAICAACAoCAACAgACAgAAgIAAICgIAAICAAICAACAgAAgKAgAAgIAAgIAD0jgdK0bV4lO2H4yeyc1+fr/X7iMfcjqxd7HnoICCU4cCOiWxi/7HGvJ/JQ6eyiX3Hs6ffeNSjb6FDTmFR2MHXjjQqHtPOnDybvfL4Wz5gEBD6IU5XvbvrSGPfX0RkYv/xZD/fSxcu+5IjIPTH5KHPGv8ej46fSPKz3fPCe62AQqfMgVDIqWNfNP49prgTjXgc/XNvwnnn3fNar6WrFl3537796nxr9PrlyW+yixe+9xdJQEhR7BiaLq7KEo9ihpYuzMYeW5ktWbnopt+RM3lEYpQXv6eYCAgJGVq2oPHvMXaC4tH5AcXmlx4stM2Gli7Ihp4dy9ZtW519sP9Yo+fUms4cCIWsGF3S+FFIHEmLRwfbaeOq7F/+Y1vXwY3Lpdc9sTp7/sBvWyMYBISGi7/0ccTZ2HjkO8UURiC3Go/4DmzIRxE9GdXmI5K4/2YkPzhBQGi42MHGUWOTRiIx7/HQttU92yk2PR69vms/Dky27XxERGrGHAhdHzXG6YtYziRedRYhjFNzKdyBXsV4XG1T/t8/9/h5lxMLCKmMRlKadE45HjFC6/d6YRHxiMjLG970gdWAU1ggHh2JtcLiEtwyRrcRKwQEaEA8QtyzEWuFlRGRtRtXJXc/joAAjYxH2RGJU1krRhf7AAUEaEI8yo7IyFpXZAkI0Jh4lBmRESMQAQGaFY8yI+IOdQEBGhaPsiJyh6dDCghQ/Xh0u7JAPyNiBCIgQMXjEXeY38qihmVe4ouAABWKR9xhHpfOxqKGVYqIJU0EBKh4PKZVMSIICFDxeFQxInVfqFNAgGTiUaWIGMUICFCzeFQlIvHcdAQEqFk8qhCRyUOnfOACAtQxHoOMSLzPc1+f96ELCFDXeAwiIhcvXM4O7JjwoQsIUPd4lB2Rvfn7jV9L9XmkLV2LSyynnlJ31umGiur1M8ynIzIVguI3+U1HZCpEC370/x987Yi5DyMQUjgq/mO+I4i/7OKRRjz6PRKJUda7u4744ASEJovz02Wu+Ep14tGviMT3KQ5KEBAaLEYbE/uP2RAJx6PXEYkDEvEQEBJg5CEevY6IAxIBIRFnPrW8hHj0NiIICIno9qFDNDMeIiIg0LGhZQtsBPEQEQSE4mJHZRQiHiKCgNCVbTt/k+8oZtsQ4iEiAgLFxB3EsYNYsnKRjSEeIpIwS5nQdUSeyXcQcSNYLGlyydpFhdzKHddVj8e1EXl5w5tWKxAQmDkkM61pxPXFek9Nj8e0jy1102hOYUGJWnfy7zueRDwsTyIgQA/FqatulioXDwQEEhYPSupmKRjxQEAgceKBgABdmdhXbNHAkdEl4oGAQOricuciVyPFjZqb8tGHeCAgkLi4V6aIscdWtu6jEA8EBFIPyLFiAanLqSvxEBCgz86cPNvxr425jzosWCkeCAj0Wcx9FJn/WLKq+muMiQcCAiUoOv9R9aVhxAMBgZKcLDj/UeVVjsUDAYESfXzoM/FAQIBi4v6PImtfLa3o/Id4ICBQsqLzH1UcgYgHAgKDCEjN5z/EAwGBGoxAxAMBAVrqPP8hHnTCI23p2uShz7Kj4yfyn6dsjB6oyghEPBAQ+ip2MN0834JqB0Q8KMIpLAo7sGNCPMQDBIRiYk2nif3HbIgeG/T8h3ggIJSyo6FZIxDxQEAoxZlPv7ERGhQQ8UBAKE0dnlMhHuJBOVyFRSFDyxbYCD02iPmPuBDCXBZGIJQqHrVqFFLfEUjc3Pjyht3igYAwGNt2/iabM3e2DVGjgEQ44nTVyxveLPR4XbgRp7AoLJ6Y9/Qbj2YHdrxfeLVZynHxwuXWZxOLOcZKAUUeqQsCQt8j8kwekdgxxdHtl45qr/j2q/OlX+58dTDip1EGAkLlxXxIvEZGF9sYbbEDLxKQWFOs6PYTDAQEGujepQsL/fo4FRjzIHPm3i4YCAikLEIQo7JO5x3i18Xk9kPbVmcrRpe0/n3BQEAgUSN5CIpcKhsRmbqpz4191IfLeKEPfrn+PhsBAQGKi6vUqvaI2k5GTUMF528QEKAPYk6jDmK+Jm4O3bbzkeyOG0zkw7XMgUCfxAgkjuqr+sjfCEdELpanAQGBitn00oPZucfPV+oqqojayNrFwoGAQJXFJblxaigWMLx44fuB/BliXiNGQ7GS8vRlwiAgUANxquj5A1uyXU/+eykjkelgLFm16KY3KIKAQA0iEgtQHtx1pOdLqQsGAsJAXPzfyzZCSWLHvuHZsdb8w7t5SLpdybifwbBqLwJCxyyRUb7Y6cdKxrGK8dHxEzddqqSsEUYsnyIgCAgdi51X7Dic9ihf3Gw4lI9Irv4sZopNmd8FEBAKiaXHxzautCEqMDIZ6Pdg/IQPgULciU42se9YaxRCuuJ0WlVveERAqLA47x1XB5GuvS9YBRgBodtRyP5jpT+GlWqIZeRdTIGAcMs7EhHxmUOnTKLz46PRT7/J1m1b7cqsBpt+gJUrrxAQeipOZ8WE6tWPWKU54ZjYd7w16hjU2lwICIkcocYjVlsL8S1dmM35mZDU1bdfnc++PPmNuQ4EhHLFaQ6nOoBrmUQHQEAAEBAABAQAAQGgqEkBAaAbjX3IStMDMum7CyAg3fjORwwM2GkBERAAAUklIK9/8pxTWICACEjXRAQY5IGsgKg/QGGHm/zmUgjIx77DwIA0+gxICgE57DsMOIAVkMJe/+Q5AQEcwAqIDxGojdNNnkBPKSDjvsuAA1cB8UECDlwr4LZUPsmty7f/Nf8x7DsNlOC71z957m+MQJpjr+80UJJ3UniTKQVkj+804IBVQAprXw1x2Pca6LPTqdw+kNoDpZzGAvrt1VTeaFIByY8K9mTWxgL6Jx4hsUdAmutF33GgX6OP/EA1mecQJRcQoxCgj6OPnSm94VmJftBGIYDRh4AYhQBGHwJSri2+80CPPJXa6CPclvInvnX59rfzHw/77gO34HAej9EU3/isxD/4Le2hJ0DXo49U33jSAWkPOZ3KArr1Yr4fmUz1zd/m83cqC+jKZB6PX6S8AWb5DrTEKOS0zQB0KM5e/Dr1jSAg2ZVTWb/OzIcAHR50Nv1xtZ34ie/BlI/OTvz3/QsfOJs5lQXc2FPte8mSJyA/jMhkHpGYF1pjawAz2JPH4zmbQUCuF5HDeUSG838csTWAa+Lhqs2rmAOZQftLYogKTItLdZ+yGYxAOh2JjBuJAO14jKa4VMnNuA/kJrYu3747/7HZloAkOW1lBHLLIxET6yAeCEhXEYmJ9c/bEZlti0DjPeVqq5tzCquArcu3x3xILHsybGtAI7VuKs7jcdimuDlXYRXQXjQt1r55x9aAxolo/Fw8jEDKGI3EHesxwT7f1oDajzpiVd2dNoWAlBmR+e2IWP4E6jvqsK6VgAw0JGvaIRm2NaAWTrdHHXtsCgGpSkg25z9+LyRQWXG66tX8tdONgQIiJIBwCEhjQ7IpcxMiDEpcOfmqU1UCUueQxEhkOiZGJdBfp7OpS+33pvy8cgFpZkxG2iOS9UYm0NORxniEQzQEJKWgrGmHZEV7dGL1X7j5CCMi8XE2dRnupHkNAeGHo5T57ZegIBhTr++MLgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHr4PwEGAGqmff0xBrNNAAAAAElFTkSuQmCC</mdui:Logo>
            </mdui:UIInfo>
            <psc:RequestedPrincipalSelection xmlns:psc="http://id.swedenconnect.se/authn/1.0/principal-selection/ns">
                <psc:MatchValue Name="urn:oid:1.2.752.29.4.13"/>
            </psc:RequestedPrincipalSelection>
        </Extensions>
        <KeyDescriptor use="signing">
            <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
                <X509Data>
                    <X509Certificate>MIIDBDCCAfCgAwIBAgIQqhpqLrofNo5FBvsRrnKzBTAJBgUrDgMCHQUAMBQxEjAQBgNVBAMTCWxvY2FsaG9zdDAeFw0xNDA0MDgwODU1MDZaFw0zOTEyMzEyMzU5NTlaMBQxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBGoAgIUr5FryIq4ZUtCy45ZanGPxnD9tH8WVzBuKzZZfOY+R0f5RGSYLURzyhajYO9e1MWRO71wPF/Nl8b15PvhsshooZUSK7YZ5VwiPe9jxFPPs1DGENIlla8NBPQkFPvyJ9BnIjFH6dlUAjaaC0N4HOb+rPF34NZUN7SWlA86PEkA0AR3gF4tBti3bx43yCRBvKcyoyYAHIIlASgqfxnrPVBnIFWUm0d1aQyRtTsm5xKK0/oYbwwpKEUBNef88XC4gGtfU/1C3diKXGFSEiGjqYQ8TZOM2IP2/mRx1ONa/ASOAhj3GRysda8occnODMuMzi0yQ8LqZ8K2j8YqvUCAwEAAaNaMFgwDwYDVR0TAQH/BAUwAwEB/zBFBgNVHQEEPjA8gBC5QDzTwIrxwmviqMXSWFHyoRYwFDESMBAGA1UEAxMJbG9jYWxob3N0ghCqGmouuh82jkUG+xGucrMFMAkGBSsOAwIdBQADggEBACahnay2R/0JWHdJtcpv297CUYxnRD1c1AEmRv2RtQZN0hcRjOnyIkojzzkLf6Svg9ugonOZoZz/LDxP6ffGeYwZnswo/hmwLcMUtRw0oIHuNp/H9w1D8Dq7iRG5jQknJrePlgBqJTKozSl7ZLG+S2WKr6QimWhWJuublF3wRfKTpsIWj8Crzh+WlV+fIle8qvft041iRd9xAoXyJ+/onGm/cpZflkKHWwkfIpGNgkMKVXyeLnVn8P5D4G2Hy+oDRRNOaHwo/lNrqCMvCO5FCRoqHAlErJrrrQXpeB1q9TgjnsZyd3/FeDmTNTl46ZhLQV+wOnhV2FATZiBZ4dvVWmA=</X509Certificate>
                </X509Data>
            </KeyInfo>
        </KeyDescriptor>
        <KeyDescriptor use="encryption">
            <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
                <X509Data>
                    <X509Certificate>MIIDEDCCAfigAwIBAgIQhVXzPJyWTaRA34KusDqWVjANBgkqhkiG9w0BAQsFADAUMRIwEAYDVQQDEwlsb2NhbGhvc3QwHhcNMTYwNTI3MDcyODA4WhcNMjYwNTI3MDcyODA3WjAUMRIwEAYDVQQDEwlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRdtzF/pnJHsjCrcBP0PRB0pbUrGzssIiJjdsxi9JeDFiapfr0aK5Db6C60yUZ54qpx+vpeJJ7Vv/Ol+OlOhm4o6NeLouCfyg7egqu2vngcn7LEBIc4Nbsa6exrDeRF2qyc6oagzb+PVoIdjFa1rwNnLqAvCbWxR5VD70wi6rOyqjuXyd/fFau/xO9BQwJHrWLMxiSmEAWh0DxdsOzxBON+qOxh+2/eoOxh4PUUv11Mfi1nmV5NHqg4imhHCE+DLDvOeMpe1r9xGMMDdkmpvDlRiZriWleYk7YTX9UDI/48DRTCjVdd5Zbofw3S8S+283SFE/pv4/AKtF3GoAmN7BRAgMBAAGjXjBcMBMGA1UdJQQMMAoGCCsGAQUFBwMCMEUGA1UdAQQ+MDyAEB/i9rZREw5DFiy0GTaxDD6hFjAUMRIwEAYDVQQDEwlsb2NhbGhvc3SCEIVV8zyclk2kQN+CrrA6llYwDQYJKoZIhvcNAQELBQADggEBACTbLMvq1anQUPxIEoGyaBco+CjFNb8L19Hy0XbeNPpGPyS8b1SHi3GUZasIH+0T92f35UCe0a97QqunqKl75ZBFVFY3JsxSIS8IpgOT2TriL4xoqW0/qOs41C8SkyEfWUmFu5mwNjl+wWK9yD4Gxbza+9vNC02AveKdQXWwcRxzSBpD8L3GFGf1yQL0Vvi9GhxVWUFkfB61nSmQYlJz83+hDCdyhrTbq+r07JiLKiUpaVeP8SxXwhBcIvwAbh7PF01n51fbIjq5WFtVrJTH9jyUOMriSckSLcRZeAnD80w6fiUTFqfWDGouYWWULPwSeqaSw776n8JJ641tfs1Cx5E=</X509Certificate>
                </X509Data>
            </KeyInfo>
            <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
                <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" xmlns="http://www.w3.org/2000/09/xmldsig#"/>
            </EncryptionMethod>
            <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep">
                <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" xmlns="http://www.w3.org/2000/09/xmldsig#"/>
            </EncryptionMethod>
            <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
            <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
            <EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
            <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
            <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
            <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
        </KeyDescriptor>
        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://devidp.identityhub.se/telia-browserplugin/Logout/REDIRECT/"/>
        <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://devidp.identityhub.se/telia-browserplugin/Logout/POST/"/>
        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://devidp.identityhub.se/telia-browserplugin/Authn/REDIRECT/"/>
        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://devidp.identityhub.se/telia-browserplugin/Authn/POST/"/>
    </IDPSSODescriptor>
    <Organization>
        <OrganizationName xml:lang="sv">Knowit Connectivity AB</OrganizationName>
        <OrganizationName xml:lang="en">Knowit Connectivity AB</OrganizationName>
        <OrganizationDisplayName xml:lang="sv">Knowit Connectivity AB</OrganizationDisplayName>
        <OrganizationDisplayName xml:lang="en">Knowit Connectivity AB</OrganizationDisplayName>
        <OrganizationURL xml:lang="sv">https://knowit.se/</OrganizationURL>
        <OrganizationURL xml:lang="en">https://knowit.se/</OrganizationURL>
    </Organization>
    <ContactPerson contactType="support">
        <EmailAddress>servicedesk@cybercom.com</EmailAddress>
    </ContactPerson>
    <ContactPerson contactType="technical">
        <EmailAddress>servicedesk@cybercom.com</EmailAddress>
    </ContactPerson>
</EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

WARNING

EntityCategory-IdP

This Identity Provider does not have an EntityCategory value for LoA and attribute profile.
It is recommended that IdP's have at least one EntityCategory value that indicates supported attributes

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: Telia e-legitimation*
-	*en: Telia e-ID*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: Legitimering eller underskrift med Telia e-legitimation via Net iD plugin*
-	*en: Authentication or signing using Telia eID via Net iD plugin*

MDUI-Logotype

Working logotypes present:

H:75	W:75	Type:PNG
H:120	W:120	Type:PNG

MDUI-Logotype

All logotypes are OK but no vector graphic image of type SVG is present. Consider providing images in vector graphic for best UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://devidp.identityhub.se/telia-browserplugin is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Knowit Connectivity AB)

CONTACT-SUPP

Support contact e-mail (servicedesk@cybercom.com) is present

CONTACT-TECH

Technical contact e-mail (servicedesk@cybercom.com) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

Litsec AB (http://eid.litsec.se/testidp) (4)

Litsec AB (http://eid.litsec.se/testidp)

(4)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor entityID="http://eid.litsec.se/testidp" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml2:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa2</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa3</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa4</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-nf-low</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-nf-sub</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-nf-high</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/loa2-pnr</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/loa3-pnr</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/loa4-pnr</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/eidas-pnr-delivery</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/scal2</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml2:AttributeValue>
            </saml2:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <Extensions>
            <psc:RequestedPrincipalSelection xmlns:psc="http://id.swedenconnect.se/authn/1.0/principal-selection/ns">
                <psc:MatchValue Name="urn:oid:1.2.752.29.4.13"/>
            </psc:RequestedPrincipalSelection>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">Litsec Test IdP</mdui:DisplayName>
                <mdui:DisplayName xml:lang="sv">Litsec Test IdP</mdui:DisplayName>
                <mdui:Description xml:lang="en">Litsec Test IdP</mdui:Description>
                <mdui:Description xml:lang="sv">Litsec Test IdP</mdui:Description>
                <mdui:Logo height="64" width="64">https://eid.litsec.se/idp/images/litsec-small.svg</mdui:Logo>
                <mdui:Logo height="43" width="171">https://eid.litsec.se/idp/images/litsec.svg</mdui:Logo>
            </mdui:UIInfo>
        </Extensions>
        <md:KeyDescriptor use="signing" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIDJTCCAg2gAwIBAgIVANRzptVQS0OC4yUngEfPkeVZwu3rMA0GCSqGSIb3DQEBCwUAMBwxGjAYBgNVBAMMEWlkcC5zdmVsZWd0ZXN0LnNlMB4XDTE2MDkxMDEwMTcwNVoXDTM2MDkxMDEwMTcwNVowHDEaMBgGA1UEAwwRaWRwLnN2ZWxlZ3Rlc3Quc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCG8EktfnRi2LRB3UTwUXMni/eM2Dco4RA/RljvxP2Z9MdjrqO1FZJV2X2ACIKVvUVxQ7vRJqSddzs5IO8bwJ5FORoH/zl/hxLXBnMkhPLbiXXTNgMvQBNJXVvMlwPvNKBP54zakEV1t7or+uUPm4AHZV/g+18Y73rTz10prjmdlywm0rLKhsWcqT7vFVNOrf0b7TUw3DtjMz5fQVt9rLoQJV0RUak4KQHSlJEnHaPWSMgtZ2fylVfBtMyIp1Q8WQ1D1j3BtW1u7lv017Ji35nSGRWWSDCL/t7aLxNvfTP9nM4y7YHGA7nvpWzeruMc4Z24eEe717zf1syw43qvtLw7AgMBAAGjXjBcMB0GA1UdDgQWBBR9sg6F+KfYjCaJx4mVHUvdbUbC+jA7BgNVHREENDAyghFpZHAuc3ZlbGVndGVzdC5zZYYdaHR0cHM6Ly9pZHAuc3ZlbGVndGVzdC5zZS9pZHAwDQYJKoZIhvcNAQELBQADggEBADh81fersDrGsoretj8NzRn7Ff7/XE2h35ctMGDUFFttmvO1M2wO3iL412JFWVeXMrq4wHsvOnKFGVdnt1AkYRqFrUOkOA4YPduA/dguhVzid4399+a5rwpo+zanEMGw56Z2qnHomwOtUldYFiqeQHnDtviQjPUObW1J0MWMg46lGOUfM9z8blI7JWkwzcRsk8HkwqbMUgFVe4TH5Mftozo/hza6CZBqqRY+6yFx4ORIDoYZWPcSYKlO2GcnpBK5s0X2wv4UktpIs8GAUa36e9qN7H2Uno+/UH+c5J4Ng5VumMQmTVOm0fG+I0u33tjOY4S/UVX0/ir/froXp1O3l/w=</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="encryption" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIDJDCCAgygAwIBAgIUE9Ed7iaZQARLB0/bFaPXwwUSBY8wDQYJKoZIhvcNAQELBQAwHDEaMBgGA1UEAwwRaWRwLnN2ZWxlZ3Rlc3Quc2UwHhcNMTYwOTEwMTAxNzA1WhcNMzYwOTEwMTAxNzA1WjAcMRowGAYDVQQDDBFpZHAuc3ZlbGVndGVzdC5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK0qTFerVx3p4rk7trhMOf6KC9c1+Rq7w1oqTis/ml/ooMRzVmfHmDQTGwoKTIY25R/bSeqoTJEshA8nZw48fCr1jgNVyBxRGIGbFMXazAg/tH3EyiKxXtUnKtOpawx7+sV5uNwq/6i2n2euGFPbRkOclYNjCd0UYK6BgxKsX7XFDkQygggOI8jXe4LmPu36e9zOJ37QLWou2EdLSiNYqX38Mrps20oxG1Imy1O4pKTTV0zUtis/ujKrk/zlSkQEhwH0lW+UT0J0k9Drohj4xq+r7SDWSyGDN32W3DlLGKsdssmClU/xEJl1slyy1O51L51ETpCc02xarrbid9Swzj8CAwEAAaNeMFwwHQYDVR0OBBYEFAGh74d7hApkF8IZ5ZVGy6rblI1WMDsGA1UdEQQ0MDKCEWlkcC5zdmVsZWd0ZXN0LnNlhh1odHRwczovL2lkcC5zdmVsZWd0ZXN0LnNlL2lkcDANBgkqhkiG9w0BAQsFAAOCAQEAW8dvmOcr2e8R5E0O97GM+dCkmd6f2v8MF+yHwM/RHaip2PNZguIrYkQY291Mq6PT8gU/mZhDu1xDOF7pjlroZyWJanlT7m33xvI6mUHK4GCNgmC5AkG1ZFmYS8zQLH/gYLFbn3+v7uMg14MDPhA8Z0+zFGN9o+DPTZg2m8XkvM4Biyu0s0OYrWeAMfgrhcFX1/u6j8vTIcqS9xH6RKC2sAqsDCD9e5V6cfUvsUxGdR1sAN2aAD5iMQLc/6TO0u9jcVTWaNxfd8kk0pyILNYU1zWOn/b6rke/trVDW9mnFH106/gUq4ZLzd3aY5ZUeyJkKZaJobbifsdO1huOpl67UQ==</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
            <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
            <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
            <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
            <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
        </md:KeyDescriptor>
        <md:NameIDFormat xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://eid.litsec.se/idp/profile/SAML2/Redirect/SSO" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://eid.litsec.se/idp/profile/SAML2/POST/SSO" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"/>
    </IDPSSODescriptor>
    <Organization>
        <OrganizationName xml:lang="en">Litsec AB</OrganizationName>
        <OrganizationName xml:lang="sv">Litsec AB</OrganizationName>
        <OrganizationDisplayName xml:lang="en">Litsec AB</OrganizationDisplayName>
        <OrganizationDisplayName xml:lang="sv">Litsec AB</OrganizationDisplayName>
        <OrganizationURL xml:lang="en">http://www.litsec.se</OrganizationURL>
    </Organization>
    <ContactPerson contactType="technical">
        <Company>Litsec AB</Company>
        <GivenName>Martin</GivenName>
        <SurName>Lindström</SurName>
        <EmailAddress>martin.lindstrom@litsec.se</EmailAddress>
        <TelephoneNumber>+46 (0)70 361 98 80</TelephoneNumber>
    </ContactPerson>
    <ContactPerson contactType="support">
        <Company>Litsec AB</Company>
        <GivenName>Martin</GivenName>
        <SurName>Lindström</SurName>
        <EmailAddress>martin.lindstrom@litsec.se</EmailAddress>
        <TelephoneNumber>+46 (0)70 361 98 80</TelephoneNumber>
    </ContactPerson>
</EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

EntityCategory-IdP

This Identity Provider has the following EntityCategory values for LoA and attribute profile:

-	*http://id.elegnamnden.se/ec/1.0/loa2-pnr*
-	*http://id.elegnamnden.se/ec/1.0/loa3-pnr*
-	*http://id.elegnamnden.se/ec/1.0/loa4-pnr*
-	*http://id.elegnamnden.se/ec/1.0/eidas-pnr-delivery*

ERROR

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa2-pnr" does not have the required complementary EntityCategory value "http://id.swedenconnect.se/ec/1.0/loa2-name"

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa2-pnr" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/loa2

ERROR

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa3-pnr" does not have the required complementary EntityCategory value "http://id.swedenconnect.se/ec/1.0/loa3-name"

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa3-pnr" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/loa3

ERROR

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa4-pnr" does not have the required complementary EntityCategory value "http://id.swedenconnect.se/ec/1.0/loa4-name"

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa4-pnr" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/loa4

EntityCategory-Consistency

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: Litsec Test IdP*
-	*en: Litsec Test IdP*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: Litsec Test IdP*
-	*en: Litsec Test IdP*

MDUI-Logotype

Working logotypes present:

H:64	W:64	Type:SVG
H:43	W:171	Type:SVG

MDUI-Logotype

At least one logo contains vector graphic of type SVG. This gives the best expected UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/loa2

- http://id.elegnamnden.se/loa/1.0/loa3

- http://id.elegnamnden.se/loa/1.0/loa4

- http://id.elegnamnden.se/loa/1.0/eidas-nf-low

- http://id.elegnamnden.se/loa/1.0/eidas-nf-sub

- http://id.elegnamnden.se/loa/1.0/eidas-nf-high

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.elegnamnden.se/loa/1.0/loa2

- http://id.elegnamnden.se/loa/1.0/loa3

- http://id.elegnamnden.se/loa/1.0/loa4

- http://id.elegnamnden.se/loa/1.0/eidas-nf-low

- http://id.elegnamnden.se/loa/1.0/eidas-nf-sub

- http://id.elegnamnden.se/loa/1.0/eidas-nf-high

ERROR

LOA-Holder-of-key

This IdP has declared support for LoA 4 but no SingleSignOnService supporting holder-of-key is present
A SingleSignOnService with the Binding urn:oasis:names:tc:SAML:2.0:profiles:holder-of-key:SSO:browser must be present

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value http://eid.litsec.se/testidp is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Litsec AB)

CONTACT-SUPP

Support contact e-mail (martin.lindstrom@litsec.se) is present

CONTACT-TECH

Technical contact e-mail (martin.lindstrom@litsec.se) is present

EIDAS-IdP

This IdP is configured to support the eIDAS proxy service through appropriate EntityCategory declarations and supports eIDAS LoA levels

MobilityGuard (https://eidas.extdevel.mobilityguard.se/saml/idp/eidas) (3) (1)

MobilityGuard (https://eidas.extdevel.mobilityguard.se/saml/idp/eidas)

(3)

(1)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="https://eidas.extdevel.mobilityguard.se/saml/idp/eidas" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml2:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/eidas-naturalperson</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-sub</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-sub-sigm</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-nf-sub</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-nf-sub-sigm</saml2:AttributeValue>
            </saml2:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <md:IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">MobilityGuard Test IDP</mdui:DisplayName>
                <mdui:DisplayName xml:lang="sv">MobilityGuard Test IDP</mdui:DisplayName>
                <mdui:Description xml:lang="en">MobilityGuard Test IDP</mdui:Description>
                <mdui:Description xml:lang="sv">MobilityGuard Test IDP</mdui:Description>
                <mdui:Logo height="66" width="76" xml:lang="en">https://www.mobilityguard.com/wp-content/themes/mblty/images/mobilityguard-uam-logo.svg</mdui:Logo>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIFczCCA1ugAwIBAgIIe/e3t0uTzDkwDQYJKoZIhvcNAQELBQAwKjEoMCYGA1UEAxMfZWlkYXMu
ZXh0ZGV2ZWwubW9iaWxpdHlndWFyZC5zZTAeFw0xODA0MjMxNDA4MDBaFw0yMzA0MjMxNDA4MDBa
MCoxKDAmBgNVBAMTH2VpZGFzLmV4dGRldmVsLm1vYmlsaXR5Z3VhcmQuc2UwggIiMA0GCSqGSIb3
DQEBAQUAA4ICDwAwggIKAoICAQC96ceJ38YUyYCvYvEUHvqhoIPjdfPQPmMGfqRv71pOCnyFbV3W
ztOYXrd7rCyoMuwW0HBsnBEbkz/f+FqLP4jtv/H03x/gkYjkZJTp2KVyAXhCf+7YzvUMdAZnRs8U
iPOJ/cv1ATpbiwmq7BuXMJoz0axjnTAI4WkEO1X6lW8ZRlHXY4VeCpJCoL1rwEK8UxI309mzbyZB
6FX0JVsH02wwG38tRl9360DhDWELHxtBv4Np8cRT9Vl6w6fVsnO2gHJJ5nEfFrRHsFPpuP4yAkF9
fUPcCwF7/ExiPJzD60PspKkQaDXdoORBKbuQRNN96p8dU/K9pPpKZ12E1EDx6SY72N2F56eMaLZM
1R0Iy0yxENMz5smgflVK6+lmviM5LmlXEJjdFzdjo16Ad+VmT4W2kKOt3crP20qvpxLJpGkyjndY
oY2Z4XM7P/iunOKs9//c3yjTShtKT8T2TSaSxoa14z4NZ6T6mRbLzzlJS+zL0LcMLTHg+CqL0gc/
4VnewyCgbDbcdW9ajIxJ6cOcU6zSQVR0RbDdZD8fcLuI6/v+mTsSDRHBECRbTlfB275HZL+kuA8o
T2PjfqUFh71D1gIHMAYwdZiZptmGMN7eFnKJ24tWImC54QZBdEoZWuwRDeCUl/k+60Kxn3GCHmaI
RdBN4GvzY+XlaOQNep4j4tm6KwIDAQABo4GcMIGZMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFBfh
bDvS5exTXqxYUb4s2kmgcCpiMAsGA1UdDwQEAwIF4DAqBgNVHREEIzAhgh9laWRhcy5leHRkZXZl
bC5tb2JpbGl0eWd1YXJkLnNlMBEGCWCGSAGG+EIBAQQEAwIGQDAeBglghkgBhvhCAQ0EERYPeGNh
IGNlcnRpZmljYXRlMA0GCSqGSIb3DQEBCwUAA4ICAQAPDipWnTmyPzETyUm/GQ4xp1kTQJ2xC8xf
wvPYFTz7bcN2QrXw4kesKfQ0nO3cWfvaBa8kuJqYsExYFiPIIDYaPWKJX9sJN81GLSbZsSWhO/FQ
vLLCrEBz87OYuiyy1VtNnd6pm0tt4LmqXMkSIg1iJEyuFloxLPB/dvJElEjW4PFUbBydwQ2tOa+/
Q/mWGWKqPQdMvi2DnqKs7wfQ+r4WZ5drVO2Z3P/uPlSCq+3QJbx2i+VjOa47RjWOqGwib6WI71sW
7kpfxMjwd1K6v4ZsiFfRzE15mvr0YFR7BGcsknSiZP683YWIB7OAh/Ln8oL5clB6LJ7cRAHyhOay
2ee9R5bza3/qvgxA8jKcxOn3jlk0p+ruMtEiEGTfpce2cDY8W+zGJ5yzkV1SY98Zu9D5anr8BccP
Vjl50NnpnzCZEWOdZK/PLUrAcrDy/qV2JdB5b8AdNiJVjQL9QgNlEi+jOo9HBDUKzgORryS1n7dF
U+xLMJJ0RaQsUa3GOda6Eux5ajhkNfVzKe/rTKe2zNNHHatLTEdM0PB89VSYEoFDAfDtZl9vk4t5
VBdHLIVEezBiaSVk/j8fuGPu25/sqSDZm1wJb1pR5vI6WbRUXzyhE/aYmXbCeAE+NEWeiznHIhIe
eYgmorvJMY+kjxo4MD+VUGx25LJ3nLbvS38OgisJEg==</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mg-local.extdevel.mobilityguard.se/samlv2/idp/sloreq/13/7?mgvhostparam=13" ResponseLocation="https://mg-local.extdevel.mobilityguard.se/samlv2/idp/sloresp/13/7?mgvhostparam=13"/>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://mg-local.extdevel.mobilityguard.se/samlv2/idp/sloreq/13/7?mgvhostparam=13" ResponseLocation="https://mg-local.extdevel.mobilityguard.se/samlv2/idp/sloresp/13/7?mgvhostparam=13"/>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mg-local.extdevel.mobilityguard.se/samlv2/idp/req/13/7?mgvhostparam=13"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://mg-local.extdevel.mobilityguard.se/samlv2/idp/req/13/7?mgvhostparam=13"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="en">MobilityGuard</md:OrganizationName>
        <md:OrganizationName xml:lang="sv">MobilityGuard</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="en">MobilityGuard AB</md:OrganizationDisplayName>
        <md:OrganizationDisplayName xml:lang="sv">MobilityGuard AB</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="en">https://www.mobilityguard.com</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="technical">
        <md:EmailAddress>support@mobilityguard.com</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="support">
        <md:EmailAddress>support@mobilityguard.com</md:EmailAddress>
    </md:ContactPerson>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

WARNING

Certificates

This service share the same certificate for signing and encryption

EntityCategory-IdP

This Identity Provider has the following EntityCategory values for LoA and attribute profile:

-	*http://id.elegnamnden.se/ec/1.0/eidas-naturalperson*

EntityCategory-Consistency

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: MobilityGuard Test IDP*
-	*en: MobilityGuard Test IDP*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: MobilityGuard Test IDP*
-	*en: MobilityGuard Test IDP*

ERROR

MDUI-Logotype

No working logotype are present in mdui

ERROR

MDUI-Logotype

The following errors were encountered while processing logotypes:

-	Logotype download from: *https://www.mobilityguard.com/wp-content/themes/mblty/images/mobilityguard-uam-logo.svg* failed with HTTP response code *404*

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/eidas-sub

- http://id.elegnamnden.se/loa/1.0/eidas-sub-sigm

- http://id.elegnamnden.se/loa/1.0/eidas-nf-sub

- http://id.elegnamnden.se/loa/1.0/eidas-nf-sub-sigm

ERROR

LOA

IdP declares the following deprecated Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/eidas-sub-sigm

- http://id.elegnamnden.se/loa/1.0/eidas-nf-sub-sigm

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://eidas.extdevel.mobilityguard.se/saml/idp/eidas is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (MobilityGuard)

CONTACT-SUPP

Support contact e-mail (support@mobilityguard.com) is present

CONTACT-TECH

Technical contact e-mail (support@mobilityguard.com) is present

EIDAS-Connector

This eIDAS Connector has appropriate EntityCategory declarations and supports eIDAS LoA levels.

Nexus Group IDP (https://test-idp.test.nexusgroup.com/mobiltbankid) (1) (1)

Nexus Group IDP (https://test-idp.test.nexusgroup.com/mobiltbankid)

(1)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="https://test-idp.test.nexusgroup.com/mobiltbankid" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3-sigmessage</saml:AttributeValue>
            </saml:Attribute>
            <saml:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/uncertified-loa3-pnr</saml:AttributeValue>
            </saml:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="sv">Nexus Group IDP - Mobilt BankID</mdui:DisplayName>
                <mdui:DisplayName xml:lang="en">Nexus Group IDP - Mobile BankID</mdui:DisplayName>
                <mdui:Description xml:lang="sv">Nexus Group IDP - Mobilt BankID</mdui:Description>
                <mdui:Description xml:lang="en">Nexus Group IDP - Mobile BankID</mdui:Description>
                <mdui:Logo height="69" width="149">https://test-idp.test.nexusgroup.com/wa/logo.png</mdui:Logo>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor use="signing">
            <xd:KeyInfo xmlns:xd="http://www.w3.org/2000/09/xmldsig#">
                <xd:X509Data>
                    <xd:X509Certificate>MIIEJjCCAw6gAwIBAgIBATANBgkqhkiG9w0BAQsFADCBnTELMAkGA1UEBhMCTVkxFDASBgNVBAgTC015IFByb3ZpbmNlMRAwDgYDVQQHEwdNeSBDaXR5MRMwEQYDVQQKEwpNeSBDb21wYW55MRMwEQYDVQQLEwpNeSBTZWN0aW9uMRkwFwYDVQQDExB3d3cubXljb21wYW55Lm15MSEwHwYJKoZIhvcNAQkBFhJlbWFpbC5teWNvbXBhbnkubXkwHhcNMTUwNzA4MTUwMDAwWhcNMjUwNzA1MTUwMDAwWjCBnTELMAkGA1UEBhMCTVkxFDASBgNVBAgTC015IFByb3ZpbmNlMRAwDgYDVQQHEwdNeSBDaXR5MRMwEQYDVQQKEwpNeSBDb21wYW55MRMwEQYDVQQLEwpNeSBTZWN0aW9uMRkwFwYDVQQDExB3d3cubXljb21wYW55Lm15MSEwHwYJKoZIhvcNAQkBFhJlbWFpbC5teWNvbXBhbnkubXkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfcvbxwincw8qSQPcZgyfni3chrRq5nhqkPRzMesreZdNSR2OR0Z8PU+JSe6YPZpubi8R22zfiE6d1CMYm6/cU+uc0dS7KPKSZjj4pSuobGxwanyOgiMFgbihBK5RmjXzJ+25jHUqqHsIqbHK10i5900zaKMRGIJps+gUbBlkU9KMUpGQQh8RH8VNhaDFIUMIOi1Yd7LvEVWBe1h3cJjvPR5NGgoxFniNxrbSYUzZgxzNjmyBCiZEInxdeK2IbbFmXrfuTN0CnmwblvG0Etk2J/koVf8TT0ANF2tSuxezxBJtagCikHLAIexNENLslFsYKV2xerbYLYNnt5mEN2Z4fAgMBAAGjbzBtMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFA9D31T01BN9kcFkXY/J+ydBgFnBMAsGA1UdDwQEAwIF4DARBglghkgBhvhCAQEEBAMCBkAwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTANBgkqhkiG9w0BAQsFAAOCAQEAI1mATsxD46D86RXxi8xY6bfFMjLIbXgOx7jE1UPROSZonr1Ut8SSZjxxb9C7WsCk1GisWi63nqKjBAFqVLK5zoCeWkyDoPFYg0bxSlctTtSbfsUTayRO0RQHdrOaa/VDzTELo4UnDN1wBkVH1ZOwj/iCXPDkByIo76pUXJm0djJMdIC5/U+cD5n+GLl0sJDjbvuBYSvFJnzjnOgv0LhF4POHHS6iAOyYsRRSt3X6ewRYEVnfAf3DWhmD/vixjVALbxCnnItk0Ud9KrCSi4Hp7Y03vk1phvqFcJA2ZrJaEo4ZpQ3WhTsSS78Uu2YsuY6gyXWe6gl4Z+vSMLVw8gxEDw==</xd:X509Certificate>
                </xd:X509Data>
            </xd:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="encryption">
            <xd:KeyInfo xmlns:xd="http://www.w3.org/2000/09/xmldsig#">
                <xd:X509Data>
                    <xd:X509Certificate>MIIEJjCCAw6gAwIBAgIBATANBgkqhkiG9w0BAQsFADCBnTELMAkGA1UEBhMCTVkxFDASBgNVBAgTC015IFByb3ZpbmNlMRAwDgYDVQQHEwdNeSBDaXR5MRMwEQYDVQQKEwpNeSBDb21wYW55MRMwEQYDVQQLEwpNeSBTZWN0aW9uMRkwFwYDVQQDExB3d3cubXljb21wYW55Lm15MSEwHwYJKoZIhvcNAQkBFhJlbWFpbC5teWNvbXBhbnkubXkwHhcNMTUwNzA4MTUwMDAwWhcNMjUwNzA1MTUwMDAwWjCBnTELMAkGA1UEBhMCTVkxFDASBgNVBAgTC015IFByb3ZpbmNlMRAwDgYDVQQHEwdNeSBDaXR5MRMwEQYDVQQKEwpNeSBDb21wYW55MRMwEQYDVQQLEwpNeSBTZWN0aW9uMRkwFwYDVQQDExB3d3cubXljb21wYW55Lm15MSEwHwYJKoZIhvcNAQkBFhJlbWFpbC5teWNvbXBhbnkubXkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfcvbxwincw8qSQPcZgyfni3chrRq5nhqkPRzMesreZdNSR2OR0Z8PU+JSe6YPZpubi8R22zfiE6d1CMYm6/cU+uc0dS7KPKSZjj4pSuobGxwanyOgiMFgbihBK5RmjXzJ+25jHUqqHsIqbHK10i5900zaKMRGIJps+gUbBlkU9KMUpGQQh8RH8VNhaDFIUMIOi1Yd7LvEVWBe1h3cJjvPR5NGgoxFniNxrbSYUzZgxzNjmyBCiZEInxdeK2IbbFmXrfuTN0CnmwblvG0Etk2J/koVf8TT0ANF2tSuxezxBJtagCikHLAIexNENLslFsYKV2xerbYLYNnt5mEN2Z4fAgMBAAGjbzBtMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFA9D31T01BN9kcFkXY/J+ydBgFnBMAsGA1UdDwQEAwIF4DARBglghkgBhvhCAQEEBAMCBkAwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTANBgkqhkiG9w0BAQsFAAOCAQEAI1mATsxD46D86RXxi8xY6bfFMjLIbXgOx7jE1UPROSZonr1Ut8SSZjxxb9C7WsCk1GisWi63nqKjBAFqVLK5zoCeWkyDoPFYg0bxSlctTtSbfsUTayRO0RQHdrOaa/VDzTELo4UnDN1wBkVH1ZOwj/iCXPDkByIo76pUXJm0djJMdIC5/U+cD5n+GLl0sJDjbvuBYSvFJnzjnOgv0LhF4POHHS6iAOyYsRRSt3X6ewRYEVnfAf3DWhmD/vixjVALbxCnnItk0Ud9KrCSi4Hp7Y03vk1phvqFcJA2ZrJaEo4ZpQ3WhTsSS78Uu2YsuY6gyXWe6gl4Z+vSMLVw8gxEDw==</xd:X509Certificate>
                </xd:X509Data>
            </xd:KeyInfo>
        </md:KeyDescriptor>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://test-idp.test.nexusgroup.com/wa/auth/saml/"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test-idp.test.nexusgroup.com/wa/auth/saml/"/>
    </md:IDPSSODescriptor>
    <Organization xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
        <OrganizationName xml:lang="sv">Nexus Group IDP</OrganizationName>
        <OrganizationName xml:lang="en">Nexus Group IDP</OrganizationName>
        <OrganizationDisplayName xml:lang="sv">Nexus Group IDP</OrganizationDisplayName>
        <OrganizationDisplayName xml:lang="en">Nexus Group IDP</OrganizationDisplayName>
        <OrganizationURL xml:lang="sv">https://www.nexusgroup.com</OrganizationURL>
        <OrganizationURL xml:lang="en">https://www.nexusgroup.com</OrganizationURL>
    </Organization>
    <ContactPerson contactType="support" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
        <GivenName>Managed</GivenName>
        <SurName>Services</SurName>
        <EmailAddress>managed.services@nexusgroup.com</EmailAddress>
    </ContactPerson>
    <ContactPerson contactType="technical" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
        <GivenName>Managed</GivenName>
        <SurName>Services</SurName>
        <EmailAddress>managed.services@nexusgroup.com</EmailAddress>
    </ContactPerson>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

WARNING

EntityCategory-IdP

This Identity Provider does not have an EntityCategory value for LoA and attribute profile.
It is recommended that IdP's have at least one EntityCategory value that indicates supported attributes

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: Nexus Group IDP - Mobilt BankID*
-	*en: Nexus Group IDP - Mobile BankID*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: Nexus Group IDP - Mobilt BankID*
-	*en: Nexus Group IDP - Mobile BankID*

MDUI-Logotype

Working logotypes present:

H:69

W:149

Type:PNG

MDUI-Logotype

All logotypes are OK but no vector graphic image of type SVG is present. Consider providing images in vector graphic for best UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3-sigmessage

ERROR

LOA

IdP declares the following deprecated Levels of Assurance:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3-sigmessage

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://test-idp.test.nexusgroup.com/mobiltbankid is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Nexus Group IDP)

CONTACT-SUPP

Support contact e-mail (managed.services@nexusgroup.com) is present

CONTACT-TECH

Technical contact e-mail (managed.services@nexusgroup.com) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

Pensionsmyndigheten (http://dev-bankididp.pensionsmyndigheten.se/bankid) (3)

Pensionsmyndigheten (http://dev-bankididp.pensionsmyndigheten.se/bankid)

(3)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="http://dev-bankididp.pensionsmyndigheten.se/bankid" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml2:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/sc/uncertified-loa3-pnr</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/general-ec/1.0/secure-authenticator-binding</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml2:AttributeValue>
            </saml2:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions>
            <psc:RequestedPrincipalSelection xmlns:psc="http://id.swedenconnect.se/authn/1.0/principal-selection/ns">
                <psc:MatchValue Name="urn:oid:1.2.752.29.4.13"/>
            </psc:RequestedPrincipalSelection>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="sv">BankID</mdui:DisplayName>
                <mdui:DisplayName xml:lang="en">BankID</mdui:DisplayName>
                <mdui:Description xml:lang="sv">SAML Identity Provider för BankID</mdui:Description>
                <mdui:Description xml:lang="en">SAML Identity Provider for BankID</mdui:Description>
                <mdui:Logo height="71" width="75">data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiIHN0YW5kYWxvbmU9Im5vIj8+DQo8c3ZnDQogICB4bWxuczpkYz0iaHR0cDovL3B1cmwub3JnL2RjL2VsZW1lbnRzLzEuMS8iDQogICB4bWxuczpjYz0iaHR0cDovL2NyZWF0aXZlY29tbW9ucy5vcmcvbnMjIg0KICAgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIg0KICAgeG1sbnM6c3ZnPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyINCiAgIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyINCiAgIGhlaWdodD0iMjk4Ljc5OTk5Ig0KICAgd2lkdGg9IjMxNS45MTE2NSINCiAgIHhtbDpzcGFjZT0icHJlc2VydmUiDQogICBlbmFibGUtYmFja2dyb3VuZD0ibmV3IDAgMCA1OTUuMyA4NDEuOSINCiAgIHZpZXdCb3g9IjAgMCAzMTUuOTExNjYgMjk4Ljc5OTk4Ig0KICAgeT0iMHB4Ig0KICAgeD0iMHB4Ig0KICAgaWQ9IkxhZ2VyXzEiDQogICB2ZXJzaW9uPSIxLjEiPjxtZXRhZGF0YQ0KICAgaWQ9Im1ldGFkYXRhMzEiPjxyZGY6UkRGPjxjYzpXb3JrDQogICAgICAgcmRmOmFib3V0PSIiPjxkYzpmb3JtYXQ+aW1hZ2Uvc3ZnK3htbDwvZGM6Zm9ybWF0PjxkYzp0eXBlDQogICAgICAgICByZGY6cmVzb3VyY2U9Imh0dHA6Ly9wdXJsLm9yZy9kYy9kY21pdHlwZS9TdGlsbEltYWdlIiAvPjxkYzp0aXRsZT48L2RjOnRpdGxlPjwvY2M6V29yaz48L3JkZjpSREY+PC9tZXRhZGF0YT48ZGVmcw0KICAgaWQ9ImRlZnMyOSIgLz4NCjxnDQogICB0cmFuc2Zvcm09InRyYW5zbGF0ZSgtMTQyLjIsLTI2Ny42KSINCiAgIGlkPSJnMjQiPg0KCTxwYXRoDQogICBzdHlsZT0iZmlsbDojNDc5Y2JlIg0KICAgaWQ9InBhdGgyIg0KICAgZD0ibSAyNDEuOSw0MjMuNiAxMy4yLC04My4yIGMgLTUuMiwwIC0xNC4xLDAgLTE0LjEsMCAtNi42LDAgLTE1LjEsLTMuNyAtMTcuNiwtMTAuNSAtMC44LC0yLjMgLTIuNywtMTAuMiA4LjIsLTE3LjkgMy45LC0yLjcgNi40LC01LjcgNi45LC04IDAuNSwtMi40IC0wLjEsLTQuNSAtMS44LC02LjEgLTIuNCwtMi4zIC03LjEsLTMuNiAtMTMuMSwtMy42IC0xMC4xLDAgLTE3LjIsNS44IC0xNy45LDEwIC0wLjUsMy4xIDEuOSw1LjYgNCw3LjIgNi4zLDQuNyA3LjgsMTEuNSAzLjksMTcuOSAtNCw2LjYgLTEyLjcsMTAuOSAtMjIsMTEgMCwwIC05LjIsMCAtMTQuNCwwIC0xLjIsOC4xIC0yMC44LDEzMi4zIC0yMi4zLDE0Mi4xIEggMjMzIGMgMC43LC00LjQgNC4zLC0yNy45IDkuMiwtNTguOSB6IiAvPg0KCTxwYXRoDQogICBzdHlsZT0iZmlsbDojMDBhNWMzIg0KICAgaWQ9InBhdGg0Ig0KICAgZD0iTSAzNDYuNSwyNjcuNiBIIDI2NyBsIC0xMC42LDY3LjMgaCAxMy41IGMgNy40LDAgMTQuNCwtMy40IDE3LjQsLTguMyAxLC0xLjYgMS40LC0zIDEuNCwtNC4zIDAsLTIuOCAtMS45LC00LjkgLTMuOCwtNi4zIC01LjIsLTMuOSAtNi4zLC04IC02LjMsLTEwLjkgMCwtMC42IDAsLTEuMSAwLjEsLTEuNiAxLjEsLTcuMSAxMC43LC0xNC44IDIzLjQsLTE0LjggNy42LDAgMTMuNCwxLjggMTYuOSw1LjEgMy4xLDIuOSA0LjMsNyAzLjQsMTEuMyAtMS4xLDUuMSAtNi4yLDkuMyAtOS4xLDExLjQgLTcuNyw1LjQgLTYuNywxMC4xIC02LjIsMTEuNSAxLjYsNC4yIDcuNyw2LjkgMTIuNCw2LjkgSCAzNDAgYyAwLDAgMCwwIDAsMC4xIDI4LDAuMiA0MywxMy4xIDM4LjMsNDMuMSAtNC40LDI3LjkgLTI1LjgsMzkuOSAtNTEuMyw0MC4xIGwgLTEwLjEsNjQuNCBoIDE0LjkgYyA2Mi45LDAgMTE0LjMsLTQwLjQgMTI0LjQsLTEwNC4yIDEyLjUsLTc5LjIgLTM3LjcsLTExMC44IC0xMDkuNywtMTEwLjggeiIgLz4NCgk8cGF0aA0KICAgc3R5bGU9ImZpbGw6IzIzNTk3MSINCiAgIGlkPSJwYXRoNiINCiAgIGQ9Ik0gMzQ2LjUsMjY3LjYgSCAyNjcgbCAtMTAuNiw2Ny4zIGggMTMuNSBjIDcuNCwwIDE0LjQsLTMuNCAxNy40LC04LjMgMSwtMS42IDEuNCwtMyAxLjQsLTQuMyAwLC0yLjggLTEuOSwtNC45IC0zLjgsLTYuMyAtNS4yLC0zLjkgLTYuMywtOCAtNi4zLC0xMC45IDAsLTAuNiAwLC0xLjEgMC4xLC0xLjYgMS4xLC03LjEgMTAuNywtMTQuOCAyMy40LC0xNC44IDcuNiwwIDEzLjQsMS44IDE2LjksNS4xIDMuMSwyLjkgNC4zLDcgMy40LDExLjMgLTEuMSw1LjEgLTYuMiw5LjMgLTkuMSwxMS40IC03LjcsNS40IC02LjcsMTAuMSAtNi4yLDExLjUgMS42LDQuMiA3LjcsNi45IDEyLjQsNi45IEggMzQwIGMgMCwwIDAsMCAwLDAuMSAyOCwwLjIgNDMsMTMuMSAzOC4zLDQzLjEgLTQuNCwyNy45IC0yNS44LDM5LjkgLTUxLjMsNDAuMSBsIC0xMC4xLDY0LjQgaCAxNC45IGMgNjIuOSwwIDExNC4zLC00MC40IDEyNC40LC0xMDQuMiAxMi41LC03OS4yIC0zNy43LC0xMTAuOCAtMTA5LjcsLTExMC44IHoiIC8+DQoJPGcNCiAgIGlkPSJnMTYiPg0KCQk8cGF0aA0KICAgc3R5bGU9ImZpbGw6IzIzNTk3MSINCiAgIGlkPSJwYXRoOCINCiAgIGQ9Im0gMTUwLjcsNTExLjIgaCAzMS45IGMgMTMuNiwwIDE2LjksNi45IDE1LjksMTMuMiAtMC44LDUuMSAtNC4zLDguOSAtMTAuMywxMS40IDcuNiwyLjkgMTAuNiw3LjQgOS41LDE0LjUgLTEuNCw4LjkgLTkuMSwxNS41IC0xOS4yLDE1LjUgaCAtMzYuMyB6IG0gMjEuMSwyMi42IGMgNi4yLDAgOS4xLC0zLjMgOS43LC03LjIgMC42LC00LjIgLTEuMywtNy4xIC03LjUsLTcuMSBoIC01LjUgbCAtMi4yLDE0LjMgeiBtIC0zLjQsMjMuNiBjIDYuNCwwIDEwLjEsLTIuNiAxMSwtNy45IDAuNywtNC42IC0xLjksLTcuMyAtOC4xLC03LjMgSCAxNjUgbCAtMi40LDE1LjMgaCA1LjggeiIgLz4NCgkJPHBhdGgNCiAgIHN0eWxlPSJmaWxsOiMyMzU5NzEiDQogICBpZD0icGF0aDEwIg0KICAgZD0ibSAyNDIuNCw1NjYuMiBjIC04LjMsMC42IC0xMi4zLC0wLjMgLTE0LjMsLTMuOSAtNC40LDIuNyAtOS4zLDQuMSAtMTQuNSw0LjEgLTkuNCwwIC0xMi43LC00LjkgLTExLjgsLTEwLjMgMC40LC0yLjYgMS45LC01LjEgNC4zLC03LjIgNS4yLC00LjUgMTgsLTUuMSAyMywtOC41IDAuNCwtMy44IC0xLjEsLTUuMiAtNS44LC01LjIgLTUuNSwwIC0xMC4xLDEuOCAtMTgsNy4yIGwgMS45LC0xMi40IGMgNi44LC00LjkgMTMuNCwtNy4yIDIxLC03LjIgOS43LDAgMTguMyw0IDE2LjcsMTQuNiBsIC0xLjksMTIgYyAtMC43LDQuMiAtMC41LDUuNSA0LjIsNS42IHogTSAyMjgsNTQ3LjQgYyAtNC40LDIuOCAtMTIuNiwyLjMgLTEzLjUsOC4xIC0wLjQsMi43IDEuMyw0LjcgNCw0LjcgMi42LDAgNS44LC0xLjEgOC40LC0yLjkgLTAuMiwtMSAtMC4xLC0yIDAuMiwtMy45IHoiIC8+DQoJCTxwYXRoDQogICBzdHlsZT0iZmlsbDojMjM1OTcxIg0KICAgaWQ9InBhdGgxMiINCiAgIGQ9Im0gMjU3LjksNTIzLjUgaCAxNi42IGwgLTAuOSw1LjUgYyA1LjMsLTQuNSA5LjMsLTYuMiAxNC41LC02LjIgOS4zLDAgMTMuNiw1LjcgMTIuMSwxNSBsIC00LjMsMjcuOSBoIC0xNi42IGwgMy42LC0yMy4xIGMgMC43LC00LjIgLTAuNiwtNi4yIC0zLjgsLTYuMiAtMi42LDAgLTUsMS40IC03LjMsNC41IGwgLTMuOCwyNC43IGggLTE2LjYgeiIgLz4NCgkJPHBhdGgNCiAgIHN0eWxlPSJmaWxsOiMyMzU5NzEiDQogICBpZD0icGF0aDE0Ig0KICAgZD0ibSAzMTMuMSw1MTEuMiBoIDE2LjYgbCAtNC4yLDI2LjggMTUuOSwtMTQuNSBoIDIwLjUgbCAtMjAuNCwxOCAxNi40LDI0LjIgSCAzMzcgbCAtMTIuNiwtMTkuNSBoIC0wLjIgbCAtMywxOS41IGggLTE2LjYgeiIgLz4NCgk8L2c+DQoJPGcNCiAgIGlkPSJnMjIiPg0KCQk8cGF0aA0KICAgc3R5bGU9ImZpbGw6IzQ3OWNiZSINCiAgIGlkPSJwYXRoMTgiDQogICBkPSJNIDM3MS45LDUxMS4yIEggMzkxIGwgLTguNCw1NC41IGggLTE5LjEgeiIgLz4NCgkJPHBhdGgNCiAgIHN0eWxlPSJmaWxsOiM0NzljYmUiDQogICBpZD0icGF0aDIwIg0KICAgZD0ibSA0MDAuMyw1MTEuMiBoIDI3LjMgYyAyMS4xLDAgMjcuMiwxNS4zIDI1LjIsMjggLTEuOSwxMi40IC0xMS43LDI2LjUgLTMwLjIsMjYuNSBoIC0zMC44IHogbSAxNy43LDQxLjUgYyA5LjMsMCAxNC40LC00LjYgMTUuOSwtMTQuMyAxLjEsLTcuMiAtMS4xLC0xNC4zIC0xMS40LC0xNC4zIGggLTUuMSBsIC00LjQsMjguNiB6IiAvPg0KCTwvZz4NCjwvZz4NCjwvc3ZnPg==</mdui:Logo>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor use="signing">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:KeyName>Signing</ds:KeyName>
                <ds:X509Data>
                    <ds:X509Certificate>MIIE6DCCAtCgAwIBAgIEXrLlVDANBgkqhkiG9w0BAQsFADA2MQswCQYDVQQGEwJTRTESMBAGA1UECgwJTGl0c2VjIEFCMRMwEQYDVQQDDApCYW5rSUQgSWRQMB4XDTIwMDUwNjE2MjcwMFoXDTIxMDUwNjE2MjcwMFowNjELMAkGA1UEBhMCU0UxEjAQBgNVBAoMCUxpdHNlYyBBQjETMBEGA1UEAwwKQmFua0lEIElkUDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALIT0JhNG52b2hP7KWk2R927vw6Wh5J3DLC3MfEEUX3lMXtJEGc6yaxM0MF5qPdfbEPkgOJgxSbQJIDbU2atRYK/bTTiJWsZPt/kS2iNOZf97XGA6wzDHBgjlx6XSjoywEXFLGAZKAaf2rwwsedUIBu6TuM6gzmUTFwtEe0b7LCAW2LXYsydJ83Zb5ZNf4kdabvbiq7gx+UEvyoI1VJXCoN2xlAJO1MfV8FyZQoUbXBUDAtXWODUDfys0i0AsNgvWkKtZ7/J+MnDwDU1ZFm9nr4KBCBeT4+GoWQVaUSRclLPpvzlTkIlxMgtWXLQe4mTSKCcpK9einrntTMtwXRMJ8V/VAVz9Kl46qAlQAds0ybTpXDpuy9n+fNP38+0WWb/rjHHHFQpYOeiGkFgkW8LuUjRF+/zflFnnLkoGYr3upwj8OkbkPaB5GQIPR3hIFd5oog6hIDwxyZaEue2bK1xqdwHefhXVUgPxwHsSWH5kNb7ib7doxMarBpk5dbhySI1zy2Sin0WVKy571tpxUAONWYvaE/yoKKdU78nEOGsAxybUWFQbDt/K5QyJHSyErk3sNIYd8uxq+JomHTB9iT+rq9DOOZlMDDogLjdYKWEcjswquweKIxmtdQ98OcKlpZHXvZToUChbn4vR+FflqP7cDqxhKEz3NZ7Wam8xOnHu53XAgMBAAEwDQYJKoZIhvcNAQELBQADggIBAJfapshmprhXv21+Wz73rV/krydhyRtxHSu7Ko7W17Bo9XSYNE4KNEIU8h+xMxB1Myknk/3yXuTn56bvopveBrMaPNOksaSkGeSwECKEm59AR//LO38JUmuYWfhmK1iUp0hl8Bx3KOeXoqAZbimS5d630uD9bHztrBIt1N6Ouq/XRL5eH1zsXuWUrYkXIlaCqZa32TXt7G7GiSljF7Mk8Gv915Du8F7XQT8eSKlane4zlqNbl0jKO4kIncQyeBlTRXAgKH+V/m+BVxiOfsTHAXU4/UwL8/EUqriiQ0ZsXMLUxJNEfu6zqvlWSURktUjADJawJ4wLtDG/Oh9lb+w0CT9AJak3wh/3S91DO2uUbk0anheAvqp2imp1ehPQqB9vBWspQ+FrecgOQPMaTYk7LQr7JpLEC1j4NuDjfRV33kNBnocZBeIj9qQoVQ6QRtTOii2VfW92XSIDNX5HC2uq31wDIOpJpVw1AZvpOrT1nw+8Pw2wHArprcierogbsDuxdsEFdcQf40OpbXJ7moyesMrzVLKqCVDXeBPxqboCEvnJJ2/l5kJp4BuoKGVYSdEpooGKsfK4q4okJerAtXaRs8ZUGHOYaha/pJ0vIYuO3q/tIwovNYgmS/l+T08GcyVnED7/tGTrYh0HDq2jqe+Exrr/BERn/pqPMPSdT0nIVbdC</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="encryption">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:KeyName>Encryption</ds:KeyName>
                <ds:X509Data>
                    <ds:X509Certificate>MIIE6DCCAtCgAwIBAgIEXrLllTANBgkqhkiG9w0BAQsFADA2MQswCQYDVQQGEwJTRTESMBAGA1UECgwJTGl0c2VjIEFCMRMwEQYDVQQDDApCYW5rSUQgSWRQMB4XDTIwMDUwNjE2MjgwNVoXDTIxMDUwNjE2MjgwNVowNjELMAkGA1UEBhMCU0UxEjAQBgNVBAoMCUxpdHNlYyBBQjETMBEGA1UEAwwKQmFua0lEIElkUDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMysD/CWCnYfrDicb80gbt7BA/63xbNRp687TT8hsJuVSG9LbYJwapqb76BcKjW7oES7JwBv1LUZFuO3b0kPsANdPiS2gJwp1lhQGIR5QseL7tbKJr+eih9PFSMgAfRwl0oHbVxS4UdJ6rm6uxrE2Til1Ksl+Cg69hn8ByovTO4Cphtn3wb2CZuN27+fWp69rTPbUm71Fnf/S51xLlFWIzSuD1WU+iM1OMdnC3mA46L2gdCOuVCxltbqF4tRS+35N5p2AH6gdC9jQ7zl/+SrEfk6LEnrDqkMPZc6elOo39AfDOlYAVlzzRS85r9vkyIFWCx+KdDGNs6E+gI1atR6/nbPMSf0NaxVMEv1MXw/DLHdzCusyLeF/3KU1EdW39qqjOQ9JT8Q4J43OrGXaoAEef1Vfc+OBLlM5Iv/NASknLXIptRG8ozXnyYwxk93hcXnLSBujzFk3U6HLP1z0qRP8ptqoD07UNNBLE81dAtQ2twkmVZwCcL/BxozztWQbyCEAoAAtq060evGl36G4E9JLUjle10dNpFkP1EBxOMYSJLH7Y7tF1ErKAeBqPkx9Q0lx5GhtK6k5EU/TjowFVDqPuEdV4QcrrKTdZpzVtXHYrJbsxDKPVcSOmeVq9VVCh/Z/w9vfJRiCbU3RXs6YZXlR9BPwp5FUGty8EzXL0GEc65jAgMBAAEwDQYJKoZIhvcNAQELBQADggIBAJ/RXUjwbKUZvU+/DFMoDOHMXvov9FY2ZiMt6RzDdEJnF04Qh+bAYbCmraeFfBz6+5vrjAwRGFuNzcOPrHa7wevOgJo9UdMwg+ngDu396IGFb1Yh0Cbz74ncfGEsltz1H1SqcFto/qs0OTrMWLqd9yFIYbHakXjPjQ+HLmQuTZluv6Xz+m5SWKbC3fm79RHFOnua/8FeMCYwopRkWyRfMXrrCGsUhrg/BZBtgNyMT2mktZlKJJUGM9LCm+0EkwOhXZR2puo2mvz0ZQgNUDAaHjzcDEMa8DkxWNYqWJWKJqkBNpu3KDJHBa3iL7Er5nkCw/7Gf1PDZYTcuxtZxibozxkHCzlqUHDYFaRUpK2LupXokDlsNmxvMHIbvtuFJa2mtKLR564wCACGHSV2lBYgl71my19zl7TrL7GRfMNTdYsNtew0nrmHKR3aeAlD89ehfporxB6T57Owrav7mx6J9a2/44xTn4Lt36xPBia27YUG5fWi/yhXt7SpjBQzfS9QVuOQ6GzVE0n3YDV5gHWfwGntd/cadNjhj0pKTtorzWVjt2pUEj3BTXPgleSIJ9Qe54qMP4gBOFCzQvaKVNqvmQRyOTeo7bKWF5zGVmW+jQBDg8kgw24FTJvLiWYxriPb1p36rsQw0i+92ax4Pzg57GbdQFspe5lBk3c2yO9mQZk1</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://dev-www.ppm.nu/service/bankididp/saml2/auth/redirect"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://dev-www.ppm.nu/service/bankididp/saml2/auth/post"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="sv">Pensionsmyndigheten</md:OrganizationName>
        <md:OrganizationName xml:lang="en">Swedish Pensions Agency</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="sv">Pensionsmyndigheten</md:OrganizationDisplayName>
        <md:OrganizationDisplayName xml:lang="en">Swedish Pensions Agency</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="sv">https://www.pensionsmyndigheten.se</md:OrganizationURL>
        <md:OrganizationURL xml:lang="en">https://www.pensionsmyndigheten.se</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="technical">
        <md:Company>Pensionsmyndigheten</md:Company>
        <md:EmailAddress>IT-Utv-WebbTeamCobraKai@pensionsmyndigheten.se</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="support">
        <md:Company>Pensionsmyndigheten</md:Company>
        <md:EmailAddress>IT-Utv-WebbTeamCobraKai@pensionsmyndigheten.se</md:EmailAddress>
    </md:ContactPerson>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

WARNING

Certificates

The certificate for signing has expired

WARNING

Certificates

The certificate for encryption has expired

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

WARNING

EntityCategory-IdP

This Identity Provider does not have an EntityCategory value for LoA and attribute profile.
It is recommended that IdP's have at least one EntityCategory value that indicates supported attributes

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: BankID*
-	*en: BankID*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: SAML Identity Provider för BankID*
-	*en: SAML Identity Provider for BankID*

MDUI-Logotype

Working logotypes present:

H:71

W:75

Type:SVG

MDUI-Logotype

At least one logo contains vector graphic of type SVG. This gives the best expected UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value http://dev-bankididp.pensionsmyndigheten.se/bankid is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Pensionsmyndigheten)

CONTACT-SUPP

Support contact e-mail (IT-Utv-WebbTeamCobraKai@pensionsmyndigheten.se) is present

CONTACT-TECH

Technical contact e-mail (IT-Utv-WebbTeamCobraKai@pensionsmyndigheten.se) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

Pensionsmyndigheten (https://amc-bankididp.pensionsmyndigheten.se/) (3)

Pensionsmyndigheten (https://amc-bankididp.pensionsmyndigheten.se/)

(3)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID=" https://amc-bankididp.pensionsmyndigheten.se/" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml2:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/sc/uncertified-loa3-pnr</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/general-ec/1.0/secure-authenticator-binding</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml2:AttributeValue>
            </saml2:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions>
            <psc:RequestedPrincipalSelection xmlns:psc="http://id.swedenconnect.se/authn/1.0/principal-selection/ns">
                <psc:MatchValue Name="urn:oid:1.2.752.29.4.13"/>
            </psc:RequestedPrincipalSelection>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="sv">BankID</mdui:DisplayName>
                <mdui:DisplayName xml:lang="en">BankID</mdui:DisplayName>
                <mdui:Description xml:lang="sv">SAML Identity Provider för BankID</mdui:Description>
                <mdui:Description xml:lang="en">SAML Identity Provider for BankID</mdui:Description>
                <mdui:Logo height="101" width="107">data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiIHN0YW5kYWxvbmU9Im5vIj8+DQo8c3ZnDQogICB4bWxuczpkYz0iaHR0cDovL3B1cmwub3JnL2RjL2VsZW1lbnRzLzEuMS8iDQogICB4bWxuczpjYz0iaHR0cDovL2NyZWF0aXZlY29tbW9ucy5vcmcvbnMjIg0KICAgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIg0KICAgeG1sbnM6c3ZnPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyINCiAgIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyINCiAgIGhlaWdodD0iMjk4Ljc5OTk5Ig0KICAgd2lkdGg9IjMxNS45MTE2NSINCiAgIHhtbDpzcGFjZT0icHJlc2VydmUiDQogICBlbmFibGUtYmFja2dyb3VuZD0ibmV3IDAgMCA1OTUuMyA4NDEuOSINCiAgIHZpZXdCb3g9IjAgMCAzMTUuOTExNjYgMjk4Ljc5OTk4Ig0KICAgeT0iMHB4Ig0KICAgeD0iMHB4Ig0KICAgaWQ9IkxhZ2VyXzEiDQogICB2ZXJzaW9uPSIxLjEiPjxtZXRhZGF0YQ0KICAgaWQ9Im1ldGFkYXRhMzEiPjxyZGY6UkRGPjxjYzpXb3JrDQogICAgICAgcmRmOmFib3V0PSIiPjxkYzpmb3JtYXQ+aW1hZ2Uvc3ZnK3htbDwvZGM6Zm9ybWF0PjxkYzp0eXBlDQogICAgICAgICByZGY6cmVzb3VyY2U9Imh0dHA6Ly9wdXJsLm9yZy9kYy9kY21pdHlwZS9TdGlsbEltYWdlIiAvPjxkYzp0aXRsZT48L2RjOnRpdGxlPjwvY2M6V29yaz48L3JkZjpSREY+PC9tZXRhZGF0YT48ZGVmcw0KICAgaWQ9ImRlZnMyOSIgLz4NCjxnDQogICB0cmFuc2Zvcm09InRyYW5zbGF0ZSgtMTQyLjIsLTI2Ny42KSINCiAgIGlkPSJnMjQiPg0KCTxwYXRoDQogICBzdHlsZT0iZmlsbDojNDc5Y2JlIg0KICAgaWQ9InBhdGgyIg0KICAgZD0ibSAyNDEuOSw0MjMuNiAxMy4yLC04My4yIGMgLTUuMiwwIC0xNC4xLDAgLTE0LjEsMCAtNi42LDAgLTE1LjEsLTMuNyAtMTcuNiwtMTAuNSAtMC44LC0yLjMgLTIuNywtMTAuMiA4LjIsLTE3LjkgMy45LC0yLjcgNi40LC01LjcgNi45LC04IDAuNSwtMi40IC0wLjEsLTQuNSAtMS44LC02LjEgLTIuNCwtMi4zIC03LjEsLTMuNiAtMTMuMSwtMy42IC0xMC4xLDAgLTE3LjIsNS44IC0xNy45LDEwIC0wLjUsMy4xIDEuOSw1LjYgNCw3LjIgNi4zLDQuNyA3LjgsMTEuNSAzLjksMTcuOSAtNCw2LjYgLTEyLjcsMTAuOSAtMjIsMTEgMCwwIC05LjIsMCAtMTQuNCwwIC0xLjIsOC4xIC0yMC44LDEzMi4zIC0yMi4zLDE0Mi4xIEggMjMzIGMgMC43LC00LjQgNC4zLC0yNy45IDkuMiwtNTguOSB6IiAvPg0KCTxwYXRoDQogICBzdHlsZT0iZmlsbDojMDBhNWMzIg0KICAgaWQ9InBhdGg0Ig0KICAgZD0iTSAzNDYuNSwyNjcuNiBIIDI2NyBsIC0xMC42LDY3LjMgaCAxMy41IGMgNy40LDAgMTQuNCwtMy40IDE3LjQsLTguMyAxLC0xLjYgMS40LC0zIDEuNCwtNC4zIDAsLTIuOCAtMS45LC00LjkgLTMuOCwtNi4zIC01LjIsLTMuOSAtNi4zLC04IC02LjMsLTEwLjkgMCwtMC42IDAsLTEuMSAwLjEsLTEuNiAxLjEsLTcuMSAxMC43LC0xNC44IDIzLjQsLTE0LjggNy42LDAgMTMuNCwxLjggMTYuOSw1LjEgMy4xLDIuOSA0LjMsNyAzLjQsMTEuMyAtMS4xLDUuMSAtNi4yLDkuMyAtOS4xLDExLjQgLTcuNyw1LjQgLTYuNywxMC4xIC02LjIsMTEuNSAxLjYsNC4yIDcuNyw2LjkgMTIuNCw2LjkgSCAzNDAgYyAwLDAgMCwwIDAsMC4xIDI4LDAuMiA0MywxMy4xIDM4LjMsNDMuMSAtNC40LDI3LjkgLTI1LjgsMzkuOSAtNTEuMyw0MC4xIGwgLTEwLjEsNjQuNCBoIDE0LjkgYyA2Mi45LDAgMTE0LjMsLTQwLjQgMTI0LjQsLTEwNC4yIDEyLjUsLTc5LjIgLTM3LjcsLTExMC44IC0xMDkuNywtMTEwLjggeiIgLz4NCgk8cGF0aA0KICAgc3R5bGU9ImZpbGw6IzIzNTk3MSINCiAgIGlkPSJwYXRoNiINCiAgIGQ9Ik0gMzQ2LjUsMjY3LjYgSCAyNjcgbCAtMTAuNiw2Ny4zIGggMTMuNSBjIDcuNCwwIDE0LjQsLTMuNCAxNy40LC04LjMgMSwtMS42IDEuNCwtMyAxLjQsLTQuMyAwLC0yLjggLTEuOSwtNC45IC0zLjgsLTYuMyAtNS4yLC0zLjkgLTYuMywtOCAtNi4zLC0xMC45IDAsLTAuNiAwLC0xLjEgMC4xLC0xLjYgMS4xLC03LjEgMTAuNywtMTQuOCAyMy40LC0xNC44IDcuNiwwIDEzLjQsMS44IDE2LjksNS4xIDMuMSwyLjkgNC4zLDcgMy40LDExLjMgLTEuMSw1LjEgLTYuMiw5LjMgLTkuMSwxMS40IC03LjcsNS40IC02LjcsMTAuMSAtNi4yLDExLjUgMS42LDQuMiA3LjcsNi45IDEyLjQsNi45IEggMzQwIGMgMCwwIDAsMCAwLDAuMSAyOCwwLjIgNDMsMTMuMSAzOC4zLDQzLjEgLTQuNCwyNy45IC0yNS44LDM5LjkgLTUxLjMsNDAuMSBsIC0xMC4xLDY0LjQgaCAxNC45IGMgNjIuOSwwIDExNC4zLC00MC40IDEyNC40LC0xMDQuMiAxMi41LC03OS4yIC0zNy43LC0xMTAuOCAtMTA5LjcsLTExMC44IHoiIC8+DQoJPGcNCiAgIGlkPSJnMTYiPg0KCQk8cGF0aA0KICAgc3R5bGU9ImZpbGw6IzIzNTk3MSINCiAgIGlkPSJwYXRoOCINCiAgIGQ9Im0gMTUwLjcsNTExLjIgaCAzMS45IGMgMTMuNiwwIDE2LjksNi45IDE1LjksMTMuMiAtMC44LDUuMSAtNC4zLDguOSAtMTAuMywxMS40IDcuNiwyLjkgMTAuNiw3LjQgOS41LDE0LjUgLTEuNCw4LjkgLTkuMSwxNS41IC0xOS4yLDE1LjUgaCAtMzYuMyB6IG0gMjEuMSwyMi42IGMgNi4yLDAgOS4xLC0zLjMgOS43LC03LjIgMC42LC00LjIgLTEuMywtNy4xIC03LjUsLTcuMSBoIC01LjUgbCAtMi4yLDE0LjMgeiBtIC0zLjQsMjMuNiBjIDYuNCwwIDEwLjEsLTIuNiAxMSwtNy45IDAuNywtNC42IC0xLjksLTcuMyAtOC4xLC03LjMgSCAxNjUgbCAtMi40LDE1LjMgaCA1LjggeiIgLz4NCgkJPHBhdGgNCiAgIHN0eWxlPSJmaWxsOiMyMzU5NzEiDQogICBpZD0icGF0aDEwIg0KICAgZD0ibSAyNDIuNCw1NjYuMiBjIC04LjMsMC42IC0xMi4zLC0wLjMgLTE0LjMsLTMuOSAtNC40LDIuNyAtOS4zLDQuMSAtMTQuNSw0LjEgLTkuNCwwIC0xMi43LC00LjkgLTExLjgsLTEwLjMgMC40LC0yLjYgMS45LC01LjEgNC4zLC03LjIgNS4yLC00LjUgMTgsLTUuMSAyMywtOC41IDAuNCwtMy44IC0xLjEsLTUuMiAtNS44LC01LjIgLTUuNSwwIC0xMC4xLDEuOCAtMTgsNy4yIGwgMS45LC0xMi40IGMgNi44LC00LjkgMTMuNCwtNy4yIDIxLC03LjIgOS43LDAgMTguMyw0IDE2LjcsMTQuNiBsIC0xLjksMTIgYyAtMC43LDQuMiAtMC41LDUuNSA0LjIsNS42IHogTSAyMjgsNTQ3LjQgYyAtNC40LDIuOCAtMTIuNiwyLjMgLTEzLjUsOC4xIC0wLjQsMi43IDEuMyw0LjcgNCw0LjcgMi42LDAgNS44LC0xLjEgOC40LC0yLjkgLTAuMiwtMSAtMC4xLC0yIDAuMiwtMy45IHoiIC8+DQoJCTxwYXRoDQogICBzdHlsZT0iZmlsbDojMjM1OTcxIg0KICAgaWQ9InBhdGgxMiINCiAgIGQ9Im0gMjU3LjksNTIzLjUgaCAxNi42IGwgLTAuOSw1LjUgYyA1LjMsLTQuNSA5LjMsLTYuMiAxNC41LC02LjIgOS4zLDAgMTMuNiw1LjcgMTIuMSwxNSBsIC00LjMsMjcuOSBoIC0xNi42IGwgMy42LC0yMy4xIGMgMC43LC00LjIgLTAuNiwtNi4yIC0zLjgsLTYuMiAtMi42LDAgLTUsMS40IC03LjMsNC41IGwgLTMuOCwyNC43IGggLTE2LjYgeiIgLz4NCgkJPHBhdGgNCiAgIHN0eWxlPSJmaWxsOiMyMzU5NzEiDQogICBpZD0icGF0aDE0Ig0KICAgZD0ibSAzMTMuMSw1MTEuMiBoIDE2LjYgbCAtNC4yLDI2LjggMTUuOSwtMTQuNSBoIDIwLjUgbCAtMjAuNCwxOCAxNi40LDI0LjIgSCAzMzcgbCAtMTIuNiwtMTkuNSBoIC0wLjIgbCAtMywxOS41IGggLTE2LjYgeiIgLz4NCgk8L2c+DQoJPGcNCiAgIGlkPSJnMjIiPg0KCQk8cGF0aA0KICAgc3R5bGU9ImZpbGw6IzQ3OWNiZSINCiAgIGlkPSJwYXRoMTgiDQogICBkPSJNIDM3MS45LDUxMS4yIEggMzkxIGwgLTguNCw1NC41IGggLTE5LjEgeiIgLz4NCgkJPHBhdGgNCiAgIHN0eWxlPSJmaWxsOiM0NzljYmUiDQogICBpZD0icGF0aDIwIg0KICAgZD0ibSA0MDAuMyw1MTEuMiBoIDI3LjMgYyAyMS4xLDAgMjcuMiwxNS4zIDI1LjIsMjggLTEuOSwxMi40IC0xMS43LDI2LjUgLTMwLjIsMjYuNSBoIC0zMC44IHogbSAxNy43LDQxLjUgYyA5LjMsMCAxNC40LC00LjYgMTUuOSwtMTQuMyAxLjEsLTcuMiAtMS4xLC0xNC4zIC0xMS40LC0xNC4zIGggLTUuMSBsIC00LjQsMjguNiB6IiAvPg0KCTwvZz4NCjwvZz4NCjwvc3ZnPg==</mdui:Logo>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor use="signing">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:KeyName>Signing</ds:KeyName>
                <ds:X509Data>
                    <ds:X509Certificate>MIIFjTCCA3WgAwIBAgIEKJXKhzANBgkqhkiG9w0BAQwFADB3MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xHDAaBgNVBAoTE1BlbnNpb25zbXluZGlnaGV0ZW4xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wHhcNMjAwNzAzMTUwNDAyWhcNMjAxMDAxMTUwNDAyWjB3MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xHDAaBgNVBAoTE1BlbnNpb25zbXluZGlnaGV0ZW4xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC+8eN1tCSNAHkKw/wWv7lJFadzw/FewTgxwT0mvPxHnG76E1hxlywFYVLjKLK4ddMwJDFjKTyXfwmA2HE0s0bYyfT1HqO4eT4lrvtSM6QZae4wVz3Ow6gk4CN5c8azHpl5in87UipwYcqxg04Mknr8uHZc+Ki1bYcivq3aTwh6Wv4TZ0OVCyEUxHqacCSs9Lhwf7avXFcWkhWIFNbxU86kNm/Vu2rq9UPh/pCThJhRkUwvQnrArYkiFoj/Qulr/pdJyzjcW/C908bqmdg+pWMOAssfHo0bUCAOnEnScIlid6EEKEhBwz5x2QgIRYDTgTYzmLUX8KWiT/NPmnQEUZU8O/seYJKE4VlZlJhIf+rTXITwRENVLhQvp8a7cnPZWcFmTXMyQJ2y86FDxfw+0uwbZrlmSl1eB0eLHrTHr2/y/Lb+6DOnbg3a3YDEj12lD9dZtEt7eMQJbpXaXws8GnfKOZgYpjnxOvIUqG5q94IsGeqVLGVHNwo68F9Nj4tAC9mRQAiE3Nw/Rh8Exx87z6f4UYtlpdw0CKfjnOgM8rpW7/yN650k9t/07dV3Qyuj78KyEHc1GH3HhUme/PfJP14W8okXHd6pgsekTeGP4k+lpwM1RABtW7oDwqjMqLNcUHtIInt4PJb6BCuPJd3huy2HWucdRHcZKFEVjCq46HkAmQIDAQABoyEwHzAdBgNVHQ4EFgQUp9ZUUMiQ9C3haNF6FwbJeE/tMF4wDQYJKoZIhvcNAQEMBQADggIBAHT0rF0Drt4OmjlRLBsiQASi0e68me12M4ZKpiigCxBEPrmY1cjClHaM6IXWOpVA0VLeSeRxEFUD3P4QQAYQGVrfsQubzsBIQi2+iXvnKRFQ+snEJEUYo3ZPjcJ0H9W3as1MuLIJw3mKkUA+u21jJpXIpmTIXUGYfiuBOOOVucwFrxAC7SQS2ZAPgDTE8pIoid3VipYHaquq916vTcmbgoBPmEzXFXPZXWuK4w5DlufqioSKoJ+pdq6yX26C03QTUMiiLRyVvYyZKCCSysubXYsdiPI6tDLgkVXPb1DA+DNUv3Ss/+qsYXUeVZLEB725lL9n1RQMxfp1a6ERfN5KCQaKObYDx6UzZWqIIttElUIruUTKGgNbJJebzOPDjmHhrxEge+VwXxf0I/wSThth/vkHRlUq08JJy55pwq23w+GdXNR2TSjRoBNDeu1ylLHHKSb5BykvJkALEkGHXM98IJPMuErqM+P5D9EGJmgh3uBR9XE2XHstlEBEKnVIevHmhnrNW3nWU0iZNDQwThLvug5nliozIeGRyIrqIoW3zfNwpxFyxvyVn1egz7Mu2HoaOwJZ2Jdcxd/DtTaskbEXOdgerhNCJnE/djNWVhuII54YI3jvl9uYcRyflUdixgc1Uz2saPi32uLt9Yu2So5NvEmHevK9egfRbyr2UimbLLHJ</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="encryption">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:KeyName>Encryption</ds:KeyName>
                <ds:X509Data>
                    <ds:X509Certificate>MIIFjTCCA3WgAwIBAgIEUxQP1TANBgkqhkiG9w0BAQwFADB3MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xHDAaBgNVBAoTE1BlbnNpb25zbXluZGlnaGV0ZW4xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wHhcNMjAwNzA2MDgwMzAxWhcNMjAxMDA0MDgwMzAxWjB3MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xHDAaBgNVBAoTE1BlbnNpb25zbXluZGlnaGV0ZW4xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCIPwJmtM0svEW5TbJcQuQHMDaMqF97JvEnqvvrOqJVOyRirQ7pf1sEIcjGe1edQS3W3MOX95fv8Ase8IHAwfus8xz3s0Eq7x3nyIEILJMDmF0iOC0us3F2AUtu0ceVtqYWZ+gD55wvFyy/dQAQyHF6hfV09cqaXg0zTWkpCxsKh6+4lhgMUQyqAcronEKIOUADHzqXRP6FOC+ZQw7DCeh6r3uTKbOx57K1fmj8Jn5S31EgvZ1tnIGmCuoTLC4dAu6YXkOIBaPFkZ9p6BPlWLMZ0eS05hRKaU4LK7BJDjmLdE6HirjRpdu8pQe9Ad/aOvrqIHvw51cS2HXhqto3MGL36A6ne0pKLJW1g10/5fhvQRspqMJsj5k8zzobv9iK8kx+OZlNUsuP2s+Xh33zjVqxXMeTzGPhCny6yBZClsRUCyQFCb0RtxXmSNMD0x1Np6bmkMc5xbR9laaZFUnfAnCX7qvPpu5g5uvWhIdS8S6GQRVse1ops14V4da5Hy/jw/Ci+1FeO956gTBAJb/K3W/NJMhh8Abxi2oTcqSADn0b05ii0l+EiNhdYXDVKWGUq97WzSdC59SCuJizKpzEkOIfNJWRVE7ZAp3uvGHEIKj8RTvWIWGxGKotMbdwJwHthzw4FtIyQ3qo0/EZI/Terz4QUEp6hSuBoc1bbDqphly/VQIDAQABoyEwHzAdBgNVHQ4EFgQU5M5xgdMltEF0O2QQMj3m7fyrEdkwDQYJKoZIhvcNAQEMBQADggIBADnt5T5GvYZpWSm5tYVk3wzNz9bLL8qXmTRZKT98/N7wJRYqlAwU/Jvrdjnsb84GTy909pXTkVlw+81qLh2TtzlTfKMs0saVbGRuW59aZ5uO/R5Ny2sQN8s1kc+tBYqz2YnXAIWcIShZX2FJfJR3SKVrcSOLO4KlEEtaf0evnqVmtpkg5qDNcwV1n5+sw5YeyJWPoAIGzePjLkfJH9TZ+15Su/agaUkXUxIbalA+ZQzyPHd8Vfa4CB2ZseA1+Hq/RLRNEYU8JxCQD9JSY7vwP7N01m95XJR8rXibRHhsLLxV0i1XcGvzvlBvx+Kz01w4EZrRYEzx+KqzK6irDsRjqlmEJ0Yw57YQNrrELEjDnb6TOqx8wQkwRL7ftnWAtjUKvk9+uJUIPiY69eCwCgxsFrbqIRNUIrjkhHhOu3JS+4I8W9HD1r/Q9t7EJ3pn5PT0gDTtQ+DirxgXVFWoe4p4Gp8tjM78tH4ljtGqxG5dibywrzPW7JyGHwRINp7wSn3i7e9BDT9NVIUvow0a80ZXQC3lWBj+U7kik1ZOz28xFMIW+wzAG+IZvYqvORjgBImIZqgBmQy0VqYduvjdFDkkjXdKdsdMstUp8itGhpaU8eMlMeA+Z1TAUq2Bl8zXvBQtoxqb26Ufl2bRWUhOd9oV7rTs2ahr99eAojDXh7o4F4uT</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://amc-bankididp.stt.pensionsmyndigheten.se/service/bankididp/saml2/auth/redirect"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://amc-bankididp.stt.pensionsmyndigheten.se/service/bankididp/saml2/auth/post"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="sv">Pensionsmyndigheten</md:OrganizationName>
        <md:OrganizationName xml:lang="en">Swedish Pensions Agency</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="sv">Pensionsmyndigheten</md:OrganizationDisplayName>
        <md:OrganizationDisplayName xml:lang="en">Swedish Pensions Agency</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="sv">https://www.pensionsmyndigheten.se</md:OrganizationURL>
        <md:OrganizationURL xml:lang="en">https://www.pensionsmyndigheten.se</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="technical">
        <md:Company>Pensionsmyndigheten</md:Company>
        <md:EmailAddress>IT-Utv-WebbTeamCobraKai@pensionsmyndigheten.se</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="support">
        <md:Company>Pensionsmyndigheten</md:Company>
        <md:EmailAddress>IT-Utv-WebbTeamCobraKai@pensionsmyndigheten.se</md:EmailAddress>
    </md:ContactPerson>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

WARNING

Certificates

The certificate for signing has expired

WARNING

Certificates

The certificate for encryption has expired

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

WARNING

EntityCategory-IdP

This Identity Provider does not have an EntityCategory value for LoA and attribute profile.
It is recommended that IdP's have at least one EntityCategory value that indicates supported attributes

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: BankID*
-	*en: BankID*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: SAML Identity Provider för BankID*
-	*en: SAML Identity Provider for BankID*

MDUI-Logotype

Working logotypes present:

H:101

W:107

Type:SVG

MDUI-Logotype

At least one logo contains vector graphic of type SVG. This gives the best expected UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://amc-bankididp.pensionsmyndigheten.se/ is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Pensionsmyndigheten)

CONTACT-SUPP

Support contact e-mail (IT-Utv-WebbTeamCobraKai@pensionsmyndigheten.se) is present

CONTACT-TECH

Technical contact e-mail (IT-Utv-WebbTeamCobraKai@pensionsmyndigheten.se) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

Pensionsmyndigheten (https://amn-bankididp.pensionsmyndigheten.se/) (3)

Pensionsmyndigheten (https://amn-bankididp.pensionsmyndigheten.se/)

(3)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="https://amn-bankididp.pensionsmyndigheten.se/" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml2:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/sc/uncertified-loa3-pnr</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/general-ec/1.0/secure-authenticator-binding</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/contract/pensionsmyndigheten</saml2:AttributeValue>
            </saml2:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions>
            <psc:RequestedPrincipalSelection xmlns:psc="http://id.swedenconnect.se/authn/1.0/principal-selection/ns">
                <psc:MatchValue Name="urn:oid:1.2.752.29.4.13"/>
            </psc:RequestedPrincipalSelection>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="sv">Pensionsmyndighetens BankID IdP</mdui:DisplayName>
                <mdui:DisplayName xml:lang="en">Swedish Pensions Agency BankID IdP</mdui:DisplayName>
                <mdui:Description xml:lang="sv">Pensionsmyndighetens SAML Identity Provider för BankID</mdui:Description>
                <mdui:Description xml:lang="en">Swedish Pensions Agency SAML Identity Provider for BankID</mdui:Description>
                <mdui:Logo height="135" width="292">https://www.pensionsmyndigheten.se/etc/designs/pm-base/images/pm-logo.svg</mdui:Logo>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor use="signing">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:KeyName>Signing</ds:KeyName>
                <ds:X509Data>
                    <ds:X509Certificate>MIIFjTCCA3WgAwIBAgIEKJXKhzANBgkqhkiG9w0BAQwFADB3MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xHDAaBgNVBAoTE1BlbnNpb25zbXluZGlnaGV0ZW4xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wHhcNMjAwNzAzMTUwNDAyWhcNMjAxMDAxMTUwNDAyWjB3MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xHDAaBgNVBAoTE1BlbnNpb25zbXluZGlnaGV0ZW4xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC+8eN1tCSNAHkKw/wWv7lJFadzw/FewTgxwT0mvPxHnG76E1hxlywFYVLjKLK4ddMwJDFjKTyXfwmA2HE0s0bYyfT1HqO4eT4lrvtSM6QZae4wVz3Ow6gk4CN5c8azHpl5in87UipwYcqxg04Mknr8uHZc+Ki1bYcivq3aTwh6Wv4TZ0OVCyEUxHqacCSs9Lhwf7avXFcWkhWIFNbxU86kNm/Vu2rq9UPh/pCThJhRkUwvQnrArYkiFoj/Qulr/pdJyzjcW/C908bqmdg+pWMOAssfHo0bUCAOnEnScIlid6EEKEhBwz5x2QgIRYDTgTYzmLUX8KWiT/NPmnQEUZU8O/seYJKE4VlZlJhIf+rTXITwRENVLhQvp8a7cnPZWcFmTXMyQJ2y86FDxfw+0uwbZrlmSl1eB0eLHrTHr2/y/Lb+6DOnbg3a3YDEj12lD9dZtEt7eMQJbpXaXws8GnfKOZgYpjnxOvIUqG5q94IsGeqVLGVHNwo68F9Nj4tAC9mRQAiE3Nw/Rh8Exx87z6f4UYtlpdw0CKfjnOgM8rpW7/yN650k9t/07dV3Qyuj78KyEHc1GH3HhUme/PfJP14W8okXHd6pgsekTeGP4k+lpwM1RABtW7oDwqjMqLNcUHtIInt4PJb6BCuPJd3huy2HWucdRHcZKFEVjCq46HkAmQIDAQABoyEwHzAdBgNVHQ4EFgQUp9ZUUMiQ9C3haNF6FwbJeE/tMF4wDQYJKoZIhvcNAQEMBQADggIBAHT0rF0Drt4OmjlRLBsiQASi0e68me12M4ZKpiigCxBEPrmY1cjClHaM6IXWOpVA0VLeSeRxEFUD3P4QQAYQGVrfsQubzsBIQi2+iXvnKRFQ+snEJEUYo3ZPjcJ0H9W3as1MuLIJw3mKkUA+u21jJpXIpmTIXUGYfiuBOOOVucwFrxAC7SQS2ZAPgDTE8pIoid3VipYHaquq916vTcmbgoBPmEzXFXPZXWuK4w5DlufqioSKoJ+pdq6yX26C03QTUMiiLRyVvYyZKCCSysubXYsdiPI6tDLgkVXPb1DA+DNUv3Ss/+qsYXUeVZLEB725lL9n1RQMxfp1a6ERfN5KCQaKObYDx6UzZWqIIttElUIruUTKGgNbJJebzOPDjmHhrxEge+VwXxf0I/wSThth/vkHRlUq08JJy55pwq23w+GdXNR2TSjRoBNDeu1ylLHHKSb5BykvJkALEkGHXM98IJPMuErqM+P5D9EGJmgh3uBR9XE2XHstlEBEKnVIevHmhnrNW3nWU0iZNDQwThLvug5nliozIeGRyIrqIoW3zfNwpxFyxvyVn1egz7Mu2HoaOwJZ2Jdcxd/DtTaskbEXOdgerhNCJnE/djNWVhuII54YI3jvl9uYcRyflUdixgc1Uz2saPi32uLt9Yu2So5NvEmHevK9egfRbyr2UimbLLHJ</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="encryption">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:KeyName>Encryption</ds:KeyName>
                <ds:X509Data>
                    <ds:X509Certificate>MIIFjTCCA3WgAwIBAgIEUxQP1TANBgkqhkiG9w0BAQwFADB3MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xHDAaBgNVBAoTE1BlbnNpb25zbXluZGlnaGV0ZW4xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wHhcNMjAwNzA2MDgwMzAxWhcNMjAxMDA0MDgwMzAxWjB3MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xHDAaBgNVBAoTE1BlbnNpb25zbXluZGlnaGV0ZW4xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCIPwJmtM0svEW5TbJcQuQHMDaMqF97JvEnqvvrOqJVOyRirQ7pf1sEIcjGe1edQS3W3MOX95fv8Ase8IHAwfus8xz3s0Eq7x3nyIEILJMDmF0iOC0us3F2AUtu0ceVtqYWZ+gD55wvFyy/dQAQyHF6hfV09cqaXg0zTWkpCxsKh6+4lhgMUQyqAcronEKIOUADHzqXRP6FOC+ZQw7DCeh6r3uTKbOx57K1fmj8Jn5S31EgvZ1tnIGmCuoTLC4dAu6YXkOIBaPFkZ9p6BPlWLMZ0eS05hRKaU4LK7BJDjmLdE6HirjRpdu8pQe9Ad/aOvrqIHvw51cS2HXhqto3MGL36A6ne0pKLJW1g10/5fhvQRspqMJsj5k8zzobv9iK8kx+OZlNUsuP2s+Xh33zjVqxXMeTzGPhCny6yBZClsRUCyQFCb0RtxXmSNMD0x1Np6bmkMc5xbR9laaZFUnfAnCX7qvPpu5g5uvWhIdS8S6GQRVse1ops14V4da5Hy/jw/Ci+1FeO956gTBAJb/K3W/NJMhh8Abxi2oTcqSADn0b05ii0l+EiNhdYXDVKWGUq97WzSdC59SCuJizKpzEkOIfNJWRVE7ZAp3uvGHEIKj8RTvWIWGxGKotMbdwJwHthzw4FtIyQ3qo0/EZI/Terz4QUEp6hSuBoc1bbDqphly/VQIDAQABoyEwHzAdBgNVHQ4EFgQU5M5xgdMltEF0O2QQMj3m7fyrEdkwDQYJKoZIhvcNAQEMBQADggIBADnt5T5GvYZpWSm5tYVk3wzNz9bLL8qXmTRZKT98/N7wJRYqlAwU/Jvrdjnsb84GTy909pXTkVlw+81qLh2TtzlTfKMs0saVbGRuW59aZ5uO/R5Ny2sQN8s1kc+tBYqz2YnXAIWcIShZX2FJfJR3SKVrcSOLO4KlEEtaf0evnqVmtpkg5qDNcwV1n5+sw5YeyJWPoAIGzePjLkfJH9TZ+15Su/agaUkXUxIbalA+ZQzyPHd8Vfa4CB2ZseA1+Hq/RLRNEYU8JxCQD9JSY7vwP7N01m95XJR8rXibRHhsLLxV0i1XcGvzvlBvx+Kz01w4EZrRYEzx+KqzK6irDsRjqlmEJ0Yw57YQNrrELEjDnb6TOqx8wQkwRL7ftnWAtjUKvk9+uJUIPiY69eCwCgxsFrbqIRNUIrjkhHhOu3JS+4I8W9HD1r/Q9t7EJ3pn5PT0gDTtQ+DirxgXVFWoe4p4Gp8tjM78tH4ljtGqxG5dibywrzPW7JyGHwRINp7wSn3i7e9BDT9NVIUvow0a80ZXQC3lWBj+U7kik1ZOz28xFMIW+wzAG+IZvYqvORjgBImIZqgBmQy0VqYduvjdFDkkjXdKdsdMstUp8itGhpaU8eMlMeA+Z1TAUq2Bl8zXvBQtoxqb26Ufl2bRWUhOd9oV7rTs2ahr99eAojDXh7o4F4uT</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://amn-bankididp.stt.pensionsmyndigheten.se/service/bankididp/saml2/auth/redirect"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://amn-bankididp.stt.pensionsmyndigheten.se/service/bankididp/saml2/auth/post"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="sv">Pensionsmyndigheten</md:OrganizationName>
        <md:OrganizationName xml:lang="en">Swedish Pensions Agency</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="sv">Pensionsmyndigheten</md:OrganizationDisplayName>
        <md:OrganizationDisplayName xml:lang="en">Swedish Pensions Agency</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="sv">https://www.pensionsmyndigheten.se</md:OrganizationURL>
        <md:OrganizationURL xml:lang="en">https://www.pensionsmyndigheten.se</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="technical">
        <md:Company>Pensionsmyndigheten</md:Company>
        <md:EmailAddress>pm-eid@pensionsmyndigheten.se</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="support">
        <md:Company>Pensionsmyndigheten</md:Company>
        <md:EmailAddress>pm-eid@pensionsmyndigheten.se</md:EmailAddress>
    </md:ContactPerson>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

WARNING

Certificates

The certificate for signing has expired

WARNING

Certificates

The certificate for encryption has expired

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

WARNING

EntityCategory-IdP

This Identity Provider does not have an EntityCategory value for LoA and attribute profile.
It is recommended that IdP's have at least one EntityCategory value that indicates supported attributes

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: Pensionsmyndighetens BankID IdP*
-	*en: Swedish Pensions Agency BankID IdP*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: Pensionsmyndighetens SAML Identity Provider för BankID*
-	*en: Swedish Pensions Agency SAML Identity Provider for BankID*

MDUI-Logotype

Working logotypes present:

H:135

W:292

Type:SVG

MDUI-Logotype

At least one logo contains vector graphic of type SVG. This gives the best expected UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://amn-bankididp.pensionsmyndigheten.se/ is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Pensionsmyndigheten)

CONTACT-SUPP

Support contact e-mail (pm-eid@pensionsmyndigheten.se) is present

CONTACT-TECH

Technical contact e-mail (pm-eid@pensionsmyndigheten.se) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

Pensionsmyndigheten (https://asc-bankididp.pensionsmyndigheten.se/) (3)

Pensionsmyndigheten (https://asc-bankididp.pensionsmyndigheten.se/)

(3)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="https://asc-bankididp.pensionsmyndigheten.se/" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml2:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/sc/uncertified-loa3-pnr</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/general-ec/1.0/secure-authenticator-binding</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml2:AttributeValue>
            </saml2:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions>
            <psc:RequestedPrincipalSelection xmlns:psc="http://id.swedenconnect.se/authn/1.0/principal-selection/ns">
                <psc:MatchValue Name="urn:oid:1.2.752.29.4.13"/>
            </psc:RequestedPrincipalSelection>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="sv">BankID</mdui:DisplayName>
                <mdui:DisplayName xml:lang="en">BankID</mdui:DisplayName>
                <mdui:Description xml:lang="sv">SAML Identity Provider för BankID</mdui:Description>
                <mdui:Description xml:lang="en">SAML Identity Provider for BankID</mdui:Description>
                <mdui:Logo height="101" width="107">data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiIHN0YW5kYWxvbmU9Im5vIj8+DQo8c3ZnDQogICB4bWxuczpkYz0iaHR0cDovL3B1cmwub3JnL2RjL2VsZW1lbnRzLzEuMS8iDQogICB4bWxuczpjYz0iaHR0cDovL2NyZWF0aXZlY29tbW9ucy5vcmcvbnMjIg0KICAgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIg0KICAgeG1sbnM6c3ZnPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyINCiAgIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyINCiAgIGhlaWdodD0iMjk4Ljc5OTk5Ig0KICAgd2lkdGg9IjMxNS45MTE2NSINCiAgIHhtbDpzcGFjZT0icHJlc2VydmUiDQogICBlbmFibGUtYmFja2dyb3VuZD0ibmV3IDAgMCA1OTUuMyA4NDEuOSINCiAgIHZpZXdCb3g9IjAgMCAzMTUuOTExNjYgMjk4Ljc5OTk4Ig0KICAgeT0iMHB4Ig0KICAgeD0iMHB4Ig0KICAgaWQ9IkxhZ2VyXzEiDQogICB2ZXJzaW9uPSIxLjEiPjxtZXRhZGF0YQ0KICAgaWQ9Im1ldGFkYXRhMzEiPjxyZGY6UkRGPjxjYzpXb3JrDQogICAgICAgcmRmOmFib3V0PSIiPjxkYzpmb3JtYXQ+aW1hZ2Uvc3ZnK3htbDwvZGM6Zm9ybWF0PjxkYzp0eXBlDQogICAgICAgICByZGY6cmVzb3VyY2U9Imh0dHA6Ly9wdXJsLm9yZy9kYy9kY21pdHlwZS9TdGlsbEltYWdlIiAvPjxkYzp0aXRsZT48L2RjOnRpdGxlPjwvY2M6V29yaz48L3JkZjpSREY+PC9tZXRhZGF0YT48ZGVmcw0KICAgaWQ9ImRlZnMyOSIgLz4NCjxnDQogICB0cmFuc2Zvcm09InRyYW5zbGF0ZSgtMTQyLjIsLTI2Ny42KSINCiAgIGlkPSJnMjQiPg0KCTxwYXRoDQogICBzdHlsZT0iZmlsbDojNDc5Y2JlIg0KICAgaWQ9InBhdGgyIg0KICAgZD0ibSAyNDEuOSw0MjMuNiAxMy4yLC04My4yIGMgLTUuMiwwIC0xNC4xLDAgLTE0LjEsMCAtNi42LDAgLTE1LjEsLTMuNyAtMTcuNiwtMTAuNSAtMC44LC0yLjMgLTIuNywtMTAuMiA4LjIsLTE3LjkgMy45LC0yLjcgNi40LC01LjcgNi45LC04IDAuNSwtMi40IC0wLjEsLTQuNSAtMS44LC02LjEgLTIuNCwtMi4zIC03LjEsLTMuNiAtMTMuMSwtMy42IC0xMC4xLDAgLTE3LjIsNS44IC0xNy45LDEwIC0wLjUsMy4xIDEuOSw1LjYgNCw3LjIgNi4zLDQuNyA3LjgsMTEuNSAzLjksMTcuOSAtNCw2LjYgLTEyLjcsMTAuOSAtMjIsMTEgMCwwIC05LjIsMCAtMTQuNCwwIC0xLjIsOC4xIC0yMC44LDEzMi4zIC0yMi4zLDE0Mi4xIEggMjMzIGMgMC43LC00LjQgNC4zLC0yNy45IDkuMiwtNTguOSB6IiAvPg0KCTxwYXRoDQogICBzdHlsZT0iZmlsbDojMDBhNWMzIg0KICAgaWQ9InBhdGg0Ig0KICAgZD0iTSAzNDYuNSwyNjcuNiBIIDI2NyBsIC0xMC42LDY3LjMgaCAxMy41IGMgNy40LDAgMTQuNCwtMy40IDE3LjQsLTguMyAxLC0xLjYgMS40LC0zIDEuNCwtNC4zIDAsLTIuOCAtMS45LC00LjkgLTMuOCwtNi4zIC01LjIsLTMuOSAtNi4zLC04IC02LjMsLTEwLjkgMCwtMC42IDAsLTEuMSAwLjEsLTEuNiAxLjEsLTcuMSAxMC43LC0xNC44IDIzLjQsLTE0LjggNy42LDAgMTMuNCwxLjggMTYuOSw1LjEgMy4xLDIuOSA0LjMsNyAzLjQsMTEuMyAtMS4xLDUuMSAtNi4yLDkuMyAtOS4xLDExLjQgLTcuNyw1LjQgLTYuNywxMC4xIC02LjIsMTEuNSAxLjYsNC4yIDcuNyw2LjkgMTIuNCw2LjkgSCAzNDAgYyAwLDAgMCwwIDAsMC4xIDI4LDAuMiA0MywxMy4xIDM4LjMsNDMuMSAtNC40LDI3LjkgLTI1LjgsMzkuOSAtNTEuMyw0MC4xIGwgLTEwLjEsNjQuNCBoIDE0LjkgYyA2Mi45LDAgMTE0LjMsLTQwLjQgMTI0LjQsLTEwNC4yIDEyLjUsLTc5LjIgLTM3LjcsLTExMC44IC0xMDkuNywtMTEwLjggeiIgLz4NCgk8cGF0aA0KICAgc3R5bGU9ImZpbGw6IzIzNTk3MSINCiAgIGlkPSJwYXRoNiINCiAgIGQ9Ik0gMzQ2LjUsMjY3LjYgSCAyNjcgbCAtMTAuNiw2Ny4zIGggMTMuNSBjIDcuNCwwIDE0LjQsLTMuNCAxNy40LC04LjMgMSwtMS42IDEuNCwtMyAxLjQsLTQuMyAwLC0yLjggLTEuOSwtNC45IC0zLjgsLTYuMyAtNS4yLC0zLjkgLTYuMywtOCAtNi4zLC0xMC45IDAsLTAuNiAwLC0xLjEgMC4xLC0xLjYgMS4xLC03LjEgMTAuNywtMTQuOCAyMy40LC0xNC44IDcuNiwwIDEzLjQsMS44IDE2LjksNS4xIDMuMSwyLjkgNC4zLDcgMy40LDExLjMgLTEuMSw1LjEgLTYuMiw5LjMgLTkuMSwxMS40IC03LjcsNS40IC02LjcsMTAuMSAtNi4yLDExLjUgMS42LDQuMiA3LjcsNi45IDEyLjQsNi45IEggMzQwIGMgMCwwIDAsMCAwLDAuMSAyOCwwLjIgNDMsMTMuMSAzOC4zLDQzLjEgLTQuNCwyNy45IC0yNS44LDM5LjkgLTUxLjMsNDAuMSBsIC0xMC4xLDY0LjQgaCAxNC45IGMgNjIuOSwwIDExNC4zLC00MC40IDEyNC40LC0xMDQuMiAxMi41LC03OS4yIC0zNy43LC0xMTAuOCAtMTA5LjcsLTExMC44IHoiIC8+DQoJPGcNCiAgIGlkPSJnMTYiPg0KCQk8cGF0aA0KICAgc3R5bGU9ImZpbGw6IzIzNTk3MSINCiAgIGlkPSJwYXRoOCINCiAgIGQ9Im0gMTUwLjcsNTExLjIgaCAzMS45IGMgMTMuNiwwIDE2LjksNi45IDE1LjksMTMuMiAtMC44LDUuMSAtNC4zLDguOSAtMTAuMywxMS40IDcuNiwyLjkgMTAuNiw3LjQgOS41LDE0LjUgLTEuNCw4LjkgLTkuMSwxNS41IC0xOS4yLDE1LjUgaCAtMzYuMyB6IG0gMjEuMSwyMi42IGMgNi4yLDAgOS4xLC0zLjMgOS43LC03LjIgMC42LC00LjIgLTEuMywtNy4xIC03LjUsLTcuMSBoIC01LjUgbCAtMi4yLDE0LjMgeiBtIC0zLjQsMjMuNiBjIDYuNCwwIDEwLjEsLTIuNiAxMSwtNy45IDAuNywtNC42IC0xLjksLTcuMyAtOC4xLC03LjMgSCAxNjUgbCAtMi40LDE1LjMgaCA1LjggeiIgLz4NCgkJPHBhdGgNCiAgIHN0eWxlPSJmaWxsOiMyMzU5NzEiDQogICBpZD0icGF0aDEwIg0KICAgZD0ibSAyNDIuNCw1NjYuMiBjIC04LjMsMC42IC0xMi4zLC0wLjMgLTE0LjMsLTMuOSAtNC40LDIuNyAtOS4zLDQuMSAtMTQuNSw0LjEgLTkuNCwwIC0xMi43LC00LjkgLTExLjgsLTEwLjMgMC40LC0yLjYgMS45LC01LjEgNC4zLC03LjIgNS4yLC00LjUgMTgsLTUuMSAyMywtOC41IDAuNCwtMy44IC0xLjEsLTUuMiAtNS44LC01LjIgLTUuNSwwIC0xMC4xLDEuOCAtMTgsNy4yIGwgMS45LC0xMi40IGMgNi44LC00LjkgMTMuNCwtNy4yIDIxLC03LjIgOS43LDAgMTguMyw0IDE2LjcsMTQuNiBsIC0xLjksMTIgYyAtMC43LDQuMiAtMC41LDUuNSA0LjIsNS42IHogTSAyMjgsNTQ3LjQgYyAtNC40LDIuOCAtMTIuNiwyLjMgLTEzLjUsOC4xIC0wLjQsMi43IDEuMyw0LjcgNCw0LjcgMi42LDAgNS44LC0xLjEgOC40LC0yLjkgLTAuMiwtMSAtMC4xLC0yIDAuMiwtMy45IHoiIC8+DQoJCTxwYXRoDQogICBzdHlsZT0iZmlsbDojMjM1OTcxIg0KICAgaWQ9InBhdGgxMiINCiAgIGQ9Im0gMjU3LjksNTIzLjUgaCAxNi42IGwgLTAuOSw1LjUgYyA1LjMsLTQuNSA5LjMsLTYuMiAxNC41LC02LjIgOS4zLDAgMTMuNiw1LjcgMTIuMSwxNSBsIC00LjMsMjcuOSBoIC0xNi42IGwgMy42LC0yMy4xIGMgMC43LC00LjIgLTAuNiwtNi4yIC0zLjgsLTYuMiAtMi42LDAgLTUsMS40IC03LjMsNC41IGwgLTMuOCwyNC43IGggLTE2LjYgeiIgLz4NCgkJPHBhdGgNCiAgIHN0eWxlPSJmaWxsOiMyMzU5NzEiDQogICBpZD0icGF0aDE0Ig0KICAgZD0ibSAzMTMuMSw1MTEuMiBoIDE2LjYgbCAtNC4yLDI2LjggMTUuOSwtMTQuNSBoIDIwLjUgbCAtMjAuNCwxOCAxNi40LDI0LjIgSCAzMzcgbCAtMTIuNiwtMTkuNSBoIC0wLjIgbCAtMywxOS41IGggLTE2LjYgeiIgLz4NCgk8L2c+DQoJPGcNCiAgIGlkPSJnMjIiPg0KCQk8cGF0aA0KICAgc3R5bGU9ImZpbGw6IzQ3OWNiZSINCiAgIGlkPSJwYXRoMTgiDQogICBkPSJNIDM3MS45LDUxMS4yIEggMzkxIGwgLTguNCw1NC41IGggLTE5LjEgeiIgLz4NCgkJPHBhdGgNCiAgIHN0eWxlPSJmaWxsOiM0NzljYmUiDQogICBpZD0icGF0aDIwIg0KICAgZD0ibSA0MDAuMyw1MTEuMiBoIDI3LjMgYyAyMS4xLDAgMjcuMiwxNS4zIDI1LjIsMjggLTEuOSwxMi40IC0xMS43LDI2LjUgLTMwLjIsMjYuNSBoIC0zMC44IHogbSAxNy43LDQxLjUgYyA5LjMsMCAxNC40LC00LjYgMTUuOSwtMTQuMyAxLjEsLTcuMiAtMS4xLC0xNC4zIC0xMS40LC0xNC4zIGggLTUuMSBsIC00LjQsMjguNiB6IiAvPg0KCTwvZz4NCjwvZz4NCjwvc3ZnPg==</mdui:Logo>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor use="signing">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:KeyName>Signing</ds:KeyName>
                <ds:X509Data>
                    <ds:X509Certificate>MIIFjTCCA3WgAwIBAgIEKJXKhzANBgkqhkiG9w0BAQwFADB3MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xHDAaBgNVBAoTE1BlbnNpb25zbXluZGlnaGV0ZW4xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wHhcNMjAwNzAzMTUwNDAyWhcNMjAxMDAxMTUwNDAyWjB3MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xHDAaBgNVBAoTE1BlbnNpb25zbXluZGlnaGV0ZW4xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC+8eN1tCSNAHkKw/wWv7lJFadzw/FewTgxwT0mvPxHnG76E1hxlywFYVLjKLK4ddMwJDFjKTyXfwmA2HE0s0bYyfT1HqO4eT4lrvtSM6QZae4wVz3Ow6gk4CN5c8azHpl5in87UipwYcqxg04Mknr8uHZc+Ki1bYcivq3aTwh6Wv4TZ0OVCyEUxHqacCSs9Lhwf7avXFcWkhWIFNbxU86kNm/Vu2rq9UPh/pCThJhRkUwvQnrArYkiFoj/Qulr/pdJyzjcW/C908bqmdg+pWMOAssfHo0bUCAOnEnScIlid6EEKEhBwz5x2QgIRYDTgTYzmLUX8KWiT/NPmnQEUZU8O/seYJKE4VlZlJhIf+rTXITwRENVLhQvp8a7cnPZWcFmTXMyQJ2y86FDxfw+0uwbZrlmSl1eB0eLHrTHr2/y/Lb+6DOnbg3a3YDEj12lD9dZtEt7eMQJbpXaXws8GnfKOZgYpjnxOvIUqG5q94IsGeqVLGVHNwo68F9Nj4tAC9mRQAiE3Nw/Rh8Exx87z6f4UYtlpdw0CKfjnOgM8rpW7/yN650k9t/07dV3Qyuj78KyEHc1GH3HhUme/PfJP14W8okXHd6pgsekTeGP4k+lpwM1RABtW7oDwqjMqLNcUHtIInt4PJb6BCuPJd3huy2HWucdRHcZKFEVjCq46HkAmQIDAQABoyEwHzAdBgNVHQ4EFgQUp9ZUUMiQ9C3haNF6FwbJeE/tMF4wDQYJKoZIhvcNAQEMBQADggIBAHT0rF0Drt4OmjlRLBsiQASi0e68me12M4ZKpiigCxBEPrmY1cjClHaM6IXWOpVA0VLeSeRxEFUD3P4QQAYQGVrfsQubzsBIQi2+iXvnKRFQ+snEJEUYo3ZPjcJ0H9W3as1MuLIJw3mKkUA+u21jJpXIpmTIXUGYfiuBOOOVucwFrxAC7SQS2ZAPgDTE8pIoid3VipYHaquq916vTcmbgoBPmEzXFXPZXWuK4w5DlufqioSKoJ+pdq6yX26C03QTUMiiLRyVvYyZKCCSysubXYsdiPI6tDLgkVXPb1DA+DNUv3Ss/+qsYXUeVZLEB725lL9n1RQMxfp1a6ERfN5KCQaKObYDx6UzZWqIIttElUIruUTKGgNbJJebzOPDjmHhrxEge+VwXxf0I/wSThth/vkHRlUq08JJy55pwq23w+GdXNR2TSjRoBNDeu1ylLHHKSb5BykvJkALEkGHXM98IJPMuErqM+P5D9EGJmgh3uBR9XE2XHstlEBEKnVIevHmhnrNW3nWU0iZNDQwThLvug5nliozIeGRyIrqIoW3zfNwpxFyxvyVn1egz7Mu2HoaOwJZ2Jdcxd/DtTaskbEXOdgerhNCJnE/djNWVhuII54YI3jvl9uYcRyflUdixgc1Uz2saPi32uLt9Yu2So5NvEmHevK9egfRbyr2UimbLLHJ</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="encryption">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:KeyName>Encryption</ds:KeyName>
                <ds:X509Data>
                    <ds:X509Certificate>MIIFjTCCA3WgAwIBAgIEUxQP1TANBgkqhkiG9w0BAQwFADB3MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xHDAaBgNVBAoTE1BlbnNpb25zbXluZGlnaGV0ZW4xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wHhcNMjAwNzA2MDgwMzAxWhcNMjAxMDA0MDgwMzAxWjB3MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xHDAaBgNVBAoTE1BlbnNpb25zbXluZGlnaGV0ZW4xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCIPwJmtM0svEW5TbJcQuQHMDaMqF97JvEnqvvrOqJVOyRirQ7pf1sEIcjGe1edQS3W3MOX95fv8Ase8IHAwfus8xz3s0Eq7x3nyIEILJMDmF0iOC0us3F2AUtu0ceVtqYWZ+gD55wvFyy/dQAQyHF6hfV09cqaXg0zTWkpCxsKh6+4lhgMUQyqAcronEKIOUADHzqXRP6FOC+ZQw7DCeh6r3uTKbOx57K1fmj8Jn5S31EgvZ1tnIGmCuoTLC4dAu6YXkOIBaPFkZ9p6BPlWLMZ0eS05hRKaU4LK7BJDjmLdE6HirjRpdu8pQe9Ad/aOvrqIHvw51cS2HXhqto3MGL36A6ne0pKLJW1g10/5fhvQRspqMJsj5k8zzobv9iK8kx+OZlNUsuP2s+Xh33zjVqxXMeTzGPhCny6yBZClsRUCyQFCb0RtxXmSNMD0x1Np6bmkMc5xbR9laaZFUnfAnCX7qvPpu5g5uvWhIdS8S6GQRVse1ops14V4da5Hy/jw/Ci+1FeO956gTBAJb/K3W/NJMhh8Abxi2oTcqSADn0b05ii0l+EiNhdYXDVKWGUq97WzSdC59SCuJizKpzEkOIfNJWRVE7ZAp3uvGHEIKj8RTvWIWGxGKotMbdwJwHthzw4FtIyQ3qo0/EZI/Terz4QUEp6hSuBoc1bbDqphly/VQIDAQABoyEwHzAdBgNVHQ4EFgQU5M5xgdMltEF0O2QQMj3m7fyrEdkwDQYJKoZIhvcNAQEMBQADggIBADnt5T5GvYZpWSm5tYVk3wzNz9bLL8qXmTRZKT98/N7wJRYqlAwU/Jvrdjnsb84GTy909pXTkVlw+81qLh2TtzlTfKMs0saVbGRuW59aZ5uO/R5Ny2sQN8s1kc+tBYqz2YnXAIWcIShZX2FJfJR3SKVrcSOLO4KlEEtaf0evnqVmtpkg5qDNcwV1n5+sw5YeyJWPoAIGzePjLkfJH9TZ+15Su/agaUkXUxIbalA+ZQzyPHd8Vfa4CB2ZseA1+Hq/RLRNEYU8JxCQD9JSY7vwP7N01m95XJR8rXibRHhsLLxV0i1XcGvzvlBvx+Kz01w4EZrRYEzx+KqzK6irDsRjqlmEJ0Yw57YQNrrELEjDnb6TOqx8wQkwRL7ftnWAtjUKvk9+uJUIPiY69eCwCgxsFrbqIRNUIrjkhHhOu3JS+4I8W9HD1r/Q9t7EJ3pn5PT0gDTtQ+DirxgXVFWoe4p4Gp8tjM78tH4ljtGqxG5dibywrzPW7JyGHwRINp7wSn3i7e9BDT9NVIUvow0a80ZXQC3lWBj+U7kik1ZOz28xFMIW+wzAG+IZvYqvORjgBImIZqgBmQy0VqYduvjdFDkkjXdKdsdMstUp8itGhpaU8eMlMeA+Z1TAUq2Bl8zXvBQtoxqb26Ufl2bRWUhOd9oV7rTs2ahr99eAojDXh7o4F4uT</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://asc-bankididp.stt.pensionsmyndigheten.se/service/bankididp/saml2/auth/redirect"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location=" https://asc-bankididp.stt.pensionsmyndigheten.se/service/bankididp/saml2/auth/post"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="sv">Pensionsmyndigheten</md:OrganizationName>
        <md:OrganizationName xml:lang="en">Swedish Pensions Agency</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="sv">Pensionsmyndigheten</md:OrganizationDisplayName>
        <md:OrganizationDisplayName xml:lang="en">Swedish Pensions Agency</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="sv">https://www.pensionsmyndigheten.se</md:OrganizationURL>
        <md:OrganizationURL xml:lang="en">https://www.pensionsmyndigheten.se</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="technical">
        <md:Company>Pensionsmyndigheten</md:Company>
        <md:EmailAddress>IT-Utv-WebbTeamCobraKai@pensionsmyndigheten.se</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="support">
        <md:Company>Pensionsmyndigheten</md:Company>
        <md:EmailAddress>IT-Utv-WebbTeamCobraKai@pensionsmyndigheten.se</md:EmailAddress>
    </md:ContactPerson>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

WARNING

Certificates

The certificate for signing has expired

WARNING

Certificates

The certificate for encryption has expired

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

WARNING

EntityCategory-IdP

This Identity Provider does not have an EntityCategory value for LoA and attribute profile.
It is recommended that IdP's have at least one EntityCategory value that indicates supported attributes

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: BankID*
-	*en: BankID*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: SAML Identity Provider för BankID*
-	*en: SAML Identity Provider for BankID*

MDUI-Logotype

Working logotypes present:

H:101

W:107

Type:SVG

MDUI-Logotype

At least one logo contains vector graphic of type SVG. This gives the best expected UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://asc-bankididp.pensionsmyndigheten.se/ is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Pensionsmyndigheten)

CONTACT-SUPP

Support contact e-mail (IT-Utv-WebbTeamCobraKai@pensionsmyndigheten.se) is present

CONTACT-TECH

Technical contact e-mail (IT-Utv-WebbTeamCobraKai@pensionsmyndigheten.se) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

Pensionsmyndigheten (https://bankididp.pst.pensionsmyndigheten.se/) (3)

Pensionsmyndigheten (https://bankididp.pst.pensionsmyndigheten.se/)

(3)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="https://bankididp.pst.pensionsmyndigheten.se/" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml2:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/sc/uncertified-loa3-pnr</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/general-ec/1.0/secure-authenticator-binding</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml2:AttributeValue>
            </saml2:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions>
            <psc:RequestedPrincipalSelection xmlns:psc="http://id.swedenconnect.se/authn/1.0/principal-selection/ns">
                <psc:MatchValue Name="urn:oid:1.2.752.29.4.13"/>
            </psc:RequestedPrincipalSelection>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="sv">BankID</mdui:DisplayName>
                <mdui:DisplayName xml:lang="en">BankID</mdui:DisplayName>
                <mdui:Description xml:lang="sv">SAML Identity Provider för BankID</mdui:Description>
                <mdui:Description xml:lang="en">SAML Identity Provider for BankID</mdui:Description>
                <mdui:Logo height="101" width="107">data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiIHN0YW5kYWxvbmU9Im5vIj8+DQo8c3ZnDQogICB4bWxuczpkYz0iaHR0cDovL3B1cmwub3JnL2RjL2VsZW1lbnRzLzEuMS8iDQogICB4bWxuczpjYz0iaHR0cDovL2NyZWF0aXZlY29tbW9ucy5vcmcvbnMjIg0KICAgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIg0KICAgeG1sbnM6c3ZnPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyINCiAgIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyINCiAgIGhlaWdodD0iMjk4Ljc5OTk5Ig0KICAgd2lkdGg9IjMxNS45MTE2NSINCiAgIHhtbDpzcGFjZT0icHJlc2VydmUiDQogICBlbmFibGUtYmFja2dyb3VuZD0ibmV3IDAgMCA1OTUuMyA4NDEuOSINCiAgIHZpZXdCb3g9IjAgMCAzMTUuOTExNjYgMjk4Ljc5OTk4Ig0KICAgeT0iMHB4Ig0KICAgeD0iMHB4Ig0KICAgaWQ9IkxhZ2VyXzEiDQogICB2ZXJzaW9uPSIxLjEiPjxtZXRhZGF0YQ0KICAgaWQ9Im1ldGFkYXRhMzEiPjxyZGY6UkRGPjxjYzpXb3JrDQogICAgICAgcmRmOmFib3V0PSIiPjxkYzpmb3JtYXQ+aW1hZ2Uvc3ZnK3htbDwvZGM6Zm9ybWF0PjxkYzp0eXBlDQogICAgICAgICByZGY6cmVzb3VyY2U9Imh0dHA6Ly9wdXJsLm9yZy9kYy9kY21pdHlwZS9TdGlsbEltYWdlIiAvPjxkYzp0aXRsZT48L2RjOnRpdGxlPjwvY2M6V29yaz48L3JkZjpSREY+PC9tZXRhZGF0YT48ZGVmcw0KICAgaWQ9ImRlZnMyOSIgLz4NCjxnDQogICB0cmFuc2Zvcm09InRyYW5zbGF0ZSgtMTQyLjIsLTI2Ny42KSINCiAgIGlkPSJnMjQiPg0KCTxwYXRoDQogICBzdHlsZT0iZmlsbDojNDc5Y2JlIg0KICAgaWQ9InBhdGgyIg0KICAgZD0ibSAyNDEuOSw0MjMuNiAxMy4yLC04My4yIGMgLTUuMiwwIC0xNC4xLDAgLTE0LjEsMCAtNi42LDAgLTE1LjEsLTMuNyAtMTcuNiwtMTAuNSAtMC44LC0yLjMgLTIuNywtMTAuMiA4LjIsLTE3LjkgMy45LC0yLjcgNi40LC01LjcgNi45LC04IDAuNSwtMi40IC0wLjEsLTQuNSAtMS44LC02LjEgLTIuNCwtMi4zIC03LjEsLTMuNiAtMTMuMSwtMy42IC0xMC4xLDAgLTE3LjIsNS44IC0xNy45LDEwIC0wLjUsMy4xIDEuOSw1LjYgNCw3LjIgNi4zLDQuNyA3LjgsMTEuNSAzLjksMTcuOSAtNCw2LjYgLTEyLjcsMTAuOSAtMjIsMTEgMCwwIC05LjIsMCAtMTQuNCwwIC0xLjIsOC4xIC0yMC44LDEzMi4zIC0yMi4zLDE0Mi4xIEggMjMzIGMgMC43LC00LjQgNC4zLC0yNy45IDkuMiwtNTguOSB6IiAvPg0KCTxwYXRoDQogICBzdHlsZT0iZmlsbDojMDBhNWMzIg0KICAgaWQ9InBhdGg0Ig0KICAgZD0iTSAzNDYuNSwyNjcuNiBIIDI2NyBsIC0xMC42LDY3LjMgaCAxMy41IGMgNy40LDAgMTQuNCwtMy40IDE3LjQsLTguMyAxLC0xLjYgMS40LC0zIDEuNCwtNC4zIDAsLTIuOCAtMS45LC00LjkgLTMuOCwtNi4zIC01LjIsLTMuOSAtNi4zLC04IC02LjMsLTEwLjkgMCwtMC42IDAsLTEuMSAwLjEsLTEuNiAxLjEsLTcuMSAxMC43LC0xNC44IDIzLjQsLTE0LjggNy42LDAgMTMuNCwxLjggMTYuOSw1LjEgMy4xLDIuOSA0LjMsNyAzLjQsMTEuMyAtMS4xLDUuMSAtNi4yLDkuMyAtOS4xLDExLjQgLTcuNyw1LjQgLTYuNywxMC4xIC02LjIsMTEuNSAxLjYsNC4yIDcuNyw2LjkgMTIuNCw2LjkgSCAzNDAgYyAwLDAgMCwwIDAsMC4xIDI4LDAuMiA0MywxMy4xIDM4LjMsNDMuMSAtNC40LDI3LjkgLTI1LjgsMzkuOSAtNTEuMyw0MC4xIGwgLTEwLjEsNjQuNCBoIDE0LjkgYyA2Mi45LDAgMTE0LjMsLTQwLjQgMTI0LjQsLTEwNC4yIDEyLjUsLTc5LjIgLTM3LjcsLTExMC44IC0xMDkuNywtMTEwLjggeiIgLz4NCgk8cGF0aA0KICAgc3R5bGU9ImZpbGw6IzIzNTk3MSINCiAgIGlkPSJwYXRoNiINCiAgIGQ9Ik0gMzQ2LjUsMjY3LjYgSCAyNjcgbCAtMTAuNiw2Ny4zIGggMTMuNSBjIDcuNCwwIDE0LjQsLTMuNCAxNy40LC04LjMgMSwtMS42IDEuNCwtMyAxLjQsLTQuMyAwLC0yLjggLTEuOSwtNC45IC0zLjgsLTYuMyAtNS4yLC0zLjkgLTYuMywtOCAtNi4zLC0xMC45IDAsLTAuNiAwLC0xLjEgMC4xLC0xLjYgMS4xLC03LjEgMTAuNywtMTQuOCAyMy40LC0xNC44IDcuNiwwIDEzLjQsMS44IDE2LjksNS4xIDMuMSwyLjkgNC4zLDcgMy40LDExLjMgLTEuMSw1LjEgLTYuMiw5LjMgLTkuMSwxMS40IC03LjcsNS40IC02LjcsMTAuMSAtNi4yLDExLjUgMS42LDQuMiA3LjcsNi45IDEyLjQsNi45IEggMzQwIGMgMCwwIDAsMCAwLDAuMSAyOCwwLjIgNDMsMTMuMSAzOC4zLDQzLjEgLTQuNCwyNy45IC0yNS44LDM5LjkgLTUxLjMsNDAuMSBsIC0xMC4xLDY0LjQgaCAxNC45IGMgNjIuOSwwIDExNC4zLC00MC40IDEyNC40LC0xMDQuMiAxMi41LC03OS4yIC0zNy43LC0xMTAuOCAtMTA5LjcsLTExMC44IHoiIC8+DQoJPGcNCiAgIGlkPSJnMTYiPg0KCQk8cGF0aA0KICAgc3R5bGU9ImZpbGw6IzIzNTk3MSINCiAgIGlkPSJwYXRoOCINCiAgIGQ9Im0gMTUwLjcsNTExLjIgaCAzMS45IGMgMTMuNiwwIDE2LjksNi45IDE1LjksMTMuMiAtMC44LDUuMSAtNC4zLDguOSAtMTAuMywxMS40IDcuNiwyLjkgMTAuNiw3LjQgOS41LDE0LjUgLTEuNCw4LjkgLTkuMSwxNS41IC0xOS4yLDE1LjUgaCAtMzYuMyB6IG0gMjEuMSwyMi42IGMgNi4yLDAgOS4xLC0zLjMgOS43LC03LjIgMC42LC00LjIgLTEuMywtNy4xIC03LjUsLTcuMSBoIC01LjUgbCAtMi4yLDE0LjMgeiBtIC0zLjQsMjMuNiBjIDYuNCwwIDEwLjEsLTIuNiAxMSwtNy45IDAuNywtNC42IC0xLjksLTcuMyAtOC4xLC03LjMgSCAxNjUgbCAtMi40LDE1LjMgaCA1LjggeiIgLz4NCgkJPHBhdGgNCiAgIHN0eWxlPSJmaWxsOiMyMzU5NzEiDQogICBpZD0icGF0aDEwIg0KICAgZD0ibSAyNDIuNCw1NjYuMiBjIC04LjMsMC42IC0xMi4zLC0wLjMgLTE0LjMsLTMuOSAtNC40LDIuNyAtOS4zLDQuMSAtMTQuNSw0LjEgLTkuNCwwIC0xMi43LC00LjkgLTExLjgsLTEwLjMgMC40LC0yLjYgMS45LC01LjEgNC4zLC03LjIgNS4yLC00LjUgMTgsLTUuMSAyMywtOC41IDAuNCwtMy44IC0xLjEsLTUuMiAtNS44LC01LjIgLTUuNSwwIC0xMC4xLDEuOCAtMTgsNy4yIGwgMS45LC0xMi40IGMgNi44LC00LjkgMTMuNCwtNy4yIDIxLC03LjIgOS43LDAgMTguMyw0IDE2LjcsMTQuNiBsIC0xLjksMTIgYyAtMC43LDQuMiAtMC41LDUuNSA0LjIsNS42IHogTSAyMjgsNTQ3LjQgYyAtNC40LDIuOCAtMTIuNiwyLjMgLTEzLjUsOC4xIC0wLjQsMi43IDEuMyw0LjcgNCw0LjcgMi42LDAgNS44LC0xLjEgOC40LC0yLjkgLTAuMiwtMSAtMC4xLC0yIDAuMiwtMy45IHoiIC8+DQoJCTxwYXRoDQogICBzdHlsZT0iZmlsbDojMjM1OTcxIg0KICAgaWQ9InBhdGgxMiINCiAgIGQ9Im0gMjU3LjksNTIzLjUgaCAxNi42IGwgLTAuOSw1LjUgYyA1LjMsLTQuNSA5LjMsLTYuMiAxNC41LC02LjIgOS4zLDAgMTMuNiw1LjcgMTIuMSwxNSBsIC00LjMsMjcuOSBoIC0xNi42IGwgMy42LC0yMy4xIGMgMC43LC00LjIgLTAuNiwtNi4yIC0zLjgsLTYuMiAtMi42LDAgLTUsMS40IC03LjMsNC41IGwgLTMuOCwyNC43IGggLTE2LjYgeiIgLz4NCgkJPHBhdGgNCiAgIHN0eWxlPSJmaWxsOiMyMzU5NzEiDQogICBpZD0icGF0aDE0Ig0KICAgZD0ibSAzMTMuMSw1MTEuMiBoIDE2LjYgbCAtNC4yLDI2LjggMTUuOSwtMTQuNSBoIDIwLjUgbCAtMjAuNCwxOCAxNi40LDI0LjIgSCAzMzcgbCAtMTIuNiwtMTkuNSBoIC0wLjIgbCAtMywxOS41IGggLTE2LjYgeiIgLz4NCgk8L2c+DQoJPGcNCiAgIGlkPSJnMjIiPg0KCQk8cGF0aA0KICAgc3R5bGU9ImZpbGw6IzQ3OWNiZSINCiAgIGlkPSJwYXRoMTgiDQogICBkPSJNIDM3MS45LDUxMS4yIEggMzkxIGwgLTguNCw1NC41IGggLTE5LjEgeiIgLz4NCgkJPHBhdGgNCiAgIHN0eWxlPSJmaWxsOiM0NzljYmUiDQogICBpZD0icGF0aDIwIg0KICAgZD0ibSA0MDAuMyw1MTEuMiBoIDI3LjMgYyAyMS4xLDAgMjcuMiwxNS4zIDI1LjIsMjggLTEuOSwxMi40IC0xMS43LDI2LjUgLTMwLjIsMjYuNSBoIC0zMC44IHogbSAxNy43LDQxLjUgYyA5LjMsMCAxNC40LC00LjYgMTUuOSwtMTQuMyAxLjEsLTcuMiAtMS4xLC0xNC4zIC0xMS40LC0xNC4zIGggLTUuMSBsIC00LjQsMjguNiB6IiAvPg0KCTwvZz4NCjwvZz4NCjwvc3ZnPg==</mdui:Logo>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor use="signing">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:KeyName>Signing</ds:KeyName>
                <ds:X509Data>
                    <ds:X509Certificate>MIIFjTCCA3WgAwIBAgIEKJXKhzANBgkqhkiG9w0BAQwFADB3MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xHDAaBgNVBAoTE1BlbnNpb25zbXluZGlnaGV0ZW4xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wHhcNMjAwNzAzMTUwNDAyWhcNMjAxMDAxMTUwNDAyWjB3MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xHDAaBgNVBAoTE1BlbnNpb25zbXluZGlnaGV0ZW4xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC+8eN1tCSNAHkKw/wWv7lJFadzw/FewTgxwT0mvPxHnG76E1hxlywFYVLjKLK4ddMwJDFjKTyXfwmA2HE0s0bYyfT1HqO4eT4lrvtSM6QZae4wVz3Ow6gk4CN5c8azHpl5in87UipwYcqxg04Mknr8uHZc+Ki1bYcivq3aTwh6Wv4TZ0OVCyEUxHqacCSs9Lhwf7avXFcWkhWIFNbxU86kNm/Vu2rq9UPh/pCThJhRkUwvQnrArYkiFoj/Qulr/pdJyzjcW/C908bqmdg+pWMOAssfHo0bUCAOnEnScIlid6EEKEhBwz5x2QgIRYDTgTYzmLUX8KWiT/NPmnQEUZU8O/seYJKE4VlZlJhIf+rTXITwRENVLhQvp8a7cnPZWcFmTXMyQJ2y86FDxfw+0uwbZrlmSl1eB0eLHrTHr2/y/Lb+6DOnbg3a3YDEj12lD9dZtEt7eMQJbpXaXws8GnfKOZgYpjnxOvIUqG5q94IsGeqVLGVHNwo68F9Nj4tAC9mRQAiE3Nw/Rh8Exx87z6f4UYtlpdw0CKfjnOgM8rpW7/yN650k9t/07dV3Qyuj78KyEHc1GH3HhUme/PfJP14W8okXHd6pgsekTeGP4k+lpwM1RABtW7oDwqjMqLNcUHtIInt4PJb6BCuPJd3huy2HWucdRHcZKFEVjCq46HkAmQIDAQABoyEwHzAdBgNVHQ4EFgQUp9ZUUMiQ9C3haNF6FwbJeE/tMF4wDQYJKoZIhvcNAQEMBQADggIBAHT0rF0Drt4OmjlRLBsiQASi0e68me12M4ZKpiigCxBEPrmY1cjClHaM6IXWOpVA0VLeSeRxEFUD3P4QQAYQGVrfsQubzsBIQi2+iXvnKRFQ+snEJEUYo3ZPjcJ0H9W3as1MuLIJw3mKkUA+u21jJpXIpmTIXUGYfiuBOOOVucwFrxAC7SQS2ZAPgDTE8pIoid3VipYHaquq916vTcmbgoBPmEzXFXPZXWuK4w5DlufqioSKoJ+pdq6yX26C03QTUMiiLRyVvYyZKCCSysubXYsdiPI6tDLgkVXPb1DA+DNUv3Ss/+qsYXUeVZLEB725lL9n1RQMxfp1a6ERfN5KCQaKObYDx6UzZWqIIttElUIruUTKGgNbJJebzOPDjmHhrxEge+VwXxf0I/wSThth/vkHRlUq08JJy55pwq23w+GdXNR2TSjRoBNDeu1ylLHHKSb5BykvJkALEkGHXM98IJPMuErqM+P5D9EGJmgh3uBR9XE2XHstlEBEKnVIevHmhnrNW3nWU0iZNDQwThLvug5nliozIeGRyIrqIoW3zfNwpxFyxvyVn1egz7Mu2HoaOwJZ2Jdcxd/DtTaskbEXOdgerhNCJnE/djNWVhuII54YI3jvl9uYcRyflUdixgc1Uz2saPi32uLt9Yu2So5NvEmHevK9egfRbyr2UimbLLHJ</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="encryption">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:KeyName>Encryption</ds:KeyName>
                <ds:X509Data>
                    <ds:X509Certificate>MIIFjTCCA3WgAwIBAgIEUxQP1TANBgkqhkiG9w0BAQwFADB3MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xHDAaBgNVBAoTE1BlbnNpb25zbXluZGlnaGV0ZW4xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wHhcNMjAwNzA2MDgwMzAxWhcNMjAxMDA0MDgwMzAxWjB3MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xHDAaBgNVBAoTE1BlbnNpb25zbXluZGlnaGV0ZW4xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCIPwJmtM0svEW5TbJcQuQHMDaMqF97JvEnqvvrOqJVOyRirQ7pf1sEIcjGe1edQS3W3MOX95fv8Ase8IHAwfus8xz3s0Eq7x3nyIEILJMDmF0iOC0us3F2AUtu0ceVtqYWZ+gD55wvFyy/dQAQyHF6hfV09cqaXg0zTWkpCxsKh6+4lhgMUQyqAcronEKIOUADHzqXRP6FOC+ZQw7DCeh6r3uTKbOx57K1fmj8Jn5S31EgvZ1tnIGmCuoTLC4dAu6YXkOIBaPFkZ9p6BPlWLMZ0eS05hRKaU4LK7BJDjmLdE6HirjRpdu8pQe9Ad/aOvrqIHvw51cS2HXhqto3MGL36A6ne0pKLJW1g10/5fhvQRspqMJsj5k8zzobv9iK8kx+OZlNUsuP2s+Xh33zjVqxXMeTzGPhCny6yBZClsRUCyQFCb0RtxXmSNMD0x1Np6bmkMc5xbR9laaZFUnfAnCX7qvPpu5g5uvWhIdS8S6GQRVse1ops14V4da5Hy/jw/Ci+1FeO956gTBAJb/K3W/NJMhh8Abxi2oTcqSADn0b05ii0l+EiNhdYXDVKWGUq97WzSdC59SCuJizKpzEkOIfNJWRVE7ZAp3uvGHEIKj8RTvWIWGxGKotMbdwJwHthzw4FtIyQ3qo0/EZI/Terz4QUEp6hSuBoc1bbDqphly/VQIDAQABoyEwHzAdBgNVHQ4EFgQU5M5xgdMltEF0O2QQMj3m7fyrEdkwDQYJKoZIhvcNAQEMBQADggIBADnt5T5GvYZpWSm5tYVk3wzNz9bLL8qXmTRZKT98/N7wJRYqlAwU/Jvrdjnsb84GTy909pXTkVlw+81qLh2TtzlTfKMs0saVbGRuW59aZ5uO/R5Ny2sQN8s1kc+tBYqz2YnXAIWcIShZX2FJfJR3SKVrcSOLO4KlEEtaf0evnqVmtpkg5qDNcwV1n5+sw5YeyJWPoAIGzePjLkfJH9TZ+15Su/agaUkXUxIbalA+ZQzyPHd8Vfa4CB2ZseA1+Hq/RLRNEYU8JxCQD9JSY7vwP7N01m95XJR8rXibRHhsLLxV0i1XcGvzvlBvx+Kz01w4EZrRYEzx+KqzK6irDsRjqlmEJ0Yw57YQNrrELEjDnb6TOqx8wQkwRL7ftnWAtjUKvk9+uJUIPiY69eCwCgxsFrbqIRNUIrjkhHhOu3JS+4I8W9HD1r/Q9t7EJ3pn5PT0gDTtQ+DirxgXVFWoe4p4Gp8tjM78tH4ljtGqxG5dibywrzPW7JyGHwRINp7wSn3i7e9BDT9NVIUvow0a80ZXQC3lWBj+U7kik1ZOz28xFMIW+wzAG+IZvYqvORjgBImIZqgBmQy0VqYduvjdFDkkjXdKdsdMstUp8itGhpaU8eMlMeA+Z1TAUq2Bl8zXvBQtoxqb26Ufl2bRWUhOd9oV7rTs2ahr99eAojDXh7o4F4uT</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://bankididp.pst.pensionsmyndigheten.se/service/bankididp/saml2/auth/redirect"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://bankididp.pst.pensionsmyndigheten.se/service/bankididp/saml2/auth/post"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="sv">Pensionsmyndigheten</md:OrganizationName>
        <md:OrganizationName xml:lang="en">Swedish Pensions Agency</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="sv">Pensionsmyndigheten</md:OrganizationDisplayName>
        <md:OrganizationDisplayName xml:lang="en">Swedish Pensions Agency</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="sv">https://www.pensionsmyndigheten.se</md:OrganizationURL>
        <md:OrganizationURL xml:lang="en">https://www.pensionsmyndigheten.se</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="technical">
        <md:Company>Pensionsmyndigheten</md:Company>
        <md:EmailAddress>IT-Utv-WebbTeamCobraKai@pensionsmyndigheten.se</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="support">
        <md:Company>Pensionsmyndigheten</md:Company>
        <md:EmailAddress>IT-Utv-WebbTeamCobraKai@pensionsmyndigheten.se</md:EmailAddress>
    </md:ContactPerson>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

WARNING

Certificates

The certificate for signing has expired

WARNING

Certificates

The certificate for encryption has expired

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

WARNING

EntityCategory-IdP

This Identity Provider does not have an EntityCategory value for LoA and attribute profile.
It is recommended that IdP's have at least one EntityCategory value that indicates supported attributes

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: BankID*
-	*en: BankID*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: SAML Identity Provider för BankID*
-	*en: SAML Identity Provider for BankID*

MDUI-Logotype

Working logotypes present:

H:101

W:107

Type:SVG

MDUI-Logotype

At least one logo contains vector graphic of type SVG. This gives the best expected UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://bankididp.pst.pensionsmyndigheten.se/ is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Pensionsmyndigheten)

CONTACT-SUPP

Support contact e-mail (IT-Utv-WebbTeamCobraKai@pensionsmyndigheten.se) is present

CONTACT-TECH

Technical contact e-mail (IT-Utv-WebbTeamCobraKai@pensionsmyndigheten.se) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

Pensionsmyndigheten (https://uat-bankididp.pensionsmyndigheten.se/) (3)

Pensionsmyndigheten (https://uat-bankididp.pensionsmyndigheten.se/)

(3)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="https://uat-bankididp.pensionsmyndigheten.se/" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml2:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/sc/uncertified-loa3-pnr</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/general-ec/1.0/secure-authenticator-binding</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml2:AttributeValue>
            </saml2:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions>
            <psc:RequestedPrincipalSelection xmlns:psc="http://id.swedenconnect.se/authn/1.0/principal-selection/ns">
                <psc:MatchValue Name="urn:oid:1.2.752.29.4.13"/>
            </psc:RequestedPrincipalSelection>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="sv">BankID</mdui:DisplayName>
                <mdui:DisplayName xml:lang="en">BankID</mdui:DisplayName>
                <mdui:Description xml:lang="sv">SAML Identity Provider för BankID</mdui:Description>
                <mdui:Description xml:lang="en">SAML Identity Provider for BankID</mdui:Description>
                <mdui:Logo height="101" width="107">data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiIHN0YW5kYWxvbmU9Im5vIj8+DQo8c3ZnDQogICB4bWxuczpkYz0iaHR0cDovL3B1cmwub3JnL2RjL2VsZW1lbnRzLzEuMS8iDQogICB4bWxuczpjYz0iaHR0cDovL2NyZWF0aXZlY29tbW9ucy5vcmcvbnMjIg0KICAgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIg0KICAgeG1sbnM6c3ZnPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyINCiAgIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyINCiAgIGhlaWdodD0iMjk4Ljc5OTk5Ig0KICAgd2lkdGg9IjMxNS45MTE2NSINCiAgIHhtbDpzcGFjZT0icHJlc2VydmUiDQogICBlbmFibGUtYmFja2dyb3VuZD0ibmV3IDAgMCA1OTUuMyA4NDEuOSINCiAgIHZpZXdCb3g9IjAgMCAzMTUuOTExNjYgMjk4Ljc5OTk4Ig0KICAgeT0iMHB4Ig0KICAgeD0iMHB4Ig0KICAgaWQ9IkxhZ2VyXzEiDQogICB2ZXJzaW9uPSIxLjEiPjxtZXRhZGF0YQ0KICAgaWQ9Im1ldGFkYXRhMzEiPjxyZGY6UkRGPjxjYzpXb3JrDQogICAgICAgcmRmOmFib3V0PSIiPjxkYzpmb3JtYXQ+aW1hZ2Uvc3ZnK3htbDwvZGM6Zm9ybWF0PjxkYzp0eXBlDQogICAgICAgICByZGY6cmVzb3VyY2U9Imh0dHA6Ly9wdXJsLm9yZy9kYy9kY21pdHlwZS9TdGlsbEltYWdlIiAvPjxkYzp0aXRsZT48L2RjOnRpdGxlPjwvY2M6V29yaz48L3JkZjpSREY+PC9tZXRhZGF0YT48ZGVmcw0KICAgaWQ9ImRlZnMyOSIgLz4NCjxnDQogICB0cmFuc2Zvcm09InRyYW5zbGF0ZSgtMTQyLjIsLTI2Ny42KSINCiAgIGlkPSJnMjQiPg0KCTxwYXRoDQogICBzdHlsZT0iZmlsbDojNDc5Y2JlIg0KICAgaWQ9InBhdGgyIg0KICAgZD0ibSAyNDEuOSw0MjMuNiAxMy4yLC04My4yIGMgLTUuMiwwIC0xNC4xLDAgLTE0LjEsMCAtNi42LDAgLTE1LjEsLTMuNyAtMTcuNiwtMTAuNSAtMC44LC0yLjMgLTIuNywtMTAuMiA4LjIsLTE3LjkgMy45LC0yLjcgNi40LC01LjcgNi45LC04IDAuNSwtMi40IC0wLjEsLTQuNSAtMS44LC02LjEgLTIuNCwtMi4zIC03LjEsLTMuNiAtMTMuMSwtMy42IC0xMC4xLDAgLTE3LjIsNS44IC0xNy45LDEwIC0wLjUsMy4xIDEuOSw1LjYgNCw3LjIgNi4zLDQuNyA3LjgsMTEuNSAzLjksMTcuOSAtNCw2LjYgLTEyLjcsMTAuOSAtMjIsMTEgMCwwIC05LjIsMCAtMTQuNCwwIC0xLjIsOC4xIC0yMC44LDEzMi4zIC0yMi4zLDE0Mi4xIEggMjMzIGMgMC43LC00LjQgNC4zLC0yNy45IDkuMiwtNTguOSB6IiAvPg0KCTxwYXRoDQogICBzdHlsZT0iZmlsbDojMDBhNWMzIg0KICAgaWQ9InBhdGg0Ig0KICAgZD0iTSAzNDYuNSwyNjcuNiBIIDI2NyBsIC0xMC42LDY3LjMgaCAxMy41IGMgNy40LDAgMTQuNCwtMy40IDE3LjQsLTguMyAxLC0xLjYgMS40LC0zIDEuNCwtNC4zIDAsLTIuOCAtMS45LC00LjkgLTMuOCwtNi4zIC01LjIsLTMuOSAtNi4zLC04IC02LjMsLTEwLjkgMCwtMC42IDAsLTEuMSAwLjEsLTEuNiAxLjEsLTcuMSAxMC43LC0xNC44IDIzLjQsLTE0LjggNy42LDAgMTMuNCwxLjggMTYuOSw1LjEgMy4xLDIuOSA0LjMsNyAzLjQsMTEuMyAtMS4xLDUuMSAtNi4yLDkuMyAtOS4xLDExLjQgLTcuNyw1LjQgLTYuNywxMC4xIC02LjIsMTEuNSAxLjYsNC4yIDcuNyw2LjkgMTIuNCw2LjkgSCAzNDAgYyAwLDAgMCwwIDAsMC4xIDI4LDAuMiA0MywxMy4xIDM4LjMsNDMuMSAtNC40LDI3LjkgLTI1LjgsMzkuOSAtNTEuMyw0MC4xIGwgLTEwLjEsNjQuNCBoIDE0LjkgYyA2Mi45LDAgMTE0LjMsLTQwLjQgMTI0LjQsLTEwNC4yIDEyLjUsLTc5LjIgLTM3LjcsLTExMC44IC0xMDkuNywtMTEwLjggeiIgLz4NCgk8cGF0aA0KICAgc3R5bGU9ImZpbGw6IzIzNTk3MSINCiAgIGlkPSJwYXRoNiINCiAgIGQ9Ik0gMzQ2LjUsMjY3LjYgSCAyNjcgbCAtMTAuNiw2Ny4zIGggMTMuNSBjIDcuNCwwIDE0LjQsLTMuNCAxNy40LC04LjMgMSwtMS42IDEuNCwtMyAxLjQsLTQuMyAwLC0yLjggLTEuOSwtNC45IC0zLjgsLTYuMyAtNS4yLC0zLjkgLTYuMywtOCAtNi4zLC0xMC45IDAsLTAuNiAwLC0xLjEgMC4xLC0xLjYgMS4xLC03LjEgMTAuNywtMTQuOCAyMy40LC0xNC44IDcuNiwwIDEzLjQsMS44IDE2LjksNS4xIDMuMSwyLjkgNC4zLDcgMy40LDExLjMgLTEuMSw1LjEgLTYuMiw5LjMgLTkuMSwxMS40IC03LjcsNS40IC02LjcsMTAuMSAtNi4yLDExLjUgMS42LDQuMiA3LjcsNi45IDEyLjQsNi45IEggMzQwIGMgMCwwIDAsMCAwLDAuMSAyOCwwLjIgNDMsMTMuMSAzOC4zLDQzLjEgLTQuNCwyNy45IC0yNS44LDM5LjkgLTUxLjMsNDAuMSBsIC0xMC4xLDY0LjQgaCAxNC45IGMgNjIuOSwwIDExNC4zLC00MC40IDEyNC40LC0xMDQuMiAxMi41LC03OS4yIC0zNy43LC0xMTAuOCAtMTA5LjcsLTExMC44IHoiIC8+DQoJPGcNCiAgIGlkPSJnMTYiPg0KCQk8cGF0aA0KICAgc3R5bGU9ImZpbGw6IzIzNTk3MSINCiAgIGlkPSJwYXRoOCINCiAgIGQ9Im0gMTUwLjcsNTExLjIgaCAzMS45IGMgMTMuNiwwIDE2LjksNi45IDE1LjksMTMuMiAtMC44LDUuMSAtNC4zLDguOSAtMTAuMywxMS40IDcuNiwyLjkgMTAuNiw3LjQgOS41LDE0LjUgLTEuNCw4LjkgLTkuMSwxNS41IC0xOS4yLDE1LjUgaCAtMzYuMyB6IG0gMjEuMSwyMi42IGMgNi4yLDAgOS4xLC0zLjMgOS43LC03LjIgMC42LC00LjIgLTEuMywtNy4xIC03LjUsLTcuMSBoIC01LjUgbCAtMi4yLDE0LjMgeiBtIC0zLjQsMjMuNiBjIDYuNCwwIDEwLjEsLTIuNiAxMSwtNy45IDAuNywtNC42IC0xLjksLTcuMyAtOC4xLC03LjMgSCAxNjUgbCAtMi40LDE1LjMgaCA1LjggeiIgLz4NCgkJPHBhdGgNCiAgIHN0eWxlPSJmaWxsOiMyMzU5NzEiDQogICBpZD0icGF0aDEwIg0KICAgZD0ibSAyNDIuNCw1NjYuMiBjIC04LjMsMC42IC0xMi4zLC0wLjMgLTE0LjMsLTMuOSAtNC40LDIuNyAtOS4zLDQuMSAtMTQuNSw0LjEgLTkuNCwwIC0xMi43LC00LjkgLTExLjgsLTEwLjMgMC40LC0yLjYgMS45LC01LjEgNC4zLC03LjIgNS4yLC00LjUgMTgsLTUuMSAyMywtOC41IDAuNCwtMy44IC0xLjEsLTUuMiAtNS44LC01LjIgLTUuNSwwIC0xMC4xLDEuOCAtMTgsNy4yIGwgMS45LC0xMi40IGMgNi44LC00LjkgMTMuNCwtNy4yIDIxLC03LjIgOS43LDAgMTguMyw0IDE2LjcsMTQuNiBsIC0xLjksMTIgYyAtMC43LDQuMiAtMC41LDUuNSA0LjIsNS42IHogTSAyMjgsNTQ3LjQgYyAtNC40LDIuOCAtMTIuNiwyLjMgLTEzLjUsOC4xIC0wLjQsMi43IDEuMyw0LjcgNCw0LjcgMi42LDAgNS44LC0xLjEgOC40LC0yLjkgLTAuMiwtMSAtMC4xLC0yIDAuMiwtMy45IHoiIC8+DQoJCTxwYXRoDQogICBzdHlsZT0iZmlsbDojMjM1OTcxIg0KICAgaWQ9InBhdGgxMiINCiAgIGQ9Im0gMjU3LjksNTIzLjUgaCAxNi42IGwgLTAuOSw1LjUgYyA1LjMsLTQuNSA5LjMsLTYuMiAxNC41LC02LjIgOS4zLDAgMTMuNiw1LjcgMTIuMSwxNSBsIC00LjMsMjcuOSBoIC0xNi42IGwgMy42LC0yMy4xIGMgMC43LC00LjIgLTAuNiwtNi4yIC0zLjgsLTYuMiAtMi42LDAgLTUsMS40IC03LjMsNC41IGwgLTMuOCwyNC43IGggLTE2LjYgeiIgLz4NCgkJPHBhdGgNCiAgIHN0eWxlPSJmaWxsOiMyMzU5NzEiDQogICBpZD0icGF0aDE0Ig0KICAgZD0ibSAzMTMuMSw1MTEuMiBoIDE2LjYgbCAtNC4yLDI2LjggMTUuOSwtMTQuNSBoIDIwLjUgbCAtMjAuNCwxOCAxNi40LDI0LjIgSCAzMzcgbCAtMTIuNiwtMTkuNSBoIC0wLjIgbCAtMywxOS41IGggLTE2LjYgeiIgLz4NCgk8L2c+DQoJPGcNCiAgIGlkPSJnMjIiPg0KCQk8cGF0aA0KICAgc3R5bGU9ImZpbGw6IzQ3OWNiZSINCiAgIGlkPSJwYXRoMTgiDQogICBkPSJNIDM3MS45LDUxMS4yIEggMzkxIGwgLTguNCw1NC41IGggLTE5LjEgeiIgLz4NCgkJPHBhdGgNCiAgIHN0eWxlPSJmaWxsOiM0NzljYmUiDQogICBpZD0icGF0aDIwIg0KICAgZD0ibSA0MDAuMyw1MTEuMiBoIDI3LjMgYyAyMS4xLDAgMjcuMiwxNS4zIDI1LjIsMjggLTEuOSwxMi40IC0xMS43LDI2LjUgLTMwLjIsMjYuNSBoIC0zMC44IHogbSAxNy43LDQxLjUgYyA5LjMsMCAxNC40LC00LjYgMTUuOSwtMTQuMyAxLjEsLTcuMiAtMS4xLC0xNC4zIC0xMS40LC0xNC4zIGggLTUuMSBsIC00LjQsMjguNiB6IiAvPg0KCTwvZz4NCjwvZz4NCjwvc3ZnPg==</mdui:Logo>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor use="signing">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:KeyName>Signing</ds:KeyName>
                <ds:X509Data>
                    <ds:X509Certificate>MIIFjTCCA3WgAwIBAgIEKJXKhzANBgkqhkiG9w0BAQwFADB3MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xHDAaBgNVBAoTE1BlbnNpb25zbXluZGlnaGV0ZW4xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wHhcNMjAwNzAzMTUwNDAyWhcNMjAxMDAxMTUwNDAyWjB3MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xHDAaBgNVBAoTE1BlbnNpb25zbXluZGlnaGV0ZW4xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC+8eN1tCSNAHkKw/wWv7lJFadzw/FewTgxwT0mvPxHnG76E1hxlywFYVLjKLK4ddMwJDFjKTyXfwmA2HE0s0bYyfT1HqO4eT4lrvtSM6QZae4wVz3Ow6gk4CN5c8azHpl5in87UipwYcqxg04Mknr8uHZc+Ki1bYcivq3aTwh6Wv4TZ0OVCyEUxHqacCSs9Lhwf7avXFcWkhWIFNbxU86kNm/Vu2rq9UPh/pCThJhRkUwvQnrArYkiFoj/Qulr/pdJyzjcW/C908bqmdg+pWMOAssfHo0bUCAOnEnScIlid6EEKEhBwz5x2QgIRYDTgTYzmLUX8KWiT/NPmnQEUZU8O/seYJKE4VlZlJhIf+rTXITwRENVLhQvp8a7cnPZWcFmTXMyQJ2y86FDxfw+0uwbZrlmSl1eB0eLHrTHr2/y/Lb+6DOnbg3a3YDEj12lD9dZtEt7eMQJbpXaXws8GnfKOZgYpjnxOvIUqG5q94IsGeqVLGVHNwo68F9Nj4tAC9mRQAiE3Nw/Rh8Exx87z6f4UYtlpdw0CKfjnOgM8rpW7/yN650k9t/07dV3Qyuj78KyEHc1GH3HhUme/PfJP14W8okXHd6pgsekTeGP4k+lpwM1RABtW7oDwqjMqLNcUHtIInt4PJb6BCuPJd3huy2HWucdRHcZKFEVjCq46HkAmQIDAQABoyEwHzAdBgNVHQ4EFgQUp9ZUUMiQ9C3haNF6FwbJeE/tMF4wDQYJKoZIhvcNAQEMBQADggIBAHT0rF0Drt4OmjlRLBsiQASi0e68me12M4ZKpiigCxBEPrmY1cjClHaM6IXWOpVA0VLeSeRxEFUD3P4QQAYQGVrfsQubzsBIQi2+iXvnKRFQ+snEJEUYo3ZPjcJ0H9W3as1MuLIJw3mKkUA+u21jJpXIpmTIXUGYfiuBOOOVucwFrxAC7SQS2ZAPgDTE8pIoid3VipYHaquq916vTcmbgoBPmEzXFXPZXWuK4w5DlufqioSKoJ+pdq6yX26C03QTUMiiLRyVvYyZKCCSysubXYsdiPI6tDLgkVXPb1DA+DNUv3Ss/+qsYXUeVZLEB725lL9n1RQMxfp1a6ERfN5KCQaKObYDx6UzZWqIIttElUIruUTKGgNbJJebzOPDjmHhrxEge+VwXxf0I/wSThth/vkHRlUq08JJy55pwq23w+GdXNR2TSjRoBNDeu1ylLHHKSb5BykvJkALEkGHXM98IJPMuErqM+P5D9EGJmgh3uBR9XE2XHstlEBEKnVIevHmhnrNW3nWU0iZNDQwThLvug5nliozIeGRyIrqIoW3zfNwpxFyxvyVn1egz7Mu2HoaOwJZ2Jdcxd/DtTaskbEXOdgerhNCJnE/djNWVhuII54YI3jvl9uYcRyflUdixgc1Uz2saPi32uLt9Yu2So5NvEmHevK9egfRbyr2UimbLLHJ</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="encryption">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:KeyName>Encryption</ds:KeyName>
                <ds:X509Data>
                    <ds:X509Certificate>MIIFjTCCA3WgAwIBAgIEUxQP1TANBgkqhkiG9w0BAQwFADB3MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xHDAaBgNVBAoTE1BlbnNpb25zbXluZGlnaGV0ZW4xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wHhcNMjAwNzA2MDgwMzAxWhcNMjAxMDA0MDgwMzAxWjB3MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xHDAaBgNVBAoTE1BlbnNpb25zbXluZGlnaGV0ZW4xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCIPwJmtM0svEW5TbJcQuQHMDaMqF97JvEnqvvrOqJVOyRirQ7pf1sEIcjGe1edQS3W3MOX95fv8Ase8IHAwfus8xz3s0Eq7x3nyIEILJMDmF0iOC0us3F2AUtu0ceVtqYWZ+gD55wvFyy/dQAQyHF6hfV09cqaXg0zTWkpCxsKh6+4lhgMUQyqAcronEKIOUADHzqXRP6FOC+ZQw7DCeh6r3uTKbOx57K1fmj8Jn5S31EgvZ1tnIGmCuoTLC4dAu6YXkOIBaPFkZ9p6BPlWLMZ0eS05hRKaU4LK7BJDjmLdE6HirjRpdu8pQe9Ad/aOvrqIHvw51cS2HXhqto3MGL36A6ne0pKLJW1g10/5fhvQRspqMJsj5k8zzobv9iK8kx+OZlNUsuP2s+Xh33zjVqxXMeTzGPhCny6yBZClsRUCyQFCb0RtxXmSNMD0x1Np6bmkMc5xbR9laaZFUnfAnCX7qvPpu5g5uvWhIdS8S6GQRVse1ops14V4da5Hy/jw/Ci+1FeO956gTBAJb/K3W/NJMhh8Abxi2oTcqSADn0b05ii0l+EiNhdYXDVKWGUq97WzSdC59SCuJizKpzEkOIfNJWRVE7ZAp3uvGHEIKj8RTvWIWGxGKotMbdwJwHthzw4FtIyQ3qo0/EZI/Terz4QUEp6hSuBoc1bbDqphly/VQIDAQABoyEwHzAdBgNVHQ4EFgQU5M5xgdMltEF0O2QQMj3m7fyrEdkwDQYJKoZIhvcNAQEMBQADggIBADnt5T5GvYZpWSm5tYVk3wzNz9bLL8qXmTRZKT98/N7wJRYqlAwU/Jvrdjnsb84GTy909pXTkVlw+81qLh2TtzlTfKMs0saVbGRuW59aZ5uO/R5Ny2sQN8s1kc+tBYqz2YnXAIWcIShZX2FJfJR3SKVrcSOLO4KlEEtaf0evnqVmtpkg5qDNcwV1n5+sw5YeyJWPoAIGzePjLkfJH9TZ+15Su/agaUkXUxIbalA+ZQzyPHd8Vfa4CB2ZseA1+Hq/RLRNEYU8JxCQD9JSY7vwP7N01m95XJR8rXibRHhsLLxV0i1XcGvzvlBvx+Kz01w4EZrRYEzx+KqzK6irDsRjqlmEJ0Yw57YQNrrELEjDnb6TOqx8wQkwRL7ftnWAtjUKvk9+uJUIPiY69eCwCgxsFrbqIRNUIrjkhHhOu3JS+4I8W9HD1r/Q9t7EJ3pn5PT0gDTtQ+DirxgXVFWoe4p4Gp8tjM78tH4ljtGqxG5dibywrzPW7JyGHwRINp7wSn3i7e9BDT9NVIUvow0a80ZXQC3lWBj+U7kik1ZOz28xFMIW+wzAG+IZvYqvORjgBImIZqgBmQy0VqYduvjdFDkkjXdKdsdMstUp8itGhpaU8eMlMeA+Z1TAUq2Bl8zXvBQtoxqb26Ufl2bRWUhOd9oV7rTs2ahr99eAojDXh7o4F4uT</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://uat-bankididp.stt.pensionsmyndigheten.se/service/bankididp/saml2/auth/redirect"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://uat-bankididp.stt.pensionsmyndigheten.se/service/bankididp/saml2/auth/post"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="sv">Pensionsmyndigheten</md:OrganizationName>
        <md:OrganizationName xml:lang="en">Swedish Pensions Agency</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="sv">Pensionsmyndigheten</md:OrganizationDisplayName>
        <md:OrganizationDisplayName xml:lang="en">Swedish Pensions Agency</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="sv">https://www.pensionsmyndigheten.se</md:OrganizationURL>
        <md:OrganizationURL xml:lang="en">https://www.pensionsmyndigheten.se</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="technical">
        <md:Company>Pensionsmyndigheten</md:Company>
        <md:EmailAddress>IT-Utv-WebbTeamCobraKai@pensionsmyndigheten.se</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="support">
        <md:Company>Pensionsmyndigheten</md:Company>
        <md:EmailAddress>IT-Utv-WebbTeamCobraKai@pensionsmyndigheten.se</md:EmailAddress>
    </md:ContactPerson>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

WARNING

Certificates

The certificate for signing has expired

WARNING

Certificates

The certificate for encryption has expired

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

WARNING

EntityCategory-IdP

This Identity Provider does not have an EntityCategory value for LoA and attribute profile.
It is recommended that IdP's have at least one EntityCategory value that indicates supported attributes

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: BankID*
-	*en: BankID*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: SAML Identity Provider för BankID*
-	*en: SAML Identity Provider for BankID*

MDUI-Logotype

Working logotypes present:

H:101

W:107

Type:SVG

MDUI-Logotype

At least one logo contains vector graphic of type SVG. This gives the best expected UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://uat-bankididp.pensionsmyndigheten.se/ is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Pensionsmyndigheten)

CONTACT-SUPP

Support contact e-mail (IT-Utv-WebbTeamCobraKai@pensionsmyndigheten.se) is present

CONTACT-TECH

Technical contact e-mail (IT-Utv-WebbTeamCobraKai@pensionsmyndigheten.se) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

Pensionsmyndigheten (https://uatn-bankididp.pensionsmyndigheten.se/) (3)

Pensionsmyndigheten (https://uatn-bankididp.pensionsmyndigheten.se/)

(3)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="https://uatn-bankididp.pensionsmyndigheten.se/" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml2:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/sc/uncertified-loa3-pnr</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/general-ec/1.0/secure-authenticator-binding</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml2:AttributeValue>
            </saml2:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions>
            <psc:RequestedPrincipalSelection xmlns:psc="http://id.swedenconnect.se/authn/1.0/principal-selection/ns">
                <psc:MatchValue Name="urn:oid:1.2.752.29.4.13"/>
            </psc:RequestedPrincipalSelection>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="sv">BankID</mdui:DisplayName>
                <mdui:DisplayName xml:lang="en">BankID</mdui:DisplayName>
                <mdui:Description xml:lang="sv">SAML Identity Provider för BankID</mdui:Description>
                <mdui:Description xml:lang="en">SAML Identity Provider for BankID</mdui:Description>
                <mdui:Logo height="101" width="107">data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiIHN0YW5kYWxvbmU9Im5vIj8+DQo8c3ZnDQogICB4bWxuczpkYz0iaHR0cDovL3B1cmwub3JnL2RjL2VsZW1lbnRzLzEuMS8iDQogICB4bWxuczpjYz0iaHR0cDovL2NyZWF0aXZlY29tbW9ucy5vcmcvbnMjIg0KICAgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIg0KICAgeG1sbnM6c3ZnPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyINCiAgIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyINCiAgIGhlaWdodD0iMjk4Ljc5OTk5Ig0KICAgd2lkdGg9IjMxNS45MTE2NSINCiAgIHhtbDpzcGFjZT0icHJlc2VydmUiDQogICBlbmFibGUtYmFja2dyb3VuZD0ibmV3IDAgMCA1OTUuMyA4NDEuOSINCiAgIHZpZXdCb3g9IjAgMCAzMTUuOTExNjYgMjk4Ljc5OTk4Ig0KICAgeT0iMHB4Ig0KICAgeD0iMHB4Ig0KICAgaWQ9IkxhZ2VyXzEiDQogICB2ZXJzaW9uPSIxLjEiPjxtZXRhZGF0YQ0KICAgaWQ9Im1ldGFkYXRhMzEiPjxyZGY6UkRGPjxjYzpXb3JrDQogICAgICAgcmRmOmFib3V0PSIiPjxkYzpmb3JtYXQ+aW1hZ2Uvc3ZnK3htbDwvZGM6Zm9ybWF0PjxkYzp0eXBlDQogICAgICAgICByZGY6cmVzb3VyY2U9Imh0dHA6Ly9wdXJsLm9yZy9kYy9kY21pdHlwZS9TdGlsbEltYWdlIiAvPjxkYzp0aXRsZT48L2RjOnRpdGxlPjwvY2M6V29yaz48L3JkZjpSREY+PC9tZXRhZGF0YT48ZGVmcw0KICAgaWQ9ImRlZnMyOSIgLz4NCjxnDQogICB0cmFuc2Zvcm09InRyYW5zbGF0ZSgtMTQyLjIsLTI2Ny42KSINCiAgIGlkPSJnMjQiPg0KCTxwYXRoDQogICBzdHlsZT0iZmlsbDojNDc5Y2JlIg0KICAgaWQ9InBhdGgyIg0KICAgZD0ibSAyNDEuOSw0MjMuNiAxMy4yLC04My4yIGMgLTUuMiwwIC0xNC4xLDAgLTE0LjEsMCAtNi42LDAgLTE1LjEsLTMuNyAtMTcuNiwtMTAuNSAtMC44LC0yLjMgLTIuNywtMTAuMiA4LjIsLTE3LjkgMy45LC0yLjcgNi40LC01LjcgNi45LC04IDAuNSwtMi40IC0wLjEsLTQuNSAtMS44LC02LjEgLTIuNCwtMi4zIC03LjEsLTMuNiAtMTMuMSwtMy42IC0xMC4xLDAgLTE3LjIsNS44IC0xNy45LDEwIC0wLjUsMy4xIDEuOSw1LjYgNCw3LjIgNi4zLDQuNyA3LjgsMTEuNSAzLjksMTcuOSAtNCw2LjYgLTEyLjcsMTAuOSAtMjIsMTEgMCwwIC05LjIsMCAtMTQuNCwwIC0xLjIsOC4xIC0yMC44LDEzMi4zIC0yMi4zLDE0Mi4xIEggMjMzIGMgMC43LC00LjQgNC4zLC0yNy45IDkuMiwtNTguOSB6IiAvPg0KCTxwYXRoDQogICBzdHlsZT0iZmlsbDojMDBhNWMzIg0KICAgaWQ9InBhdGg0Ig0KICAgZD0iTSAzNDYuNSwyNjcuNiBIIDI2NyBsIC0xMC42LDY3LjMgaCAxMy41IGMgNy40LDAgMTQuNCwtMy40IDE3LjQsLTguMyAxLC0xLjYgMS40LC0zIDEuNCwtNC4zIDAsLTIuOCAtMS45LC00LjkgLTMuOCwtNi4zIC01LjIsLTMuOSAtNi4zLC04IC02LjMsLTEwLjkgMCwtMC42IDAsLTEuMSAwLjEsLTEuNiAxLjEsLTcuMSAxMC43LC0xNC44IDIzLjQsLTE0LjggNy42LDAgMTMuNCwxLjggMTYuOSw1LjEgMy4xLDIuOSA0LjMsNyAzLjQsMTEuMyAtMS4xLDUuMSAtNi4yLDkuMyAtOS4xLDExLjQgLTcuNyw1LjQgLTYuNywxMC4xIC02LjIsMTEuNSAxLjYsNC4yIDcuNyw2LjkgMTIuNCw2LjkgSCAzNDAgYyAwLDAgMCwwIDAsMC4xIDI4LDAuMiA0MywxMy4xIDM4LjMsNDMuMSAtNC40LDI3LjkgLTI1LjgsMzkuOSAtNTEuMyw0MC4xIGwgLTEwLjEsNjQuNCBoIDE0LjkgYyA2Mi45LDAgMTE0LjMsLTQwLjQgMTI0LjQsLTEwNC4yIDEyLjUsLTc5LjIgLTM3LjcsLTExMC44IC0xMDkuNywtMTEwLjggeiIgLz4NCgk8cGF0aA0KICAgc3R5bGU9ImZpbGw6IzIzNTk3MSINCiAgIGlkPSJwYXRoNiINCiAgIGQ9Ik0gMzQ2LjUsMjY3LjYgSCAyNjcgbCAtMTAuNiw2Ny4zIGggMTMuNSBjIDcuNCwwIDE0LjQsLTMuNCAxNy40LC04LjMgMSwtMS42IDEuNCwtMyAxLjQsLTQuMyAwLC0yLjggLTEuOSwtNC45IC0zLjgsLTYuMyAtNS4yLC0zLjkgLTYuMywtOCAtNi4zLC0xMC45IDAsLTAuNiAwLC0xLjEgMC4xLC0xLjYgMS4xLC03LjEgMTAuNywtMTQuOCAyMy40LC0xNC44IDcuNiwwIDEzLjQsMS44IDE2LjksNS4xIDMuMSwyLjkgNC4zLDcgMy40LDExLjMgLTEuMSw1LjEgLTYuMiw5LjMgLTkuMSwxMS40IC03LjcsNS40IC02LjcsMTAuMSAtNi4yLDExLjUgMS42LDQuMiA3LjcsNi45IDEyLjQsNi45IEggMzQwIGMgMCwwIDAsMCAwLDAuMSAyOCwwLjIgNDMsMTMuMSAzOC4zLDQzLjEgLTQuNCwyNy45IC0yNS44LDM5LjkgLTUxLjMsNDAuMSBsIC0xMC4xLDY0LjQgaCAxNC45IGMgNjIuOSwwIDExNC4zLC00MC40IDEyNC40LC0xMDQuMiAxMi41LC03OS4yIC0zNy43LC0xMTAuOCAtMTA5LjcsLTExMC44IHoiIC8+DQoJPGcNCiAgIGlkPSJnMTYiPg0KCQk8cGF0aA0KICAgc3R5bGU9ImZpbGw6IzIzNTk3MSINCiAgIGlkPSJwYXRoOCINCiAgIGQ9Im0gMTUwLjcsNTExLjIgaCAzMS45IGMgMTMuNiwwIDE2LjksNi45IDE1LjksMTMuMiAtMC44LDUuMSAtNC4zLDguOSAtMTAuMywxMS40IDcuNiwyLjkgMTAuNiw3LjQgOS41LDE0LjUgLTEuNCw4LjkgLTkuMSwxNS41IC0xOS4yLDE1LjUgaCAtMzYuMyB6IG0gMjEuMSwyMi42IGMgNi4yLDAgOS4xLC0zLjMgOS43LC03LjIgMC42LC00LjIgLTEuMywtNy4xIC03LjUsLTcuMSBoIC01LjUgbCAtMi4yLDE0LjMgeiBtIC0zLjQsMjMuNiBjIDYuNCwwIDEwLjEsLTIuNiAxMSwtNy45IDAuNywtNC42IC0xLjksLTcuMyAtOC4xLC03LjMgSCAxNjUgbCAtMi40LDE1LjMgaCA1LjggeiIgLz4NCgkJPHBhdGgNCiAgIHN0eWxlPSJmaWxsOiMyMzU5NzEiDQogICBpZD0icGF0aDEwIg0KICAgZD0ibSAyNDIuNCw1NjYuMiBjIC04LjMsMC42IC0xMi4zLC0wLjMgLTE0LjMsLTMuOSAtNC40LDIuNyAtOS4zLDQuMSAtMTQuNSw0LjEgLTkuNCwwIC0xMi43LC00LjkgLTExLjgsLTEwLjMgMC40LC0yLjYgMS45LC01LjEgNC4zLC03LjIgNS4yLC00LjUgMTgsLTUuMSAyMywtOC41IDAuNCwtMy44IC0xLjEsLTUuMiAtNS44LC01LjIgLTUuNSwwIC0xMC4xLDEuOCAtMTgsNy4yIGwgMS45LC0xMi40IGMgNi44LC00LjkgMTMuNCwtNy4yIDIxLC03LjIgOS43LDAgMTguMyw0IDE2LjcsMTQuNiBsIC0xLjksMTIgYyAtMC43LDQuMiAtMC41LDUuNSA0LjIsNS42IHogTSAyMjgsNTQ3LjQgYyAtNC40LDIuOCAtMTIuNiwyLjMgLTEzLjUsOC4xIC0wLjQsMi43IDEuMyw0LjcgNCw0LjcgMi42LDAgNS44LC0xLjEgOC40LC0yLjkgLTAuMiwtMSAtMC4xLC0yIDAuMiwtMy45IHoiIC8+DQoJCTxwYXRoDQogICBzdHlsZT0iZmlsbDojMjM1OTcxIg0KICAgaWQ9InBhdGgxMiINCiAgIGQ9Im0gMjU3LjksNTIzLjUgaCAxNi42IGwgLTAuOSw1LjUgYyA1LjMsLTQuNSA5LjMsLTYuMiAxNC41LC02LjIgOS4zLDAgMTMuNiw1LjcgMTIuMSwxNSBsIC00LjMsMjcuOSBoIC0xNi42IGwgMy42LC0yMy4xIGMgMC43LC00LjIgLTAuNiwtNi4yIC0zLjgsLTYuMiAtMi42LDAgLTUsMS40IC03LjMsNC41IGwgLTMuOCwyNC43IGggLTE2LjYgeiIgLz4NCgkJPHBhdGgNCiAgIHN0eWxlPSJmaWxsOiMyMzU5NzEiDQogICBpZD0icGF0aDE0Ig0KICAgZD0ibSAzMTMuMSw1MTEuMiBoIDE2LjYgbCAtNC4yLDI2LjggMTUuOSwtMTQuNSBoIDIwLjUgbCAtMjAuNCwxOCAxNi40LDI0LjIgSCAzMzcgbCAtMTIuNiwtMTkuNSBoIC0wLjIgbCAtMywxOS41IGggLTE2LjYgeiIgLz4NCgk8L2c+DQoJPGcNCiAgIGlkPSJnMjIiPg0KCQk8cGF0aA0KICAgc3R5bGU9ImZpbGw6IzQ3OWNiZSINCiAgIGlkPSJwYXRoMTgiDQogICBkPSJNIDM3MS45LDUxMS4yIEggMzkxIGwgLTguNCw1NC41IGggLTE5LjEgeiIgLz4NCgkJPHBhdGgNCiAgIHN0eWxlPSJmaWxsOiM0NzljYmUiDQogICBpZD0icGF0aDIwIg0KICAgZD0ibSA0MDAuMyw1MTEuMiBoIDI3LjMgYyAyMS4xLDAgMjcuMiwxNS4zIDI1LjIsMjggLTEuOSwxMi40IC0xMS43LDI2LjUgLTMwLjIsMjYuNSBoIC0zMC44IHogbSAxNy43LDQxLjUgYyA5LjMsMCAxNC40LC00LjYgMTUuOSwtMTQuMyAxLjEsLTcuMiAtMS4xLC0xNC4zIC0xMS40LC0xNC4zIGggLTUuMSBsIC00LjQsMjguNiB6IiAvPg0KCTwvZz4NCjwvZz4NCjwvc3ZnPg==</mdui:Logo>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor use="signing">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:KeyName>Signing</ds:KeyName>
                <ds:X509Data>
                    <ds:X509Certificate>MIIFjTCCA3WgAwIBAgIEKJXKhzANBgkqhkiG9w0BAQwFADB3MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xHDAaBgNVBAoTE1BlbnNpb25zbXluZGlnaGV0ZW4xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wHhcNMjAwNzAzMTUwNDAyWhcNMjAxMDAxMTUwNDAyWjB3MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xHDAaBgNVBAoTE1BlbnNpb25zbXluZGlnaGV0ZW4xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC+8eN1tCSNAHkKw/wWv7lJFadzw/FewTgxwT0mvPxHnG76E1hxlywFYVLjKLK4ddMwJDFjKTyXfwmA2HE0s0bYyfT1HqO4eT4lrvtSM6QZae4wVz3Ow6gk4CN5c8azHpl5in87UipwYcqxg04Mknr8uHZc+Ki1bYcivq3aTwh6Wv4TZ0OVCyEUxHqacCSs9Lhwf7avXFcWkhWIFNbxU86kNm/Vu2rq9UPh/pCThJhRkUwvQnrArYkiFoj/Qulr/pdJyzjcW/C908bqmdg+pWMOAssfHo0bUCAOnEnScIlid6EEKEhBwz5x2QgIRYDTgTYzmLUX8KWiT/NPmnQEUZU8O/seYJKE4VlZlJhIf+rTXITwRENVLhQvp8a7cnPZWcFmTXMyQJ2y86FDxfw+0uwbZrlmSl1eB0eLHrTHr2/y/Lb+6DOnbg3a3YDEj12lD9dZtEt7eMQJbpXaXws8GnfKOZgYpjnxOvIUqG5q94IsGeqVLGVHNwo68F9Nj4tAC9mRQAiE3Nw/Rh8Exx87z6f4UYtlpdw0CKfjnOgM8rpW7/yN650k9t/07dV3Qyuj78KyEHc1GH3HhUme/PfJP14W8okXHd6pgsekTeGP4k+lpwM1RABtW7oDwqjMqLNcUHtIInt4PJb6BCuPJd3huy2HWucdRHcZKFEVjCq46HkAmQIDAQABoyEwHzAdBgNVHQ4EFgQUp9ZUUMiQ9C3haNF6FwbJeE/tMF4wDQYJKoZIhvcNAQEMBQADggIBAHT0rF0Drt4OmjlRLBsiQASi0e68me12M4ZKpiigCxBEPrmY1cjClHaM6IXWOpVA0VLeSeRxEFUD3P4QQAYQGVrfsQubzsBIQi2+iXvnKRFQ+snEJEUYo3ZPjcJ0H9W3as1MuLIJw3mKkUA+u21jJpXIpmTIXUGYfiuBOOOVucwFrxAC7SQS2ZAPgDTE8pIoid3VipYHaquq916vTcmbgoBPmEzXFXPZXWuK4w5DlufqioSKoJ+pdq6yX26C03QTUMiiLRyVvYyZKCCSysubXYsdiPI6tDLgkVXPb1DA+DNUv3Ss/+qsYXUeVZLEB725lL9n1RQMxfp1a6ERfN5KCQaKObYDx6UzZWqIIttElUIruUTKGgNbJJebzOPDjmHhrxEge+VwXxf0I/wSThth/vkHRlUq08JJy55pwq23w+GdXNR2TSjRoBNDeu1ylLHHKSb5BykvJkALEkGHXM98IJPMuErqM+P5D9EGJmgh3uBR9XE2XHstlEBEKnVIevHmhnrNW3nWU0iZNDQwThLvug5nliozIeGRyIrqIoW3zfNwpxFyxvyVn1egz7Mu2HoaOwJZ2Jdcxd/DtTaskbEXOdgerhNCJnE/djNWVhuII54YI3jvl9uYcRyflUdixgc1Uz2saPi32uLt9Yu2So5NvEmHevK9egfRbyr2UimbLLHJ</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="encryption">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:KeyName>Encryption</ds:KeyName>
                <ds:X509Data>
                    <ds:X509Certificate>MIIFjTCCA3WgAwIBAgIEUxQP1TANBgkqhkiG9w0BAQwFADB3MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xHDAaBgNVBAoTE1BlbnNpb25zbXluZGlnaGV0ZW4xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wHhcNMjAwNzA2MDgwMzAxWhcNMjAxMDA0MDgwMzAxWjB3MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xHDAaBgNVBAoTE1BlbnNpb25zbXluZGlnaGV0ZW4xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCIPwJmtM0svEW5TbJcQuQHMDaMqF97JvEnqvvrOqJVOyRirQ7pf1sEIcjGe1edQS3W3MOX95fv8Ase8IHAwfus8xz3s0Eq7x3nyIEILJMDmF0iOC0us3F2AUtu0ceVtqYWZ+gD55wvFyy/dQAQyHF6hfV09cqaXg0zTWkpCxsKh6+4lhgMUQyqAcronEKIOUADHzqXRP6FOC+ZQw7DCeh6r3uTKbOx57K1fmj8Jn5S31EgvZ1tnIGmCuoTLC4dAu6YXkOIBaPFkZ9p6BPlWLMZ0eS05hRKaU4LK7BJDjmLdE6HirjRpdu8pQe9Ad/aOvrqIHvw51cS2HXhqto3MGL36A6ne0pKLJW1g10/5fhvQRspqMJsj5k8zzobv9iK8kx+OZlNUsuP2s+Xh33zjVqxXMeTzGPhCny6yBZClsRUCyQFCb0RtxXmSNMD0x1Np6bmkMc5xbR9laaZFUnfAnCX7qvPpu5g5uvWhIdS8S6GQRVse1ops14V4da5Hy/jw/Ci+1FeO956gTBAJb/K3W/NJMhh8Abxi2oTcqSADn0b05ii0l+EiNhdYXDVKWGUq97WzSdC59SCuJizKpzEkOIfNJWRVE7ZAp3uvGHEIKj8RTvWIWGxGKotMbdwJwHthzw4FtIyQ3qo0/EZI/Terz4QUEp6hSuBoc1bbDqphly/VQIDAQABoyEwHzAdBgNVHQ4EFgQU5M5xgdMltEF0O2QQMj3m7fyrEdkwDQYJKoZIhvcNAQEMBQADggIBADnt5T5GvYZpWSm5tYVk3wzNz9bLL8qXmTRZKT98/N7wJRYqlAwU/Jvrdjnsb84GTy909pXTkVlw+81qLh2TtzlTfKMs0saVbGRuW59aZ5uO/R5Ny2sQN8s1kc+tBYqz2YnXAIWcIShZX2FJfJR3SKVrcSOLO4KlEEtaf0evnqVmtpkg5qDNcwV1n5+sw5YeyJWPoAIGzePjLkfJH9TZ+15Su/agaUkXUxIbalA+ZQzyPHd8Vfa4CB2ZseA1+Hq/RLRNEYU8JxCQD9JSY7vwP7N01m95XJR8rXibRHhsLLxV0i1XcGvzvlBvx+Kz01w4EZrRYEzx+KqzK6irDsRjqlmEJ0Yw57YQNrrELEjDnb6TOqx8wQkwRL7ftnWAtjUKvk9+uJUIPiY69eCwCgxsFrbqIRNUIrjkhHhOu3JS+4I8W9HD1r/Q9t7EJ3pn5PT0gDTtQ+DirxgXVFWoe4p4Gp8tjM78tH4ljtGqxG5dibywrzPW7JyGHwRINp7wSn3i7e9BDT9NVIUvow0a80ZXQC3lWBj+U7kik1ZOz28xFMIW+wzAG+IZvYqvORjgBImIZqgBmQy0VqYduvjdFDkkjXdKdsdMstUp8itGhpaU8eMlMeA+Z1TAUq2Bl8zXvBQtoxqb26Ufl2bRWUhOd9oV7rTs2ahr99eAojDXh7o4F4uT</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://uatn-bankididp.stt.pensionsmyndigheten.se/service/bankididp/saml2/auth/redirect"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://uatn-bankididp.stt.pensionsmyndigheten.se/service/bankididp/saml2/auth/post"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="sv">Pensionsmyndigheten</md:OrganizationName>
        <md:OrganizationName xml:lang="en">Swedish Pensions Agency</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="sv">Pensionsmyndigheten</md:OrganizationDisplayName>
        <md:OrganizationDisplayName xml:lang="en">Swedish Pensions Agency</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="sv">https://www.pensionsmyndigheten.se</md:OrganizationURL>
        <md:OrganizationURL xml:lang="en">https://www.pensionsmyndigheten.se</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="technical">
        <md:Company>Pensionsmyndigheten</md:Company>
        <md:EmailAddress>IT-Utv-WebbTeamCobraKai@pensionsmyndigheten.se</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="support">
        <md:Company>Pensionsmyndigheten</md:Company>
        <md:EmailAddress>IT-Utv-WebbTeamCobraKai@pensionsmyndigheten.se</md:EmailAddress>
    </md:ContactPerson>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

WARNING

Certificates

The certificate for signing has expired

WARNING

Certificates

The certificate for encryption has expired

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

WARNING

EntityCategory-IdP

This Identity Provider does not have an EntityCategory value for LoA and attribute profile.
It is recommended that IdP's have at least one EntityCategory value that indicates supported attributes

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: BankID*
-	*en: BankID*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: SAML Identity Provider för BankID*
-	*en: SAML Identity Provider for BankID*

MDUI-Logotype

Working logotypes present:

H:101

W:107

Type:SVG

MDUI-Logotype

At least one logo contains vector graphic of type SVG. This gives the best expected UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://uatn-bankididp.pensionsmyndigheten.se/ is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Pensionsmyndigheten)

CONTACT-SUPP

Support contact e-mail (IT-Utv-WebbTeamCobraKai@pensionsmyndigheten.se) is present

CONTACT-TECH

Technical contact e-mail (IT-Utv-WebbTeamCobraKai@pensionsmyndigheten.se) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

PhenixID Labs (https://integration.phenixid.se/saml/idp/diggconform) (4)

PhenixID Labs (https://integration.phenixid.se/saml/idp/diggconform)

(4)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="https://integration.phenixid.se/saml/idp/diggconform" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa4</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa3</saml:AttributeValue>
            </saml:Attribute>
            <saml:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/loa4-pnr</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/loa4-name</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/loa4-orgid</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/loa3-pnr</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/loa3-name</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/loa3-orgid</saml:AttributeValue>
            </saml:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">PhenixID Labs IdP</mdui:DisplayName>
                <mdui:DisplayName xml:lang="sv">PhenixID Labs IdP</mdui:DisplayName>
                <mdui:Logo height="66" width="76">https://www.phenixid.se/wordpress/uploads/2019/11/full_logo-blue.png</mdui:Logo>
                <mdui:Description xml:lang="sv">PhenixID Labs IdP</mdui:Description>
                <mdui:Description xml:lang="en">PhenixID Labs IdP</mdui:Description>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor use="signing">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIE8DCCAtigAwIBAgIEYcGFPjANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDDAtTQU1MIFNJR05F
UjAgFw0yMTEyMjEwNzQxNTBaGA8yMDk2MTIyMTA3NDE1MFowFjEUMBIGA1UEAwwLU0FNTCBTSUdO
RVIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDJFrbZYFg3ymfOGICT6gFbt0sbYKc3
GBy+oWOmkzwYzutPGWNoY7HCIOtLtlutQUz6C0PO4uM5Sbi+u5OdF/f8Xbuo/gYAtGaOpHAyBe1+
VZZRIRnSqowulcSfKrqDC3+jTDF2d7gzt8T30reCgVoe9WmMOt9hUmwfe/uToZ5gB4yW6nlPfRJK
heNK3HiL0qVvl2mrQ5aW6dSFIqM+uCLXrX+EbYvAj1qAKgBH3eB9eOyaAjijRqrM6rSk9SVRYL2B
4NbiADJ+FrmQi2XOrvq1Cg5jRBaMmJy3ZXVRiTvsX3+Ej3acYIelekgSSjB/c/bN5pI/TFt8EG7m
NR6gNZxF9DkEAESD1yUCFv02rSYeDplsQ/VwdRSdQrr9+7+xMonapRaj735mLTEVD7dqNjDR4RjO
aZOGgl2EQ0s4J/SND17HVQV5SzslX63HAFgf/3HSGSBFyh/rGiqB6iijffLIbeBzKuEyKSRvh0zJ
OmP+NzXanTvmH7TeWeojJQQEPBCdnu00LX+PsaBHYE3JMP/gdhbdzP9Uy0AJUNO9fxAFQCbxOXy0
lZ014FzdMzal1JzoZEmaXuM8KqYWvSykV7C/naws+tlT2yFM5H+4tFtXZLPzqOO+eiWCPzS+pH/J
WwP8S6m+oe8yQORPfwOShYA67j10MByyC7WJTRkKP/mDBQIDAQABo0QwQjALBgNVHQ8EBAMCBPAw
MwYDVR0lBCwwKgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDAwYKKwYBBAGCNwoDBDANBgkq
hkiG9w0BAQsFAAOCAgEASzBTJ8xhEn2bOPQfBrKcDWEjxwguM4CSNfYEFcnOI30EHLkpljfCjk1X
Q3UTGgnqwDxH3hvvGzGA7teqiTpMHvO9LpWaPFZXKNKfh/7/TzfxWZdgVJzNN8WnkJ094d0V45XX
9rWwzkyf35+tQXb9tlPsjKDTggKH+KieLoFTSFYvQMyEXizpXV0sZPrEN+TCYwGeXFovscHM2pPK
vF5RoZ45alpPY/gSRtWq+l6KP35BkIfeynGU9inCIQqS9y5RUrA39jsrdYLwhkCCkLQeUDYx2av5
zKsm9NR4IWFnOJ+3h5YN51uS23jz8NOKrUjb+e5bzWRXMia5fAKhT80Fghpdv3mXiSC9Ual++B74
GR3GlYFYTTi+rRrxMbdb0SHbiQlcEBX/SMUNGlkkWnuUJwwCJpewD+TqSRayrfKORktyHvI5BEG3
fwfM9D0LkNbsOgZ/xvakSXDlfMT6JFDWqdUmlSLWc79JzKTwslajuga0FI77R+PXqu+zIY+42ulb
NmUUwRhcLycg0kLiPrHMwHe7nXPY+OSi4RktZBy7ree82r/NNaxiUle17q4VznmrGNOIKU1I8y6S
5c1yIdlQwHyZaKJru3krq1HHApT+50B32Xbc7YAJ7KoUpoViCdYsY7f8YX3c45JhMCcWuP/OD0N+
GZOgRNDjaIx5JU5z2lU=</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="encryption">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIE8DCCAtigAwIBAgIEYcGFPjANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDDAtTQU1MIFNJR05F
UjAgFw0yMTEyMjEwNzQxNTBaGA8yMDk2MTIyMTA3NDE1MFowFjEUMBIGA1UEAwwLU0FNTCBTSUdO
RVIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDJFrbZYFg3ymfOGICT6gFbt0sbYKc3
GBy+oWOmkzwYzutPGWNoY7HCIOtLtlutQUz6C0PO4uM5Sbi+u5OdF/f8Xbuo/gYAtGaOpHAyBe1+
VZZRIRnSqowulcSfKrqDC3+jTDF2d7gzt8T30reCgVoe9WmMOt9hUmwfe/uToZ5gB4yW6nlPfRJK
heNK3HiL0qVvl2mrQ5aW6dSFIqM+uCLXrX+EbYvAj1qAKgBH3eB9eOyaAjijRqrM6rSk9SVRYL2B
4NbiADJ+FrmQi2XOrvq1Cg5jRBaMmJy3ZXVRiTvsX3+Ej3acYIelekgSSjB/c/bN5pI/TFt8EG7m
NR6gNZxF9DkEAESD1yUCFv02rSYeDplsQ/VwdRSdQrr9+7+xMonapRaj735mLTEVD7dqNjDR4RjO
aZOGgl2EQ0s4J/SND17HVQV5SzslX63HAFgf/3HSGSBFyh/rGiqB6iijffLIbeBzKuEyKSRvh0zJ
OmP+NzXanTvmH7TeWeojJQQEPBCdnu00LX+PsaBHYE3JMP/gdhbdzP9Uy0AJUNO9fxAFQCbxOXy0
lZ014FzdMzal1JzoZEmaXuM8KqYWvSykV7C/naws+tlT2yFM5H+4tFtXZLPzqOO+eiWCPzS+pH/J
WwP8S6m+oe8yQORPfwOShYA67j10MByyC7WJTRkKP/mDBQIDAQABo0QwQjALBgNVHQ8EBAMCBPAw
MwYDVR0lBCwwKgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDAwYKKwYBBAGCNwoDBDANBgkq
hkiG9w0BAQsFAAOCAgEASzBTJ8xhEn2bOPQfBrKcDWEjxwguM4CSNfYEFcnOI30EHLkpljfCjk1X
Q3UTGgnqwDxH3hvvGzGA7teqiTpMHvO9LpWaPFZXKNKfh/7/TzfxWZdgVJzNN8WnkJ094d0V45XX
9rWwzkyf35+tQXb9tlPsjKDTggKH+KieLoFTSFYvQMyEXizpXV0sZPrEN+TCYwGeXFovscHM2pPK
vF5RoZ45alpPY/gSRtWq+l6KP35BkIfeynGU9inCIQqS9y5RUrA39jsrdYLwhkCCkLQeUDYx2av5
zKsm9NR4IWFnOJ+3h5YN51uS23jz8NOKrUjb+e5bzWRXMia5fAKhT80Fghpdv3mXiSC9Ual++B74
GR3GlYFYTTi+rRrxMbdb0SHbiQlcEBX/SMUNGlkkWnuUJwwCJpewD+TqSRayrfKORktyHvI5BEG3
fwfM9D0LkNbsOgZ/xvakSXDlfMT6JFDWqdUmlSLWc79JzKTwslajuga0FI77R+PXqu+zIY+42ulb
NmUUwRhcLycg0kLiPrHMwHe7nXPY+OSi4RktZBy7ree82r/NNaxiUle17q4VznmrGNOIKU1I8y6S
5c1yIdlQwHyZaKJru3krq1HHApT+50B32Xbc7YAJ7KoUpoViCdYsY7f8YX3c45JhMCcWuP/OD0N+
GZOgRNDjaIx5JU5z2lU=</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://integration.phenixid.se/saml/authenticate/slo"/>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://integration.phenixid.se/saml/authenticate/slo"/>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:profiles:holder-of-key:SSO:browser" Location="https://integration.phenixid.se/saml/authenticate/diggconform_loa4" hoksso:ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" xmlns:hoksso="urn:oasis:names:tc:SAML:2.0:profiles:holder-of-key:SSO:browser"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:profiles:holder-of-key:SSO:browser" Location="https://integration.phenixid.se/saml/authenticate/diggconform_loa4" hoksso:ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" xmlns:hoksso="urn:oasis:names:tc:SAML:2.0:profiles:holder-of-key:SSO:browser"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://integration.phenixid.se/saml/authenticate/diggconform"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://integration.phenixid.se/saml/authenticate/diggconform"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="en">PhenixID Labs</md:OrganizationName>
        <md:OrganizationName xml:lang="sv">PhenixID Labs</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="en">PhenixID Labs</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="en">https://www.phenixid.se</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="administrative">
        <md:GivenName>Anders</md:GivenName>
        <md:SurName>Björk</md:SurName>
        <md:EmailAddress>cust_success@phenixid.se</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="support">
        <md:GivenName>Anders</md:GivenName>
        <md:SurName>Björk</md:SurName>
        <md:EmailAddress>cust_success@phenixid.se</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="other">
        <md:GivenName>Anders</md:GivenName>
        <md:SurName>Björk</md:SurName>
        <md:EmailAddress>cust_success@phenixid.se</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="support">
        <md:GivenName>Anders</md:GivenName>
        <md:SurName>Björk</md:SurName>
        <md:EmailAddress>cust_success@phenixid.se</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="technical">
        <md:GivenName>Anders</md:GivenName>
        <md:SurName>Björk</md:SurName>
        <md:EmailAddress>cust_success@phenixid.se</md:EmailAddress>
    </md:ContactPerson>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

EntityCategory-IdP

This Identity Provider has the following EntityCategory values for LoA and attribute profile:

-	*http://id.elegnamnden.se/ec/1.0/loa4-pnr*
-	*http://id.elegnamnden.se/ec/1.0/loa3-pnr*

ERROR

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa4-pnr" does not have the required complementary EntityCategory value "http://id.swedenconnect.se/ec/1.0/loa4-name"

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa4-pnr" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/loa4

ERROR

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa3-pnr" does not have the required complementary EntityCategory value "http://id.swedenconnect.se/ec/1.0/loa3-name"

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa3-pnr" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/loa3

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: PhenixID Labs IdP*
-	*en: PhenixID Labs IdP*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: PhenixID Labs IdP*
-	*en: PhenixID Labs IdP*

ERROR

MDUI-Logotype

No working logotype are present in mdui

ERROR

MDUI-Logotype

The following errors were encountered while processing logotypes:

-	Logotype download from: *https://www.phenixid.se/wordpress/uploads/2019/11/full_logo-blue.png* failed with HTTP response code 0

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/loa4

- http://id.elegnamnden.se/loa/1.0/loa3

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.elegnamnden.se/loa/1.0/loa4

- http://id.elegnamnden.se/loa/1.0/loa3

LOA-Holder-of-key

This IdP has declared support for LoA 4 and also provides a SingleSignOnService supporting holder-of-key

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://integration.phenixid.se/saml/idp/diggconform is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (PhenixID Labs)

CONTACT-SUPP

Support contact e-mail (cust_success@phenixid.se) is present

CONTACT-TECH

Technical contact e-mail (cust_success@phenixid.se) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

PhenixID Test (https://frist.phenixid.se/saml/authenticate/phenixid_idp_swecon) (3)

PhenixID Test (https://frist.phenixid.se/saml/authenticate/phenixid_idp_swecon)

(3)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="https://frist.phenixid.se/saml/authenticate/phenixid_idp_swecon" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa1</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa2</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa3</saml:AttributeValue>
            </saml:Attribute>
            <saml:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/loa3-pnr</saml:AttributeValue>
            </saml:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">PhenixID Sign idp</mdui:DisplayName>
                <mdui:DisplayName xml:lang="sv">PhenixID Sign idp</mdui:DisplayName>
                <mdui:Logo height="66" width="76">https://frist.phenixid.se/authenticate/res/images/default.png</mdui:Logo>
                <mdui:Description xml:lang="sv">Test legitimiering med FRIST</mdui:Description>
                <mdui:Description xml:lang="en">PhenixID Test IdP</mdui:Description>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor use="signing">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIDMjCCAhqgAwIBAgIGAXoKmr/OMA0GCSqGSIb3DQEBCwUAMEIxDTALBgNVBAMMBGF1dG8xETAP
BgNVBAsMCGN1c3RvbWVyMREwDwYDVQQKDAhQaGVuaXhJRDELMAkGA1UEBhMCU0UwHhcNMjEwNjE0
MTI1OTExWhcNMjYwNjEzMTI1OTExWjBCMQ0wCwYDVQQDDARhdXRvMREwDwYDVQQLDAhjdXN0b21l
cjERMA8GA1UECgwIUGhlbml4SUQxCzAJBgNVBAYTAlNFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA0ZHimuVlLUeBrbn8ICIi5hp9GYmNdFDHZMEJsWRxo3/RF1nXh6YaPCLHHZbn3YTI
cGRJ/XGED8knrb+Wvh973CEcrAx9KfE+kfhVEpc15+rANTWus2XH0Ty369+RpgQEBOJmzi2fYyNB
TfEplpv3EARVkiYUEdasv5XXSCSIGkmLw52e254J5B5eAXZ3kM31JdLd4XP4bXPbt336qhC+L9ll
1cp8q5duDSOcEq1d8nV4WMFlIUBG4WTqM9LLucK0bu0zxxfw1zpHpNneNEgeTVWBYhbZQvKZg8/T
5dipfGyBUg1hS9w2zdKZv0oVkRFAoeFJfyuyt09p68+IikqLFQIDAQABoy4wLDAOBgNVHQ8BAf8E
BAMCBaAwGgYDVR0RBBMwEYcEfwAAAYIJbG9jYWxob3N0MA0GCSqGSIb3DQEBCwUAA4IBAQAlQTK7
Of/hKrobFcUL/jdmnghA8Ll09aMgPBIfCJy7wJqroqM7V3yUASP7oO0YHvTa0Ulj9zf08atT23+f
s3rnnbpptd0ZsL+SpLYg7YAk2RvTroYfeyf9wmzHxbYE6jZpCE7JutC4xC9P5E1cKeYoeqBmVRhO
YqgPtta8c2jrMlvMoCPpb8375NUo15nvRhWiwEcKyUX/W17FP8MXn1kS3G3NCa6+voxUe/QfITfj
hYGF8nYd7yK7g3hupaoJayA1ndMqTp8NkZ9LuPJ2t4YgrOZvRIp+CpaxHFmD+yk+/vyMAGh0S8y7
1xJg+16JB1awiBw7cqab6C7aoTCLdECu</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="encryption">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIDMjCCAhqgAwIBAgIGAXoKmr/OMA0GCSqGSIb3DQEBCwUAMEIxDTALBgNVBAMMBGF1dG8xETAP
BgNVBAsMCGN1c3RvbWVyMREwDwYDVQQKDAhQaGVuaXhJRDELMAkGA1UEBhMCU0UwHhcNMjEwNjE0
MTI1OTExWhcNMjYwNjEzMTI1OTExWjBCMQ0wCwYDVQQDDARhdXRvMREwDwYDVQQLDAhjdXN0b21l
cjERMA8GA1UECgwIUGhlbml4SUQxCzAJBgNVBAYTAlNFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA0ZHimuVlLUeBrbn8ICIi5hp9GYmNdFDHZMEJsWRxo3/RF1nXh6YaPCLHHZbn3YTI
cGRJ/XGED8knrb+Wvh973CEcrAx9KfE+kfhVEpc15+rANTWus2XH0Ty369+RpgQEBOJmzi2fYyNB
TfEplpv3EARVkiYUEdasv5XXSCSIGkmLw52e254J5B5eAXZ3kM31JdLd4XP4bXPbt336qhC+L9ll
1cp8q5duDSOcEq1d8nV4WMFlIUBG4WTqM9LLucK0bu0zxxfw1zpHpNneNEgeTVWBYhbZQvKZg8/T
5dipfGyBUg1hS9w2zdKZv0oVkRFAoeFJfyuyt09p68+IikqLFQIDAQABoy4wLDAOBgNVHQ8BAf8E
BAMCBaAwGgYDVR0RBBMwEYcEfwAAAYIJbG9jYWxob3N0MA0GCSqGSIb3DQEBCwUAA4IBAQAlQTK7
Of/hKrobFcUL/jdmnghA8Ll09aMgPBIfCJy7wJqroqM7V3yUASP7oO0YHvTa0Ulj9zf08atT23+f
s3rnnbpptd0ZsL+SpLYg7YAk2RvTroYfeyf9wmzHxbYE6jZpCE7JutC4xC9P5E1cKeYoeqBmVRhO
YqgPtta8c2jrMlvMoCPpb8375NUo15nvRhWiwEcKyUX/W17FP8MXn1kS3G3NCa6+voxUe/QfITfj
hYGF8nYd7yK7g3hupaoJayA1ndMqTp8NkZ9LuPJ2t4YgrOZvRIp+CpaxHFmD+yk+/vyMAGh0S8y7
1xJg+16JB1awiBw7cqab6C7aoTCLdECu</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://frist.phenixid.se/saml/authenticate/slo"/>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://frist.phenixid.se/saml/authenticate/slo"/>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://frist.phenixid.se/saml/authenticate/phenixid_idp_swecon"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://frist.phenixid.se/saml/authenticate/phenixid_idp_swecon"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="en">PhenixID Test</md:OrganizationName>
        <md:OrganizationName xml:lang="sv">PhenixID Test</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="en">PhenixID Test</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="en">http://www.phenixid.se</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="administrative">
        <md:GivenName>Anders</md:GivenName>
        <md:SurName>Björk</md:SurName>
        <md:EmailAddress>cust_success@phenixid.se</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="support">
        <md:GivenName>Anders</md:GivenName>
        <md:SurName>Björk</md:SurName>
        <md:EmailAddress>cust_success@phenixid.se</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="other">
        <md:GivenName>Anders</md:GivenName>
        <md:SurName>Björk</md:SurName>
        <md:EmailAddress>cust_success@phenixid.se</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="support">
        <md:GivenName>Anders</md:GivenName>
        <md:SurName>Björk</md:SurName>
        <md:EmailAddress>cust_success@phenixid.se</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="technical">
        <md:GivenName>Anders</md:GivenName>
        <md:SurName>Björk</md:SurName>
        <md:EmailAddress>cust_success@phenixid.se</md:EmailAddress>
    </md:ContactPerson>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

EntityCategory-IdP

This Identity Provider has the following EntityCategory values for LoA and attribute profile:

-	*http://id.elegnamnden.se/ec/1.0/loa3-pnr*

ERROR

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa3-pnr" does not have the required complementary EntityCategory value "http://id.swedenconnect.se/ec/1.0/loa3-name"

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa3-pnr" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/loa3

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: PhenixID Sign idp*
-	*en: PhenixID Sign idp*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: Test legitimiering med FRIST*
-	*en: PhenixID Test IdP*

ERROR

MDUI-Logotype

No working logotype are present in mdui

ERROR

MDUI-Logotype

The following errors were encountered while processing logotypes:

-	Logotype download from: *https://frist.phenixid.se/authenticate/res/images/default.png* failed with HTTP response code 0

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/loa1

- http://id.elegnamnden.se/loa/1.0/loa2

- http://id.elegnamnden.se/loa/1.0/loa3

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.elegnamnden.se/loa/1.0/loa1

- http://id.elegnamnden.se/loa/1.0/loa2

- http://id.elegnamnden.se/loa/1.0/loa3

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://frist.phenixid.se/saml/authenticate/phenixid_idp_swecon is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (PhenixID Test)

CONTACT-SUPP

Support contact e-mail (cust_success@phenixid.se) is present

CONTACT-TECH

Technical contact e-mail (cust_success@phenixid.se) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

Polismyndigheten (urn:idp-test.ciceron.cloud:saml20:polismyndigheten) (2)

Polismyndigheten (urn:idp-test.ciceron.cloud:saml20:polismyndigheten)

(2)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="urn:idp-test.ciceron.cloud:saml20:polismyndigheten" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-eidas-low</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-eidas-sub</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-eidas-high</saml:AttributeValue>
            </saml:Attribute>
            <saml:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/sc/uncertified-loa3-pnr</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/general-ec/1.0/secure-authenticator-binding</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/eidas-naturalperson</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/contract/Visma/Polismyndigheten/Leveransavtal-E-Legitimationstjänster-A431.353/2019</saml:AttributeValue>
            </saml:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">Swedish Police IdP</mdui:DisplayName>
                <mdui:DisplayName xml:lang="sv">Polismyndigheten IdP</mdui:DisplayName>
                <mdui:Description xml:lang="en">Swedish Police Identity Provider for authentication and signing</mdui:Description>
                <mdui:Description xml:lang="sv">Polismyndigheten Federationstjänst för autentisering och signering</mdui:Description>
                <mdui:InformationURL xml:lang="sv">https://polisen.se/</mdui:InformationURL>
                <mdui:PrivacyStatementURL xml:lang="sv">https://polisen.se/lagar-och-regler/behandling-av-personuppgifter/personuppgifter-pa-webbplatsen/</mdui:PrivacyStatementURL>
                <mdui:Logo height="64" width="174">https://polisen.se/Areas/Polisen/Content/Images/Polisen.svg</mdui:Logo>
            </mdui:UIInfo>
            <psc:RequestedPrincipalSelection xmlns:psc="http://id.swedenconnect.se/authn/1.0/principal-selection/ns">
                <psc:MatchValue Name="urn:oid:1.2.752.201.3.4"/>
                <psc:MatchValue Name="urn:oid:1.2.752.201.3.7"/>
                <psc:MatchValue Name="urn:oid:1.2.752.29.4.13"/>
            </psc:RequestedPrincipalSelection>
        </md:Extensions>
        <md:KeyDescriptor use="signing">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIDsjCCApqgAwIBAgIUM7VTDhGHIso4hZU3VszeGLp8keswDQYJKoZIhvcNAQELBQAwcTEgMB4GCSqGSIb3DQEJARYRY2ljZXJvbkB2aXNtYS5jb20xCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVWaXNtYTETMBEGA1UECwwKQ29uc3VsdGluZzEbMBkGA1UEAwwSdGlja2V0LXNlcnZlci10ZXN0MB4XDTIwMDYzMDEwMTk1NFoXDTMwMDYyODEwMTk1NFowcTEgMB4GCSqGSIb3DQEJARYRY2ljZXJvbkB2aXNtYS5jb20xCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVWaXNtYTETMBEGA1UECwwKQ29uc3VsdGluZzEbMBkGA1UEAwwSdGlja2V0LXNlcnZlci10ZXN0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyO/wUJmYlEeR0Mef+XRdviIfSOmdkIDsnCdzYLVWopctOrsi2oqQ5YrqCUcjcAjuPTToyzjXZp5/UfU+qe3/BulDV2u6Zvtkvix78Ep8qfxnLNVRM+Fsx55eJBp3V3bWp/hUhZ15flZa+80lvzNNVhft6bGlvw7Vo9/FDBDi8HL0g9koHG54WFqXHsU44J/1poiFsQMBwl/7TH2ewksWzR/nMR8zZLR5KO3Id4abUpzsi+aMrkDqgpChLeU/xYQoXBIaY8oU0SwMlIzFfEIZwFF6yO6FCRhTsR8fgk2Z+f4mxCT/RAOZYEm0wG9YNf40JJqyu/L5FP0cPm1lkyfSZwIDAQABo0IwQDAdBgNVHQ4EFgQUGh5YnMARRWf0Fe3dwWAOpP3iDGswHwYDVR0jBBgwFoAUGh5YnMARRWf0Fe3dwWAOpP3iDGswDQYJKoZIhvcNAQELBQADggEBADFlaCDYftu2UUdfijGtKYgPblemVV+ApXqkJhzNnB7qeGFfaXNTDjtHwymVbn5uFQ6Q9www53Ml7re473tr18Pk5BkRsoAV0jznGD95MItDcNrUzFEaH5E1aahkXy8xc4VKYUz0UFS3ViW8u/9gCX/Xt7luHmzyEqe2I74JOlxfztx9ACe2PyDJBMNKKD9nYUzUr4dy4/c14Q3LZ3nYCfbrYZKHhJMU0UluH39n1e/vzgmBykVrzOei9aZkR/DQ9T3NFbeD9qKBlD6GpRAadPHCFP/XdEsVU+wirgVV0xZR3VXm/UZzDZZfYYQ/ngXnGe6l+SF0TNUldVP72lky75o=</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="encryption">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIFujCCA6KgAwIBAgIUQ1j8+L0oovcq0XGGz8eZUnx9ungwDQYJKoZIhvcNAQELBQAwdTELMAkGA1UEBhMCU0UxDjAMBgNVBAoMBVZpc21hMRMwEQYDVQQLDApDb25zdWx0aW5nMR8wHQYDVQQDDBZ0aWNrZXQtc2VydmVyLXRlc3QtZW5jMSAwHgYJKoZIhvcNAQkBFhFjaWNlcm9uQHZpc21hLmNvbTAeFw0yMTA0MDkwODM0MDdaFw0zMTA0MDcwODM0MDdaMHUxCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVWaXNtYTETMBEGA1UECwwKQ29uc3VsdGluZzEfMB0GA1UEAwwWdGlja2V0LXNlcnZlci10ZXN0LWVuYzEgMB4GCSqGSIb3DQEJARYRY2ljZXJvbkB2aXNtYS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC9oAdSnZAGXNFWNlsyVSLGrDZrBMuHjxqUK5uRa/FWkHDr0UwC9XtcXwQIimDmfHFDsg2rAyuRQSf3eCPQNXSE7vifQQvnmvd56jnKS7fDcWBQxdit1d1p7kqase2PBpkGPyV6vM+a8bM5E/qmCjjhnqR4oNnU34HBnYmXWmyIuc+wFQ9HnkM+e+8Yyw+vLKL1cAdGDRXAFsoKKaRtAGA8d4S/HBSi93p0qccDZ49r2LT4ak6rvshms4pU/OcgwiZj0yscHPztrYxKAyQRtPP3ObMtQj37IHvWCXzqAfeTORAGwi+PXKYKDC2MbhrGJvBq5ZIU1M8ExwUu45VfznjONxMKgbAU9Qigz2MX56e2XkIILC0uqLeXV+bmfgNSuS4ib24J/O7GY83as0uHgx522HtbIg/e6Ojb+UC6BuuyVIF4d3LMl7q/5bwRSu6Y+GQ7XcoCoME1TsPI7LZXql1FPSWhGdV5bpv+jNP0Cj2/XmC9idiBlRKElfkXlUD0NDzbHZnMesBknceJt8xC4q4liRTdgdsWyqGyGhsNpdJI4nUvhW5JCwt8lyHjffKeXPCGP2WP/4EBk5gl2lHNI/gog0bvwMbJvsBtuzqdQwprfuasG1yrVJSCKnwl/HVeC4ZNsMEcezlpLVPX7MhBan0U9JtV1MDxdB9vmYuirYmrfwIDAQABo0IwQDAdBgNVHQ4EFgQUon9fldYH/kZFgonVnRS1fT8WQ4MwHwYDVR0jBBgwFoAUon9fldYH/kZFgonVnRS1fT8WQ4MwDQYJKoZIhvcNAQELBQADggIBADuF+kjDV/K42MOhUkXem6+X5V1u4LiMXvO1U/x1p3PNofeM7L+/5FSw0wh6245A+3zbe87vQ7DU1YlFnCFGliornPJd4yw1fW7kOqoJ5ycQqKl9GnmLeSyKvXHKZlcGCgVgY0+R7EkLDyS4he8VE17FYaPTscbIlSR1w/4KH14kaTwbh97vhUmkuNWh1MTQasyQRVqhrDCqt7alhYcWSrs+tUW6D7YVyzaUUUejzgm3sP8MENd0/Jtx78g+SBpQg1qZH73hCfV6AgK0LQBiy2S280qwL4eDyVPT48vxOmth5Ln4UeLLiZNndnK2Xeb4ESK8sho2oDYjjY7tilbflnbpSLgRobxhO8ib0gRAF6Jl6suBktpZUkae09obPx6wzMLPVDGL/hHi3lzPX0tcqqbj69h17Lc0SLErZvnRbw4w9UTvnCrgH4yXLHFj8VgK7EnA8ALg531kDwaTrLL4NIZE8vo7W8RgHoRnLlXT83AgK2wMh3JMrxDuu8v3VQMNpfQOvvUcHrkO8n0pqXiFx1NQqx7yr7ryQukYg8vNBXUlzy6JiJN2veR8k6I33IuIUO78SDxuxQObcY4WFF0/8BxWV72+rYTTMf+4isKUqaRitO0jUTcOIpiC3ulhP5JAUVu3Z95oLeQupYHc8PkvbvZBWkU4dOJbvERabE1qtJ7u</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-test.ciceron.cloud/single.logout"/>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-test.ciceron.cloud/single.logout"/>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-test.ciceron.cloud/authenticate.request"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-test.ciceron.cloud/authenticate.request"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="en">Swedish Police</md:OrganizationName>
        <md:OrganizationName xml:lang="sv">Polismyndigheten</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="en">Swedish Police</md:OrganizationDisplayName>
        <md:OrganizationDisplayName xml:lang="sv">Polismyndigheten</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="en">https://polisen.se/</md:OrganizationURL>
        <md:OrganizationURL xml:lang="sv">https://polisen.se/</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="support">
        <md:SurName>support</md:SurName>
        <md:EmailAddress>mailto:registrator.kansli@polisen.se</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="technical">
        <md:SurName>technical</md:SurName>
        <md:EmailAddress>mailto:registrator.kansli@polisen.se</md:EmailAddress>
    </md:ContactPerson>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

EntityCategory-IdP

This Identity Provider has the following EntityCategory values for LoA and attribute profile:

-	*http://id.elegnamnden.se/ec/1.0/eidas-naturalperson*

ERROR

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/eidas-naturalperson" is not supported by a compatible LoA. One of the following LoAs must be supported:

-	*http://id.elegnamnden.se/loa/1.0/eidas-low*
-	*http://id.elegnamnden.se/loa/1.0/eidas-sub*
-	*http://id.elegnamnden.se/loa/1.0/eidas-high*
-	*http://id.elegnamnden.se/loa/1.0/eidas-nf-low*
-	*http://id.elegnamnden.se/loa/1.0/eidas-nf-sub*
-	*http://id.elegnamnden.se/loa/1.0/eidas-nf-high*

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: Polismyndigheten IdP*
-	*en: Swedish Police IdP*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: Polismyndigheten Federationstjänst för autentisering och signering*
-	*en: Swedish Police Identity Provider for authentication and signing*

MDUI-Logotype

Working logotypes present:

H:64

W:174

Type:SVG

MDUI-Logotype

At least one logo contains vector graphic of type SVG. This gives the best expected UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

- http://id.swedenconnect.se/loa/1.0/uncertified-eidas-low

- http://id.swedenconnect.se/loa/1.0/uncertified-eidas-sub

- http://id.swedenconnect.se/loa/1.0/uncertified-eidas-high

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value urn:idp-test.ciceron.cloud:saml20:polismyndigheten is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Polismyndigheten)

CONTACT-SUPP

Support contact e-mail (mailto:registrator.kansli@polisen.se) is present

CONTACT-TECH

Technical contact e-mail (mailto:registrator.kansli@polisen.se) is present

ERROR

EIDAS-Connector

This eIDAS Connector does not support any SE eIDAS assurance levels

Statistics Sweden (urn:scb:idp-test.ciceron.cloud:saml20.bankid-mobile) (2)

Statistics Sweden (urn:scb:idp-test.ciceron.cloud:saml20.bankid-mobile)

(2)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="urn:scb:idp-test.ciceron.cloud:saml20.bankid-mobile" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3</saml:AttributeValue>
            </saml:Attribute>
            <saml:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/sc/uncertified-loa3-pnr</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/general-ec/1.0/secure-authenticator-binding</saml:AttributeValue>
            </saml:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions>
            <psc:RequestedPrincipalSelection xmlns:psc="http://id.swedenconnect.se/authn/1.0/principal-selection/ns">
                <psc:MatchValue Name="urn:oid:1.2.752.29.4.13"/>
            </psc:RequestedPrincipalSelection>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">Statistics Sweden Mobile BankID</mdui:DisplayName>
                <mdui:DisplayName xml:lang="sv">Statistikmyndigheten SCB Mobilt BankID</mdui:DisplayName>
                <mdui:Description xml:lang="en">Statistics Sweden SAML Identity Provider for Mobile BankID</mdui:Description>
                <mdui:Description xml:lang="sv">Statistikmyndigheten SCB SAML Identity Provider för Mobilt BankID</mdui:Description>
                <mdui:InformationURL xml:lang="en">https://www.scb.se/</mdui:InformationURL>
                <mdui:InformationURL xml:lang="sv">https://www.scb.se/</mdui:InformationURL>
                <mdui:Logo height="60" width="53">https://scb.se/StyleguideAssets/scb/img/SCB-logo_sv.png</mdui:Logo>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIDsjCCApqgAwIBAgIUM7VTDhGHIso4hZU3VszeGLp8keswDQYJKoZIhvcNAQELBQAwcTEgMB4GCSqGSIb3DQEJARYRY2ljZXJvbkB2aXNtYS5jb20xCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVWaXNtYTETMBEGA1UECwwKQ29uc3VsdGluZzEbMBkGA1UEAwwSdGlja2V0LXNlcnZlci10ZXN0MB4XDTIwMDYzMDEwMTk1NFoXDTMwMDYyODEwMTk1NFowcTEgMB4GCSqGSIb3DQEJARYRY2ljZXJvbkB2aXNtYS5jb20xCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVWaXNtYTETMBEGA1UECwwKQ29uc3VsdGluZzEbMBkGA1UEAwwSdGlja2V0LXNlcnZlci10ZXN0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyO/wUJmYlEeR0Mef+XRdviIfSOmdkIDsnCdzYLVWopctOrsi2oqQ5YrqCUcjcAjuPTToyzjXZp5/UfU+qe3/BulDV2u6Zvtkvix78Ep8qfxnLNVRM+Fsx55eJBp3V3bWp/hUhZ15flZa+80lvzNNVhft6bGlvw7Vo9/FDBDi8HL0g9koHG54WFqXHsU44J/1poiFsQMBwl/7TH2ewksWzR/nMR8zZLR5KO3Id4abUpzsi+aMrkDqgpChLeU/xYQoXBIaY8oU0SwMlIzFfEIZwFF6yO6FCRhTsR8fgk2Z+f4mxCT/RAOZYEm0wG9YNf40JJqyu/L5FP0cPm1lkyfSZwIDAQABo0IwQDAdBgNVHQ4EFgQUGh5YnMARRWf0Fe3dwWAOpP3iDGswHwYDVR0jBBgwFoAUGh5YnMARRWf0Fe3dwWAOpP3iDGswDQYJKoZIhvcNAQELBQADggEBADFlaCDYftu2UUdfijGtKYgPblemVV+ApXqkJhzNnB7qeGFfaXNTDjtHwymVbn5uFQ6Q9www53Ml7re473tr18Pk5BkRsoAV0jznGD95MItDcNrUzFEaH5E1aahkXy8xc4VKYUz0UFS3ViW8u/9gCX/Xt7luHmzyEqe2I74JOlxfztx9ACe2PyDJBMNKKD9nYUzUr4dy4/c14Q3LZ3nYCfbrYZKHhJMU0UluH39n1e/vzgmBykVrzOei9aZkR/DQ9T3NFbeD9qKBlD6GpRAadPHCFP/XdEsVU+wirgVV0xZR3VXm/UZzDZZfYYQ/ngXnGe6l+SF0TNUldVP72lky75o=</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-test.ciceron.cloud/single.logout.bankid-mobile"/>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-test.ciceron.cloud/single.logout.bankid-mobile"/>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-test.ciceron.cloud/authenticate.request.bankid-mobile"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-test.ciceron.cloud/authenticate.request.bankid-mobile"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="en">Statistics Sweden</md:OrganizationName>
        <md:OrganizationName xml:lang="sv">Statistics Sweden</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="en">Statistics Sweden</md:OrganizationDisplayName>
        <md:OrganizationDisplayName xml:lang="sv">Statistics Sweden</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="en">https://www.scb.se/</md:OrganizationURL>
        <md:OrganizationURL xml:lang="sv">https://www.scb.se/</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="support">
        <md:SurName>support</md:SurName>
        <md:EmailAddress>mailto:inloggningstjanst@scb.se</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="technical">
        <md:SurName>technical</md:SurName>
        <md:EmailAddress>mailto:inloggningstjanst@scb.se</md:EmailAddress>
    </md:ContactPerson>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

WARNING

Certificates

This service share the same certificate for signing and encryption

WARNING

EntityCategory-IdP

This Identity Provider does not have an EntityCategory value for LoA and attribute profile.
It is recommended that IdP's have at least one EntityCategory value that indicates supported attributes

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: Statistikmyndigheten SCB Mobilt BankID*
-	*en: Statistics Sweden Mobile BankID*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: Statistikmyndigheten SCB SAML Identity Provider för Mobilt BankID*
-	*en: Statistics Sweden SAML Identity Provider for Mobile BankID*

MDUI-Logotype

Working logotypes present:

H:60

W:53

Type:PNG

MDUI-Logotype

All logotypes are OK but no vector graphic image of type SVG is present. Consider providing images in vector graphic for best UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value urn:scb:idp-test.ciceron.cloud:saml20.bankid-mobile is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Statistics Sweden)

CONTACT-SUPP

Support contact e-mail (mailto:inloggningstjanst@scb.se) is present

CONTACT-TECH

Technical contact e-mail (mailto:inloggningstjanst@scb.se) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

Statistics Sweden (urn:scb:idp-test.ciceron.cloud:saml20.bankid) (2)

Statistics Sweden (urn:scb:idp-test.ciceron.cloud:saml20.bankid)

(2)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="urn:scb:idp-test.ciceron.cloud:saml20.bankid" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3</saml:AttributeValue>
            </saml:Attribute>
            <saml:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/sc/uncertified-loa3-pnr</saml:AttributeValue>
            </saml:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions>
            <psc:RequestedPrincipalSelection xmlns:psc="http://id.swedenconnect.se/authn/1.0/principal-selection/ns">
                <psc:MatchValue Name="urn:oid:1.2.752.29.4.13"/>
            </psc:RequestedPrincipalSelection>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">Statistics Sweden BankID</mdui:DisplayName>
                <mdui:DisplayName xml:lang="sv">Statistikmyndigheten SCB BankID</mdui:DisplayName>
                <mdui:Description xml:lang="en">Statistics Sweden SAML Identity Provider for BankID</mdui:Description>
                <mdui:Description xml:lang="sv">Statistikmyndigheten SCB SAML Identity Provider för BankID</mdui:Description>
                <mdui:InformationURL xml:lang="en">https://www.scb.se/</mdui:InformationURL>
                <mdui:InformationURL xml:lang="sv">https://www.scb.se/</mdui:InformationURL>
                <mdui:Logo height="60" width="53">https://scb.se/StyleguideAssets/scb/img/SCB-logo_sv.png</mdui:Logo>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIDsjCCApqgAwIBAgIUM7VTDhGHIso4hZU3VszeGLp8keswDQYJKoZIhvcNAQELBQAwcTEgMB4GCSqGSIb3DQEJARYRY2ljZXJvbkB2aXNtYS5jb20xCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVWaXNtYTETMBEGA1UECwwKQ29uc3VsdGluZzEbMBkGA1UEAwwSdGlja2V0LXNlcnZlci10ZXN0MB4XDTIwMDYzMDEwMTk1NFoXDTMwMDYyODEwMTk1NFowcTEgMB4GCSqGSIb3DQEJARYRY2ljZXJvbkB2aXNtYS5jb20xCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVWaXNtYTETMBEGA1UECwwKQ29uc3VsdGluZzEbMBkGA1UEAwwSdGlja2V0LXNlcnZlci10ZXN0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyO/wUJmYlEeR0Mef+XRdviIfSOmdkIDsnCdzYLVWopctOrsi2oqQ5YrqCUcjcAjuPTToyzjXZp5/UfU+qe3/BulDV2u6Zvtkvix78Ep8qfxnLNVRM+Fsx55eJBp3V3bWp/hUhZ15flZa+80lvzNNVhft6bGlvw7Vo9/FDBDi8HL0g9koHG54WFqXHsU44J/1poiFsQMBwl/7TH2ewksWzR/nMR8zZLR5KO3Id4abUpzsi+aMrkDqgpChLeU/xYQoXBIaY8oU0SwMlIzFfEIZwFF6yO6FCRhTsR8fgk2Z+f4mxCT/RAOZYEm0wG9YNf40JJqyu/L5FP0cPm1lkyfSZwIDAQABo0IwQDAdBgNVHQ4EFgQUGh5YnMARRWf0Fe3dwWAOpP3iDGswHwYDVR0jBBgwFoAUGh5YnMARRWf0Fe3dwWAOpP3iDGswDQYJKoZIhvcNAQELBQADggEBADFlaCDYftu2UUdfijGtKYgPblemVV+ApXqkJhzNnB7qeGFfaXNTDjtHwymVbn5uFQ6Q9www53Ml7re473tr18Pk5BkRsoAV0jznGD95MItDcNrUzFEaH5E1aahkXy8xc4VKYUz0UFS3ViW8u/9gCX/Xt7luHmzyEqe2I74JOlxfztx9ACe2PyDJBMNKKD9nYUzUr4dy4/c14Q3LZ3nYCfbrYZKHhJMU0UluH39n1e/vzgmBykVrzOei9aZkR/DQ9T3NFbeD9qKBlD6GpRAadPHCFP/XdEsVU+wirgVV0xZR3VXm/UZzDZZfYYQ/ngXnGe6l+SF0TNUldVP72lky75o=</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-test.ciceron.cloud/single.logout.bankid"/>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-test.ciceron.cloud/single.logout.bankid"/>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-test.ciceron.cloud/authenticate.request.bankid"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-test.ciceron.cloud/authenticate.request.bankid"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="en">Statistics Sweden</md:OrganizationName>
        <md:OrganizationName xml:lang="sv">Statistics Sweden</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="en">Statistics Sweden</md:OrganizationDisplayName>
        <md:OrganizationDisplayName xml:lang="sv">Statistics Sweden</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="en">https://www.scb.se/</md:OrganizationURL>
        <md:OrganizationURL xml:lang="sv">https://www.scb.se/</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="support">
        <md:SurName>support</md:SurName>
        <md:EmailAddress>mailto:inloggningstjanst@scb.se</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="technical">
        <md:SurName>technical</md:SurName>
        <md:EmailAddress>mailto:inloggningstjanst@scb.se</md:EmailAddress>
    </md:ContactPerson>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

WARNING

Certificates

This service share the same certificate for signing and encryption

WARNING

EntityCategory-IdP

This Identity Provider does not have an EntityCategory value for LoA and attribute profile.
It is recommended that IdP's have at least one EntityCategory value that indicates supported attributes

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: Statistikmyndigheten SCB BankID*
-	*en: Statistics Sweden BankID*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: Statistikmyndigheten SCB SAML Identity Provider för BankID*
-	*en: Statistics Sweden SAML Identity Provider for BankID*

MDUI-Logotype

Working logotypes present:

H:60

W:53

Type:PNG

MDUI-Logotype

All logotypes are OK but no vector graphic image of type SVG is present. Consider providing images in vector graphic for best UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value urn:scb:idp-test.ciceron.cloud:saml20.bankid is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Statistics Sweden)

CONTACT-SUPP

Support contact e-mail (mailto:inloggningstjanst@scb.se) is present

CONTACT-TECH

Technical contact e-mail (mailto:inloggningstjanst@scb.se) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

Statistics Sweden (urn:scb:idp-test.ciceron.cloud:saml20.telia) (2)

Statistics Sweden (urn:scb:idp-test.ciceron.cloud:saml20.telia)

(2)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="urn:scb:idp-test.ciceron.cloud:saml20.telia" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3</saml:AttributeValue>
            </saml:Attribute>
            <saml:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/sc/uncertified-loa3-pnr</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/general-ec/1.0/secure-authenticator-binding</saml:AttributeValue>
            </saml:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions>
            <psc:RequestedPrincipalSelection xmlns:psc="http://id.swedenconnect.se/authn/1.0/principal-selection/ns">
                <psc:MatchValue Name="urn:oid:1.2.752.29.4.13"/>
            </psc:RequestedPrincipalSelection>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">Statistics Sweden Mobile BankID</mdui:DisplayName>
                <mdui:DisplayName xml:lang="sv">Statistikmyndigheten SCB Mobilt BankID</mdui:DisplayName>
                <mdui:Description xml:lang="en">Statistics Sweden SAML Identity Provider for Mobile BankID</mdui:Description>
                <mdui:Description xml:lang="sv">Statistikmyndigheten SCB SAML Identity Provider för Mobilt BankID</mdui:Description>
                <mdui:InformationURL xml:lang="en">https://www.scb.se/</mdui:InformationURL>
                <mdui:InformationURL xml:lang="sv">https://www.scb.se/</mdui:InformationURL>
                <mdui:Logo height="60" width="53">https://scb.se/StyleguideAssets/scb/img/SCB-logo_sv.png</mdui:Logo>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIDsjCCApqgAwIBAgIUM7VTDhGHIso4hZU3VszeGLp8keswDQYJKoZIhvcNAQELBQAwcTEgMB4GCSqGSIb3DQEJARYRY2ljZXJvbkB2aXNtYS5jb20xCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVWaXNtYTETMBEGA1UECwwKQ29uc3VsdGluZzEbMBkGA1UEAwwSdGlja2V0LXNlcnZlci10ZXN0MB4XDTIwMDYzMDEwMTk1NFoXDTMwMDYyODEwMTk1NFowcTEgMB4GCSqGSIb3DQEJARYRY2ljZXJvbkB2aXNtYS5jb20xCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVWaXNtYTETMBEGA1UECwwKQ29uc3VsdGluZzEbMBkGA1UEAwwSdGlja2V0LXNlcnZlci10ZXN0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyO/wUJmYlEeR0Mef+XRdviIfSOmdkIDsnCdzYLVWopctOrsi2oqQ5YrqCUcjcAjuPTToyzjXZp5/UfU+qe3/BulDV2u6Zvtkvix78Ep8qfxnLNVRM+Fsx55eJBp3V3bWp/hUhZ15flZa+80lvzNNVhft6bGlvw7Vo9/FDBDi8HL0g9koHG54WFqXHsU44J/1poiFsQMBwl/7TH2ewksWzR/nMR8zZLR5KO3Id4abUpzsi+aMrkDqgpChLeU/xYQoXBIaY8oU0SwMlIzFfEIZwFF6yO6FCRhTsR8fgk2Z+f4mxCT/RAOZYEm0wG9YNf40JJqyu/L5FP0cPm1lkyfSZwIDAQABo0IwQDAdBgNVHQ4EFgQUGh5YnMARRWf0Fe3dwWAOpP3iDGswHwYDVR0jBBgwFoAUGh5YnMARRWf0Fe3dwWAOpP3iDGswDQYJKoZIhvcNAQELBQADggEBADFlaCDYftu2UUdfijGtKYgPblemVV+ApXqkJhzNnB7qeGFfaXNTDjtHwymVbn5uFQ6Q9www53Ml7re473tr18Pk5BkRsoAV0jznGD95MItDcNrUzFEaH5E1aahkXy8xc4VKYUz0UFS3ViW8u/9gCX/Xt7luHmzyEqe2I74JOlxfztx9ACe2PyDJBMNKKD9nYUzUr4dy4/c14Q3LZ3nYCfbrYZKHhJMU0UluH39n1e/vzgmBykVrzOei9aZkR/DQ9T3NFbeD9qKBlD6GpRAadPHCFP/XdEsVU+wirgVV0xZR3VXm/UZzDZZfYYQ/ngXnGe6l+SF0TNUldVP72lky75o=</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-test.ciceron.cloud/single.logout.telia"/>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-test.ciceron.cloud/single.logout.telia"/>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-test.ciceron.cloud/authenticate.request.telia"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-test.ciceron.cloud/authenticate.request.telia"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="en">Statistics Sweden</md:OrganizationName>
        <md:OrganizationName xml:lang="sv">Statistics Sweden</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="en">Statistics Sweden</md:OrganizationDisplayName>
        <md:OrganizationDisplayName xml:lang="sv">Statistics Sweden</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="en">https://www.scb.se/</md:OrganizationURL>
        <md:OrganizationURL xml:lang="sv">https://www.scb.se/</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="support">
        <md:SurName>support</md:SurName>
        <md:EmailAddress>mailto:inloggningstjanst@scb.se</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="technical">
        <md:SurName>technical</md:SurName>
        <md:EmailAddress>mailto:inloggningstjanst@scb.se</md:EmailAddress>
    </md:ContactPerson>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

WARNING

Certificates

This service share the same certificate for signing and encryption

WARNING

EntityCategory-IdP

This Identity Provider does not have an EntityCategory value for LoA and attribute profile.
It is recommended that IdP's have at least one EntityCategory value that indicates supported attributes

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: Statistikmyndigheten SCB Mobilt BankID*
-	*en: Statistics Sweden Mobile BankID*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: Statistikmyndigheten SCB SAML Identity Provider för Mobilt BankID*
-	*en: Statistics Sweden SAML Identity Provider for Mobile BankID*

MDUI-Logotype

Working logotypes present:

H:60

W:53

Type:PNG

MDUI-Logotype

All logotypes are OK but no vector graphic image of type SVG is present. Consider providing images in vector graphic for best UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value urn:scb:idp-test.ciceron.cloud:saml20.telia is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Statistics Sweden)

CONTACT-SUPP

Support contact e-mail (mailto:inloggningstjanst@scb.se) is present

CONTACT-TECH

Technical contact e-mail (mailto:inloggningstjanst@scb.se) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

Svensk e-identitet (eid-demo-bankid-idp) (5) (3)

Svensk e-identitet (eid-demo-bankid-idp)

(5)

(3)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="eid-demo-bankid-idp" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:KeyDescriptor use="signing">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIFeDCCA2CgAwIBAgICCLUwDQYJKoZIhvcNAQELBQAwga0xCzAJBgNVBAYTAlNFMRAwDgYDVQQIDAdVcHBzYWxhMRAwDgYDVQQHDAdVcHBzYWxhMR4wHAYDVQQKDBVTdmVuc2sgZS1pZGVudGl0ZXQgQUIxCzAJBgNVBAsMAklUMSYwJAYDVQQDDB1TdmVuc2sgZS1pZGVudGl0ZXQgQUIgQ0EgVjEuMzElMCMGCSqGSIb3DQEJARYWc3VwcG9ydEBlLWlkZW50aXRldC5zZTAeFw0xNzA5MTEwOTEwNTRaFw0yNzA5MDkwOTEwNTRaMIGtMSkwJwYDVQQDDCA3YTMyZTY0ZWM0YjQ4NTAyZjhiZjc5Y2FkNjI4ZTNmYTEiMCAGCSqGSIb3DQEJARYTc3VwcG9ydEBncmFuZGlkLmNvbTELMAkGA1UEBhMCU0UxEDAOBgNVBAgMB1VwcHNhbGExEDAOBgNVBAcMB1VwcHNhbGExHjAcBgNVBAoMFVN2ZW5zayBlLWlkZW50aXRldCBBQjELMAkGA1UECwwCSVQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD3Q0WD7AbDTfgEUL+xYdVxfXTfcoA3JEUkfHXYibYeS3cjOnVTjH9dr8M1oGTGBgOn6VPE6mBakjnJUtrdWVg39lrB4Xg1NP1ZSldwzq2E0BmSsPdo821zmOH7I62PemdjZiyNHEK955aETznt3unxAv40lnbmKwagPfIDdOsE/FrxVrXbukGXDJDdcc2MLokkPB4pjgagIO+ibIRtCR/0fCOVx8kkZrEor8QbDz5xRl3qiBkV6wnVQ5J7KVLtlfT38mK5Xho+1OAF/wfo+i1qQy2eo5IHiv/SK4COohZxaQkyYA/D4lUuHTIUOn6fdDna08l0d25FqJq04aVVM7RvAgMBAAGjgZ8wgZwwHQYDVR0OBBYEFFoGcHQlXrY0aGz3EP39fs3T6YlbMB8GA1UdIwQYMBaAFAJd5S5wqLzNqSli6PO2ajrfumBuMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMDkGA1UdHwQyMDAwLqAsoCqGKGh0dHBzOi8vY2EuZ3JhbmRpZC5jb20vY3JsL3N2ZW5za2VpZC5jcmwwDQYJKoZIhvcNAQELBQADggIBALzXCpqRMAZtxUYAbLS7zRVBDnVLThppVWAiU4AMAE0QpbrwWWOPTR8+Q8Cmr64B1gNegrig9a/MRNK/b5ezR01MvB+LvGhSXcanJVFT5oJvosu6oALYs532jqYDbLzLS5+4s/zn/5PsKGutpjLU8topj4Yz74dt27/x/QhwD/D0oPzXQQcKa36dcTqFWrKbu2ZCK7U3qi7nOOWBCz/v5nb0BeeQhIK30LaJ1mwktA34mh1NjpQDNDkTn1fYCyowXxhlUMCwQFa8v8cah49W2KaI6/4sISWxHmGMbU4mAZ4yLTX8Pcse8MxAXMRLVArhKTqNECg+FNU7UyAS8PFG37MYCWFoPj+Xh9ebKojzOVH5/JAfb+Kceo6LLHcua1ZJrxxrw1rxkaKYz2g7SCEItKb0T+ucvrWZpSwShzttuugwIUCZM3WDBB6fSRGXJ/Vm4OsbOjnaJ+ugZRR8mkCHx5gdzi8O1bXDSHXYzMxwleW+hqx7CWTF6qKacAYh6tq61L5CiNE/ZNNOJtJNT1kr9BIAwY4JKfjT2XbIvXLT1zPHiLsKdPpTJN9Ci7kWutanwg6KgzchMEiMt8my2QWJwtXl5AnDL7ByrGEGygH/NdhjO+z7S7Vj7SZZjAUPdw8lRRWmZKefz/jiUL5TufyzN+oi4CigbJ3QTlW3XSJFapBi</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="encryption">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIFeDCCA2CgAwIBAgICCLUwDQYJKoZIhvcNAQELBQAwga0xCzAJBgNVBAYTAlNFMRAwDgYDVQQIDAdVcHBzYWxhMRAwDgYDVQQHDAdVcHBzYWxhMR4wHAYDVQQKDBVTdmVuc2sgZS1pZGVudGl0ZXQgQUIxCzAJBgNVBAsMAklUMSYwJAYDVQQDDB1TdmVuc2sgZS1pZGVudGl0ZXQgQUIgQ0EgVjEuMzElMCMGCSqGSIb3DQEJARYWc3VwcG9ydEBlLWlkZW50aXRldC5zZTAeFw0xNzA5MTEwOTEwNTRaFw0yNzA5MDkwOTEwNTRaMIGtMSkwJwYDVQQDDCA3YTMyZTY0ZWM0YjQ4NTAyZjhiZjc5Y2FkNjI4ZTNmYTEiMCAGCSqGSIb3DQEJARYTc3VwcG9ydEBncmFuZGlkLmNvbTELMAkGA1UEBhMCU0UxEDAOBgNVBAgMB1VwcHNhbGExEDAOBgNVBAcMB1VwcHNhbGExHjAcBgNVBAoMFVN2ZW5zayBlLWlkZW50aXRldCBBQjELMAkGA1UECwwCSVQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD3Q0WD7AbDTfgEUL+xYdVxfXTfcoA3JEUkfHXYibYeS3cjOnVTjH9dr8M1oGTGBgOn6VPE6mBakjnJUtrdWVg39lrB4Xg1NP1ZSldwzq2E0BmSsPdo821zmOH7I62PemdjZiyNHEK955aETznt3unxAv40lnbmKwagPfIDdOsE/FrxVrXbukGXDJDdcc2MLokkPB4pjgagIO+ibIRtCR/0fCOVx8kkZrEor8QbDz5xRl3qiBkV6wnVQ5J7KVLtlfT38mK5Xho+1OAF/wfo+i1qQy2eo5IHiv/SK4COohZxaQkyYA/D4lUuHTIUOn6fdDna08l0d25FqJq04aVVM7RvAgMBAAGjgZ8wgZwwHQYDVR0OBBYEFFoGcHQlXrY0aGz3EP39fs3T6YlbMB8GA1UdIwQYMBaAFAJd5S5wqLzNqSli6PO2ajrfumBuMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMDkGA1UdHwQyMDAwLqAsoCqGKGh0dHBzOi8vY2EuZ3JhbmRpZC5jb20vY3JsL3N2ZW5za2VpZC5jcmwwDQYJKoZIhvcNAQELBQADggIBALzXCpqRMAZtxUYAbLS7zRVBDnVLThppVWAiU4AMAE0QpbrwWWOPTR8+Q8Cmr64B1gNegrig9a/MRNK/b5ezR01MvB+LvGhSXcanJVFT5oJvosu6oALYs532jqYDbLzLS5+4s/zn/5PsKGutpjLU8topj4Yz74dt27/x/QhwD/D0oPzXQQcKa36dcTqFWrKbu2ZCK7U3qi7nOOWBCz/v5nb0BeeQhIK30LaJ1mwktA34mh1NjpQDNDkTn1fYCyowXxhlUMCwQFa8v8cah49W2KaI6/4sISWxHmGMbU4mAZ4yLTX8Pcse8MxAXMRLVArhKTqNECg+FNU7UyAS8PFG37MYCWFoPj+Xh9ebKojzOVH5/JAfb+Kceo6LLHcua1ZJrxxrw1rxkaKYz2g7SCEItKb0T+ucvrWZpSwShzttuugwIUCZM3WDBB6fSRGXJ/Vm4OsbOjnaJ+ugZRR8mkCHx5gdzi8O1bXDSHXYzMxwleW+hqx7CWTF6qKacAYh6tq61L5CiNE/ZNNOJtJNT1kr9BIAwY4JKfjT2XbIvXLT1zPHiLsKdPpTJN9Ci7kWutanwg6KgzchMEiMt8my2QWJwtXl5AnDL7ByrGEGygH/NdhjO+z7S7Vj7SZZjAUPdw8lRRWmZKefz/jiUL5TufyzN+oi4CigbJ3QTlW3XSJFapBi</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://eidas-test.grandid.com/saml2/idp/SingleLogoutService.php"/>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://eidas-test.grandid.com/saml2/idp/SSOService.php"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="en">Svensk e-identitet</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="en">Svensk e-identitet</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="en">https://www.e-identitet.se</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="technical">
        <md:GivenName>Svensk E-identitet / GrandID Support</md:GivenName>
        <md:EmailAddress>support@grandid.com</md:EmailAddress>
    </md:ContactPerson>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

WARNING

EntityCategory-IdP

This Identity Provider does not have an EntityCategory value for LoA and attribute profile.
It is recommended that IdP's have at least one EntityCategory value that indicates supported attributes

ERROR

MDUI

No mdui:UIInfo element is present

ERROR

LOA

No present declaration of supported Level of Assurance (LoA)

ERROR

LOA-Holder-of-key

Processing holder-of-key information in IdP metadata resulted in error: java.lang.NullPointerException

ERROR

NameID-IdP

Missing NameID declaration urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
NameID declarations for an IdP must declare the NameID formats:

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

ERROR

EntityID-URI

The EntityID value eid-demo-bankid-idp is not a valid URI

ORG

OrganizationName element is present

WARNING

ORG-SWE

The OrganizationName element has the English value (Svensk e-identitet) but has no value in Swedish

WARNING

CONTACT-SUPP

No support contact e-mail is available

CONTACT-TECH

Technical contact e-mail (support@grandid.com) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

Sweden Connect (http://dev.test.swedenconnect.se/idp)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor entityID="http://dev.test.swedenconnect.se/idp" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml2:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa2</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa3</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-nf-low</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-nf-sub</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-nf-high</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/loa2-pnr</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/loa3-pnr</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/eidas-pnr-delivery</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/1.0/loa2-name</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/1.0/loa3-name</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/scal2</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml2:AttributeValue>
            </saml2:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <Extensions>
            <psc:RequestedPrincipalSelection xmlns:psc="http://id.swedenconnect.se/authn/1.0/principal-selection/ns">
                <psc:MatchValue Name="urn:oid:1.2.752.29.4.13"/>
                <psc:MatchValue Name="urn:oid:1.2.752.201.3.1"/>
            </psc:RequestedPrincipalSelection>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">Sweden Connect Reference IdP</mdui:DisplayName>
                <mdui:DisplayName xml:lang="sv">Sweden Connect Referens-IdP</mdui:DisplayName>
                <mdui:Description xml:lang="en">Sweden Connect Reference Identity Provider</mdui:Description>
                <mdui:Description xml:lang="sv">Sweden Connect referens-legitimeringstjänst</mdui:Description>
                <mdui:Logo height="256" width="256">https://idp.sandbox.swedenconnect.se/idp/images/idp-logo-notext.svg</mdui:Logo>
                <mdui:Logo height="56" width="280">https://idp.sandbox.swedenconnect.se/idp/images/idp-logo.svg</mdui:Logo>
            </mdui:UIInfo>
        </Extensions>
        <md:KeyDescriptor use="signing" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIE+DCCAuCgAwIBAgIEXQvpnzANBgkqhkiG9w0BAQsFADA+MQswCQYDVQQGEwJTRTEXMBUGA1UECgwOU3dlZGVuIENvbm5lY3QxFjAUBgNVBAMMDVJlZmVyZW5jZSBJZFAwHhcNMTkwNjIwMjAxNjMxWhcNMjkwNjIwMjAxNjMxWjA+MQswCQYDVQQGEwJTRTEXMBUGA1UECgwOU3dlZGVuIENvbm5lY3QxFjAUBgNVBAMMDVJlZmVyZW5jZSBJZFAwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCuuCBiNHtLObUDXtfn82Z914ycRSPm5taKZKPmJ602SwzDzPZmELH3Y7ZtcBFJkdUMbe/WDJE9RosT/CXZ4lHVuMMIh58gG3MMAfi7wlkwHFDxGNDNdkT0ZMohkyNXJnEVQwLBbU1BdM9umXmT1MyIEYi0M6mjC7Uh8Qvyy5txMbTwYVcmYPddA3/vSFYjhmJhPtBxMX4HndEqw02aRYn4oPrXu5x7KxwLc+vo5weYsU5PSbkVXg03Zv52NXvuivreLdfa+rUm90KLpcYr3ZmF+iBG3liUW02eJEAtktt6vWXW6mipcgeXz9REJrgscbwW5kv4eoaaG+uA7cehtyNN/WXF/XLhSP5T13gnrFxQbSPyxFlixtXBxQ46Ap58UY/47SxQo3yj1i3CHfFfs8YuL5RzTkQyJA4AOkdIku7gWXIw3s0Bv1vRxe7+80kwkL0u0wkuWDCoi2OuWO1sYeRBUPBy0yZ/FQr/XydFsi6YqNbHGzJB/OXOcnLMCbjZiZDSSS/h/mhSgmdrLnN5y4w/riJI1ZvdG14mhJBlQ/pfOpBoUDMzMmEKeg3x40IFBCq89Jn+5I3cJkIDND9UMexuRe07ZhiHwfkza+djoJQTOj3E4r8XKXBtKzhomEM1YWm3klBkgUJWfDwvt5s7RG5YY4hLUsQwjFoR872ABAVnXQIDAQABMA0GCSqGSIb3DQEBCwUAA4ICAQCe24zs7TXv1/6ucTFp/34PjhIN/b/LsVQRffFn6riGi3+2o1TWc9Yi1Qy3SXCgXUfUEw/l2qHrbTPMK5vwHOMQv4ZhAQRlknCa+vL361VSLw5ox1Lo3tRou6biSwd2Lpu2LottiFKEXFoz3cpvD+5A6TBBUHFd0lLM6e2b/PMXlv6BN8CfJGo4n6LLq5h7yulg5tEOpbxJLOkiXbPTsxELcGi8yjYKz+AJFSooj8fCOFoCrBrpW+Iid8PWiivHXnpwpcdM+9nM7THBS644+3eajX/Q2ocUFisP9mK56gBUYJj9s06AZ3GqRf1CA8LGwKX+zsSpYMWtgvDB0C64gjcptKkGx67eC3yaEK3SzHGWIdJsmSgBQJs3uMELDEbAPUM4pik7RbcNWe/0xhOA0Mv9TuMKoWIjm77lImRbDhur69qA79pDIbV5QZrzlLapjuWLSbshfAzdeTCtpEq9RwreMzfyW1pptYmhWFRUxiD4aLkc2KijxHbxj1EII+RgiyB9qy2D/tmIk/b8yC+8jCnCC6q1B5esMoS7WrR9fuw24LOO0c9qKdCBcrPo+urECpdMRDJiDpe9xxr2LzWQbmiEPLQW2AbNapNxTuvFD9ppjetkKRMTz1g8l0uMOabiBQUt7jnw+GxqbHPdE5mfCqOe8EpoFZUCa6LWQ8mmnn2XDw==</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="encryption" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIE+DCCAuCgAwIBAgIEXQvp7jANBgkqhkiG9w0BAQsFADA+MQswCQYDVQQGEwJTRTEXMBUGA1UECgwOU3dlZGVuIENvbm5lY3QxFjAUBgNVBAMMDVJlZmVyZW5jZSBJZFAwHhcNMTkwNjIwMjAxNzUwWhcNMjkwNjIwMjAxNzUwWjA+MQswCQYDVQQGEwJTRTEXMBUGA1UECgwOU3dlZGVuIENvbm5lY3QxFjAUBgNVBAMMDVJlZmVyZW5jZSBJZFAwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC0OG3mhU+N4hDfgADA+O80xeTeeO1HB0E4j6cr7zHZZTPtya0SVZgR6147acJCKwjUr11FENF+8fpT3vXtjVQqXtjBD0eSUK1Ruvgb5KLisGL6qXeOEFNs1BHCVctnueLF+RFyugjxC+TwJ6fOaV3mQP9d1SMyjbYcvAoIvHWrcmOsMAHFIaucZROaCSPkHvQvcjuCXyZL9N1ryxfbFym4DghCRzWjfpfAAxmlrkhsS22uEPuF45yGCKUwd7Y5oBpMt6u4iJjZRBzNQTJgER8Pq+poEVr/rzkR2UN+4UAXwVn5D6gX6OlDlhoczMd1r6/OqHfjixD3zDXkcUO913iUsYdbjQ70doIpBZF2b9XJk26Qvf+WmZ9ZpQQF9Kqx4cU5sZq/UfZOzBEIPX5Zgp0AviTNTfspE75rpHf/bVrztIsQuGAwXn79c24U40Jb1/ifObsfi40rNUUAbZ/xg5Wi97UCVI+ow1naXrxVVWch/le8GWxOw23mGMaUSOSCc4/41OvofmA1HQ6aKn1GDJqifSAgnZUWpbB8z5wJqwu71T79P0cdBTw5QvaxMltBe/gluXM8Z+Tq1jIo52muhwC15Tj3BbC9p3Mz3nisnYpgUooF8Em+O+6Q0LWyJpQBZvtlBMIHhaz6seNhfG8mbo/DxuEAxkZ9kDuPxCydnzgHWwIDAQABMA0GCSqGSIb3DQEBCwUAA4ICAQALqrwsqIZ8cpgJjJVzy51nLQJl4rTFycGv04hbW7jTRDleyTl3+RtGWApgqbJNmh13lffaPkroZe0CNei3zpsO/8ONatKoZ1BxuvYbOGoofOTDkjl1SjpQ6T0aWyryjc8NQSWsfro8SN6YvVa3ESsVLyEb+q0ir0SMsXWdpc1HoYABqLUjE2lh6V0SJ9FcpayJWKUjvOpr838l5hX48HOOl4xUU268L+ChEn+IZWuiqs/cThtzTW3uEL8IrM3d7hvuyH2bQy5rxHwHqwsH8byT7Q4UBr14cytOTKnpq6UKhIurPMppLamjUbudAAAObdfFJxKQ4RQylgCKL8G2wIH9WEJBjCEvZurn6Foy8DCeQZdj+VtCRyiv/dj2Ou6eEGDTwFJs2Vubf+kf8fcE6fDW5KZs6+7+d7w1zcZ7WFsByX5gsm83Zwnf7HgrMNFrs8lY40S0bqCENWKl1pdYw3UK31atwtm3KTgh4dFVsCzVgl98OWOsA16bCfz0PITbsZ5gVvOhh/coz3n3RKCQf0hTkR1SYKvVKvPT+MH+u6qoOnc1T4JUm4PRUHn8aHMvUUBJiZ7rSsid5q980G5HsK5wD0nnRihvHr7hG3sLovKVBH6o/KI4p9uBWZAVZye85rhJieWvKOiFPrQgpPE3VCI8UWjo0oMB1WeS+XkcUoSpWg==</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
            <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
            <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
            <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
            <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
        </md:KeyDescriptor>
        <md:NameIDFormat xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.sandbox.swedenconnect.se/idp/profile/SAML2/Redirect/SSO" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.sandbox.swedenconnect.se/idp/profile/SAML2/POST/SSO" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"/>
    </IDPSSODescriptor>
    <Organization>
        <OrganizationName xml:lang="en">Sweden Connect</OrganizationName>
        <OrganizationName xml:lang="sv">Sweden Connect</OrganizationName>
        <OrganizationDisplayName xml:lang="en">Sweden Connect</OrganizationDisplayName>
        <OrganizationDisplayName xml:lang="sv">Sweden Connect</OrganizationDisplayName>
        <OrganizationURL xml:lang="en">https://www.swedenconnect.se</OrganizationURL>
    </Organization>
    <ContactPerson contactType="technical">
        <Company>Sweden Connect</Company>
        <EmailAddress>operations@swedenconnect.se</EmailAddress>
    </ContactPerson>
    <ContactPerson contactType="support">
        <Company>Sweden Connect</Company>
        <EmailAddress>operations@swedenconnect.se</EmailAddress>
    </ContactPerson>
</EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

EntityCategory-IdP

This Identity Provider has the following EntityCategory values for LoA and attribute profile:

-	*http://id.elegnamnden.se/ec/1.0/loa2-pnr*
-	*http://id.elegnamnden.se/ec/1.0/loa3-pnr*
-	*http://id.elegnamnden.se/ec/1.0/eidas-pnr-delivery*
-	*http://id.swedenconnect.se/ec/1.0/loa2-name*
-	*http://id.swedenconnect.se/ec/1.0/loa3-name*

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa2-pnr" has the required complementary EntityCategory value "http://id.swedenconnect.se/ec/1.0/loa2-name"

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa2-pnr" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/loa2

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa3-pnr" has the required complementary EntityCategory value "http://id.swedenconnect.se/ec/1.0/loa3-name"

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa3-pnr" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/loa3,http://id.swedenconnect.se/loa/1.0/uncertified-loa3

EntityCategory-Consistency

The present EntityCategory value "http://id.swedenconnect.se/ec/1.0/loa2-name" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/loa2

EntityCategory-Consistency

The present EntityCategory value "http://id.swedenconnect.se/ec/1.0/loa3-name" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/loa3,http://id.swedenconnect.se/loa/1.0/uncertified-loa3

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: Sweden Connect Referens-IdP*
-	*en: Sweden Connect Reference IdP*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: Sweden Connect referens-legitimeringstjänst*
-	*en: Sweden Connect Reference Identity Provider*

MDUI-Logotype

Working logotypes present:

H:256	W:256	Type:SVG
H:56	W:280	Type:SVG

MDUI-Logotype

At least one logo contains vector graphic of type SVG. This gives the best expected UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/loa2

- http://id.elegnamnden.se/loa/1.0/loa3

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

- http://id.elegnamnden.se/loa/1.0/eidas-nf-low

- http://id.elegnamnden.se/loa/1.0/eidas-nf-sub

- http://id.elegnamnden.se/loa/1.0/eidas-nf-high

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.elegnamnden.se/loa/1.0/loa2

- http://id.elegnamnden.se/loa/1.0/loa3

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

- http://id.elegnamnden.se/loa/1.0/eidas-nf-low

- http://id.elegnamnden.se/loa/1.0/eidas-nf-sub

- http://id.elegnamnden.se/loa/1.0/eidas-nf-high

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value http://dev.test.swedenconnect.se/idp is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Sweden Connect)

CONTACT-SUPP

Support contact e-mail (operations@swedenconnect.se) is present

CONTACT-TECH

Technical contact e-mail (operations@swedenconnect.se) is present

EIDAS-IdP

This IdP is configured to support the eIDAS proxy service through appropriate EntityCategory declarations and supports eIDAS LoA levels

Sweden Connect (https://dev.connector.swedenconnect.se/eidas) (2)

Sweden Connect (https://dev.connector.swedenconnect.se/eidas)

(2)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor entityID="https://dev.connector.swedenconnect.se/eidas" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml2:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-low</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-nf-low</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-sub</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-nf-sub</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-high</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-nf-high</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/eidas-naturalperson</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/scal2</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml2:AttributeValue>
            </saml2:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <Extensions>
            <psc:RequestedPrincipalSelection xmlns:psc="http://id.swedenconnect.se/authn/1.0/principal-selection/ns">
                <psc:MatchValue Name="urn:oid:1.2.752.201.3.4"/>
                <psc:MatchValue Name="urn:oid:1.2.752.201.3.7"/>
                <psc:MatchValue Name="urn:oid:1.2.752.29.4.13"/>
            </psc:RequestedPrincipalSelection>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">eIDAS International eID - Sandbox</mdui:DisplayName>
                <mdui:DisplayName xml:lang="sv">eIDAS Internationell eID - Sandbox</mdui:DisplayName>
                <mdui:Description xml:lang="en">Test IdP for eIDAS authentication - Sandbox</mdui:Description>
                <mdui:Description xml:lang="sv">Test-legitimeringstjänst för eIDAS legitimering - Sandbox</mdui:Description>
                <mdui:Logo height="256" width="256">https://con.sandbox.swedenconnect.se/idp/img/idp-logo-notext.svg</mdui:Logo>
                <mdui:Logo height="56" width="280">https://con.sandbox.swedenconnect.se/idp/img/idp-logo.svg</mdui:Logo>
            </mdui:UIInfo>
        </Extensions>
        <md:KeyDescriptor use="signing" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIFFDCCAvygAwIBAgIEXUqqADANBgkqhkiG9w0BAQsFADBMMQswCQYDVQQGEwJTRTEXMBUGA1UECgwOU3dlZGVuIENvbm5lY3QxJDAiBgNVBAMMG0RldmVsb3BtZW50IGVJREFTIENvbm5lY3RvcjAeFw0xOTA4MDcxMDM3NTJaFw0yMDA4MDYxMDM3NTJaMEwxCzAJBgNVBAYTAlNFMRcwFQYDVQQKDA5Td2VkZW4gQ29ubmVjdDEkMCIGA1UEAwwbRGV2ZWxvcG1lbnQgZUlEQVMgQ29ubmVjdG9yMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqNbH7daqenTHYMbKx28GRm3qB/z5ckHEzFWGtgHMKAdcGHRBy1u87uglzgJ52XBjS3GERAbLdc/wMl+w97IlcmHAx54rfK8ghzI4SYZXzL35njh2b0MAfdNkPqjWuzmTQyW54XumF84NMNi3We3EL1NzXd3Dpk+3J90YfmaLIQxWWNVxE5xyD2bqT2YCzmUKQJvrFhxjnsJqrJeVlyuhyA5iGtg1YikVAXqRij1cbrNioIMAebD4xKNs7in236H27vnR3pbCgsP0wt3oHkDcbJymzrmtJ4rAwNOLfcb1X5m3q4j2XCt1r8aUVuScbKVXTzCRlu2mYVwQSykpU+yWbZvORfWfUEG3mbap0F9L3GYR8zAv1k0ml6Rlw9jIixHzD3csLOQ0sVOlbhN/0dYi3YbNVMrxaWaFE+7xMurcWfg2pBqSGSo9I8ntR6A2nc0u19Ys0x3+srDCapEYDSduQJQX/f49J0DqyN0lr9YTgmc8yNO6hnOogjNKJtJ+bYtk/tMiaaOsg7kykT8jntQGoKP7lxlb9HXuqdFo9YmeeZ584694bzMdsBxSCaHG3jm1M9qZ/rh2SawKPdg6QaE7E0629iJzsYcCoxB4uf8CTbUkZqWfNU9nJKptH9HjRYVB+LH+6QvV9wQG/n51MdlN3aoQ9GvJc7Je9UbpgSOIy88CAwEAATANBgkqhkiG9w0BAQsFAAOCAgEAjn+tuS6YwhnuRvVHv1+CMknBdd/lwvMRiaz1yMa0RtShcTAIvAFDBQylHn2h+xmy1+eNl8rMndGFfJkdbiNEVO4H/H9D4iuDsoGB7Zj1GnW73VWP532gNIDSIfoKshN4KOGYOssB5kciEwB3nFGS4LEZeX+rE12Zf7Wt0LOZ/ucYP++E4yhAh0GXmE3C5DJ08fI9/z7pKR+Rlzq1443LV/xmXvyJAL/S5hlPg5qxqJwIgCPy2JrJwWizMWOQuFqZVxaaxQzbk+o3MBwFXV3V7C8JGjaj2CFqOWNDS8fjEBYPokUXIfOfhbPTVVmsITBn3GTWmaIvw5AUZRmM9NsJrX+v1vFrAUW8wWEWhVovTWZyje3AVYMOj+rnGx5/+LSnugpZhWtHcrxSVep0SDV0fc/FflgDOvDmRJRP2/CpoWcgT/v61c0w4aPc7Scj9GzaUNnxTDSdt74gX9Hw/7Q4Q/ZHGuDEVt2BFF0GPq6qmtZ96VQ/Edry8Rfax3Z4pT2aF5a9mXWk/yk8S7qXteL8u/PtcBawDlY/QXLKQTFbsXvhDALW2eGTTInR4REEwrEeepEOlLig/aGfsXqC33WTxKvtOMXAep3Gz05ZT00CdwOREdRQD/McjOw5RBO9OxWcZXBA0CrBGBXrAhEhUAlzO2FIUVssfWq0aA6K3iy5m+g=</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="encryption" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIFFDCCAvygAwIBAgIEXUqrJTANBgkqhkiG9w0BAQsFADBMMQswCQYDVQQGEwJTRTEXMBUGA1UECgwOU3dlZGVuIENvbm5lY3QxJDAiBgNVBAMMG0RldmVsb3BtZW50IGVJREFTIENvbm5lY3RvcjAeFw0xOTA4MDcxMDQyNDVaFw0yMDA4MDYxMDQyNDVaMEwxCzAJBgNVBAYTAlNFMRcwFQYDVQQKDA5Td2VkZW4gQ29ubmVjdDEkMCIGA1UEAwwbRGV2ZWxvcG1lbnQgZUlEQVMgQ29ubmVjdG9yMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArNgnsTDaDjKxzP1xxQIADLMhnymtKIaAX8IxOrHV8LB93Fj6yLOfKBUbQEDNNLbOYQ8YcuxAntiwPxtmmxYNCK6rvL7rM8wFWFP4AYlJGoDrayTil3bBM8QHqqHtm8nHVo+k1N3aVzED3ww4X55T9ZtAFdKgJlC62uuDPIY/5owysXHf14BxcAdUFCCV4ro6hoMNM4AonQpcom6gnSm7MWKgZv8Wb14qlwbOcph60kVIXXAY+44KTy6L5PvzLvUrBjJuUlZ1Pew1GwcFecp/4DE+rep35P+iMv0b+RLatEsKNR75g6Rn1OZVICWWVz3BzbI+gnXwIuhQrkMPu6kC/R4gqXmY9XLBfPw4O3xCINjXlWjdXY1ENnM1HOrS2RXwRSX7glWi+e/DQyca5pE+nDqmphQetPQlSNmjybaEo0mNlunYm/fuhWNY+dLdtNhFo7VgRbepaWzUjw7dLOoLdo7yxLT7WBhrQUG+LjCslo4OUeS/Ydx2iH6vUlGIn+ixwoI79zHFpt8D7OKVja/+HMmeqQYVtLPZGFbKZUr43wwEp5NB2V2mdOee9eI31sLlBbRu01tYaRfnN1H5z3vhVSKU7i3dPPEeH2GrpdL3hPNZlu/e/ncYOGXXjsp+wLGmUXEnzT4gch5j7Y6WoNnWxA+QhL4Txnjg0iWWe0ixX9MCAwEAATANBgkqhkiG9w0BAQsFAAOCAgEAIiCz3UHaQpNF8U0kvai6aUxJl8SJrxR0vV1Cga7OiAIMumOvsjnpL5JLcdCiaLnRHmbItILUuol5tebkzI8NsT6n+6603RiWQlGl+XtRdLCBs1mzVlFSqlxXwUkTej1en9n12BMy0ZX+Q1KPB7wLVq/15vDdGCxQ+t/2Srve2W8stC9XWXiFnq/LlR0EU2omVMFiOLqZyQod8Fd8nTeNVr+iywJlKUuhGhvN/oCp+RrN3b1DGV0rvwqzaRZfBX6HnZO6tP6RMhFHMfsUryoyoagQxSe06QU+/BxAvIqq/xhUyJqiDAXfnHNA2gKiBtLF/zrBv1HwQVoyVG4X2bkEZNS3fO4iKHaBSbJTxXu7XyfEyd9mFDZ3oca1zAvVXI63fWta5siAd5e4+UG6VIBYkd5Prm9DRXCokv4QHq6voMlqi0LVewqjRB5vKQw01qAnKBB7fjaCA1w2QSLuf8NnaEWE+ZXnbbYyTjIodc4ZToyFSxjFvIzIKlBn5ynsqx8TN/GKFeEzy5CHLvS4hL53KL+wIz5i0n3yNMSKozmZ6abbS7RlWPrVAhhpQaSUymcK8ZogNSNQRPgN+S0iqcIp50SEZte85Axbgt1KgKFLhV69AynPWWwKuI3/azMPULsm4iU3scmoVdoa/hXQXqzxy8kD3ABKL//sMlfFh1+5DVY=</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:NameIDFormat xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://con.sandbox.swedenconnect.se/idp/profile/SAML2/Redirect/SSO" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://con.sandbox.swedenconnect.se/idp/profile/SAML2/POST/SSO" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"/>
    </IDPSSODescriptor>
    <md:Organization xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
        <md:OrganizationName xml:lang="en">Sweden Connect</md:OrganizationName>
        <md:OrganizationName xml:lang="sv">Sweden Connect</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="en">Sweden Connect</md:OrganizationDisplayName>
        <md:OrganizationDisplayName xml:lang="sv">Sweden Connect</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="en">https://www.swedenconnect.se</md:OrganizationURL>
        <md:OrganizationURL xml:lang="sv">https://www.swedenconnect.se</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="support" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
        <md:Company>Sweden Connect</md:Company>
        <md:EmailAddress>operations@swedenconnect.se</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="technical" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
        <md:Company>Sweden Connect</md:Company>
        <md:EmailAddress>operations@swedenconnect.se</md:EmailAddress>
    </md:ContactPerson>
</EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

WARNING

Certificates

The certificate for signing has expired

WARNING

Certificates

The certificate for encryption has expired

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

EntityCategory-IdP

This Identity Provider has the following EntityCategory values for LoA and attribute profile:

-	*http://id.elegnamnden.se/ec/1.0/eidas-naturalperson*

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/eidas-naturalperson" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/eidas-low,http://id.elegnamnden.se/loa/1.0/eidas-nf-low,http://id.elegnamnden.se/loa/1.0/eidas-sub,http://id.elegnamnden.se/loa/1.0/eidas-nf-sub,http://id.elegnamnden.se/loa/1.0/eidas-high,http://id.elegnamnden.se/loa/1.0/eidas-nf-high

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: eIDAS Internationell eID - Sandbox*
-	*en: eIDAS International eID - Sandbox*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: Test-legitimeringstjänst för eIDAS legitimering - Sandbox*
-	*en: Test IdP for eIDAS authentication - Sandbox*

MDUI-Logotype

Working logotypes present:

H:256	W:256	Type:SVG
H:56	W:280	Type:SVG

MDUI-Logotype

At least one logo contains vector graphic of type SVG. This gives the best expected UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/eidas-low

- http://id.elegnamnden.se/loa/1.0/eidas-nf-low

- http://id.elegnamnden.se/loa/1.0/eidas-sub

- http://id.elegnamnden.se/loa/1.0/eidas-nf-sub

- http://id.elegnamnden.se/loa/1.0/eidas-high

- http://id.elegnamnden.se/loa/1.0/eidas-nf-high

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.elegnamnden.se/loa/1.0/eidas-low

- http://id.elegnamnden.se/loa/1.0/eidas-nf-low

- http://id.elegnamnden.se/loa/1.0/eidas-sub

- http://id.elegnamnden.se/loa/1.0/eidas-nf-sub

- http://id.elegnamnden.se/loa/1.0/eidas-high

- http://id.elegnamnden.se/loa/1.0/eidas-nf-high

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://dev.connector.swedenconnect.se/eidas is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Sweden Connect)

CONTACT-SUPP

Support contact e-mail (operations@swedenconnect.se) is present

CONTACT-TECH

Technical contact e-mail (operations@swedenconnect.se) is present

EIDAS-Connector

This eIDAS Connector has appropriate EntityCategory declarations and supports eIDAS LoA levels.

Sweden Connect (https://idp.svelegtest.se/idp) (3)

Sweden Connect (https://idp.svelegtest.se/idp)

(3)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor entityID="https://idp.svelegtest.se/idp" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
    <Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa2</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa3</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa4</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa2-sigmessage</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa3-sigmessage</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa4-sigmessage</saml:AttributeValue>
            </saml:Attribute>
            <saml:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/loa3-pnr</saml:AttributeValue>
            </saml:Attribute>
        </mdattr:EntityAttributes>
    </Extensions>
    <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <Extensions>
            <shibmd:Scope regexp="false" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0">3xasecurity.com</shibmd:Scope>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">Test Identity Provider</mdui:DisplayName>
                <mdui:DisplayName xml:lang="sv">Historiskt Legitimeringstjänst för test</mdui:DisplayName>
                <mdui:Description xml:lang="en">Legacy Test Identity Provider for Sweden Connect test federation</mdui:Description>
                <mdui:Description xml:lang="sv">Historisk legitimeringstjänst för Sweden Connect testfederation</mdui:Description>
                <mdui:Logo height="60" width="168">https://eid.svelegtest.se/logos/sc-logo.svg</mdui:Logo>
                <mdui:Logo height="60" width="60">https://eid.svelegtest.se/logos/sc-logo-notext.svg</mdui:Logo>
            </mdui:UIInfo>
        </Extensions>
        <KeyDescriptor use="signing">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIDJDCCAgygAwIBAgIUNZ2z+6SYHN/kPTKH+xvzrvHMwAUwDQYJKoZIhvcNAQEL
                        BQAwHDEaMBgGA1UEAwwRaWRwLnN2ZWxlZ3Rlc3Quc2UwHhcNMTYwOTEwMTAxNzA2
                        WhcNMzYwOTEwMTAxNzA2WjAcMRowGAYDVQQDDBFpZHAuc3ZlbGVndGVzdC5zZTCC
                        ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKg3z0sS6vfNsi+zwRERVd9+
                        X2IW4eaeELsFx1p4DO3eARVhgu6ApcwfpkRSNLYmiLEy4FsUCb5HBtDTquAq5cjH
                        XmGYryg3sUYZgP8JQLpjzzrL9lduvuNBLh0opd9kJy/oTuGdETvvaWrWomd4pw3M
                        sE4KR+wjz0L2RPBiwwmr0CWKqhOE47pvX868BTMsN2zcGNO9i38OWdUA2bsMpTkW
                        uAc6EKVR7S/8Ive54cBn73AwT5QuSJQ9+K9/AVYta6p6diRxkO0Gr/Ij7DM+qxms
                        4NRYNRkTshdBHoW2nbM3H0fjUTZwjbfrTCHRBWQk8HEyBVGYpEW16UI39ZNXp10C
                        AwEAAaNeMFwwHQYDVR0OBBYEFA91XTMFp8IoXLYcyJYqrGgh9RMyMDsGA1UdEQQ0
                        MDKCEWlkcC5zdmVsZWd0ZXN0LnNlhh1odHRwczovL2lkcC5zdmVsZWd0ZXN0LnNl
                        L2lkcDANBgkqhkiG9w0BAQsFAAOCAQEAeiQBbnDVYLRvRJ2rKMQNgcYC+npL1HA/
                        TwPCMqwVb9/QH9P+djoUque44Vs/uOmCaVeJqkj+cQcmPomJ05EfyowlZ1m6q+VC
                        xrwlbuYG1+TyyoCCam0dKbbB667QkLu64M1j5SOb3qatbfWN4qcBevrDOONict2l
                        pH1zJZrcTscNenywcnBFIUGi0EjTOzGGGwEA8EFogpauoXQ/zBnyxB2pAnZLiU04
                        Y7ztjVR6jwBQeRFRF5NvSq0QKumeBrno6AUWKdZ8npRCtgjMZz46/TGnwgRfkC9e
                        SUXMLlTH3fxN8j70HOxwJLuMEEK3QkyanQeXI1xUeefg5PoPjOD9bw==</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </KeyDescriptor>
        <KeyDescriptor use="signing">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIDJTCCAg2gAwIBAgIVANRzptVQS0OC4yUngEfPkeVZwu3rMA0GCSqGSIb3DQEB
                        CwUAMBwxGjAYBgNVBAMMEWlkcC5zdmVsZWd0ZXN0LnNlMB4XDTE2MDkxMDEwMTcw
                        NVoXDTM2MDkxMDEwMTcwNVowHDEaMBgGA1UEAwwRaWRwLnN2ZWxlZ3Rlc3Quc2Uw
                        ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCG8EktfnRi2LRB3UTwUXMn
                        i/eM2Dco4RA/RljvxP2Z9MdjrqO1FZJV2X2ACIKVvUVxQ7vRJqSddzs5IO8bwJ5F
                        ORoH/zl/hxLXBnMkhPLbiXXTNgMvQBNJXVvMlwPvNKBP54zakEV1t7or+uUPm4AH
                        ZV/g+18Y73rTz10prjmdlywm0rLKhsWcqT7vFVNOrf0b7TUw3DtjMz5fQVt9rLoQ
                        JV0RUak4KQHSlJEnHaPWSMgtZ2fylVfBtMyIp1Q8WQ1D1j3BtW1u7lv017Ji35nS
                        GRWWSDCL/t7aLxNvfTP9nM4y7YHGA7nvpWzeruMc4Z24eEe717zf1syw43qvtLw7
                        AgMBAAGjXjBcMB0GA1UdDgQWBBR9sg6F+KfYjCaJx4mVHUvdbUbC+jA7BgNVHREE
                        NDAyghFpZHAuc3ZlbGVndGVzdC5zZYYdaHR0cHM6Ly9pZHAuc3ZlbGVndGVzdC5z
                        ZS9pZHAwDQYJKoZIhvcNAQELBQADggEBADh81fersDrGsoretj8NzRn7Ff7/XE2h
                        35ctMGDUFFttmvO1M2wO3iL412JFWVeXMrq4wHsvOnKFGVdnt1AkYRqFrUOkOA4Y
                        PduA/dguhVzid4399+a5rwpo+zanEMGw56Z2qnHomwOtUldYFiqeQHnDtviQjPUO
                        bW1J0MWMg46lGOUfM9z8blI7JWkwzcRsk8HkwqbMUgFVe4TH5Mftozo/hza6CZBq
                        qRY+6yFx4ORIDoYZWPcSYKlO2GcnpBK5s0X2wv4UktpIs8GAUa36e9qN7H2Uno+/
                        UH+c5J4Ng5VumMQmTVOm0fG+I0u33tjOY4S/UVX0/ir/froXp1O3l/w=</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </KeyDescriptor>
        <KeyDescriptor use="encryption">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIDJDCCAgygAwIBAgIUE9Ed7iaZQARLB0/bFaPXwwUSBY8wDQYJKoZIhvcNAQEL
                        BQAwHDEaMBgGA1UEAwwRaWRwLnN2ZWxlZ3Rlc3Quc2UwHhcNMTYwOTEwMTAxNzA1
                        WhcNMzYwOTEwMTAxNzA1WjAcMRowGAYDVQQDDBFpZHAuc3ZlbGVndGVzdC5zZTCC
                        ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK0qTFerVx3p4rk7trhMOf6K
                        C9c1+Rq7w1oqTis/ml/ooMRzVmfHmDQTGwoKTIY25R/bSeqoTJEshA8nZw48fCr1
                        jgNVyBxRGIGbFMXazAg/tH3EyiKxXtUnKtOpawx7+sV5uNwq/6i2n2euGFPbRkOc
                        lYNjCd0UYK6BgxKsX7XFDkQygggOI8jXe4LmPu36e9zOJ37QLWou2EdLSiNYqX38
                        Mrps20oxG1Imy1O4pKTTV0zUtis/ujKrk/zlSkQEhwH0lW+UT0J0k9Drohj4xq+r
                        7SDWSyGDN32W3DlLGKsdssmClU/xEJl1slyy1O51L51ETpCc02xarrbid9Swzj8C
                        AwEAAaNeMFwwHQYDVR0OBBYEFAGh74d7hApkF8IZ5ZVGy6rblI1WMDsGA1UdEQQ0
                        MDKCEWlkcC5zdmVsZWd0ZXN0LnNlhh1odHRwczovL2lkcC5zdmVsZWd0ZXN0LnNl
                        L2lkcDANBgkqhkiG9w0BAQsFAAOCAQEAW8dvmOcr2e8R5E0O97GM+dCkmd6f2v8M
                        F+yHwM/RHaip2PNZguIrYkQY291Mq6PT8gU/mZhDu1xDOF7pjlroZyWJanlT7m33
                        xvI6mUHK4GCNgmC5AkG1ZFmYS8zQLH/gYLFbn3+v7uMg14MDPhA8Z0+zFGN9o+DP
                        TZg2m8XkvM4Biyu0s0OYrWeAMfgrhcFX1/u6j8vTIcqS9xH6RKC2sAqsDCD9e5V6
                        cfUvsUxGdR1sAN2aAD5iMQLc/6TO0u9jcVTWaNxfd8kk0pyILNYU1zWOn/b6rke/
                        trVDW9mnFH106/gUq4ZLzd3aY5ZUeyJkKZaJobbifsdO1huOpl67UQ==</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </KeyDescriptor>
        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.svelegtest.se/idp/profile/SAML2/Redirect/SSO"/>
        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.svelegtest.se/idp/profile/SAML2/POST/SSO"/>
    </IDPSSODescriptor>
    <Organization>
        <OrganizationName xml:lang="en">Sweden Connect</OrganizationName>
        <OrganizationName xml:lang="sv">Sweden Connect</OrganizationName>
        <OrganizationDisplayName xml:lang="en">Sweden Connect</OrganizationDisplayName>
        <OrganizationDisplayName xml:lang="sv">Sweden Connect</OrganizationDisplayName>
        <OrganizationURL xml:lang="en">https://swedenconnect.se</OrganizationURL>
    </Organization>
    <ContactPerson contactType="support">
        <Company>Sweden Connect</Company>
        <EmailAddress>stefan@aaa-sec.com</EmailAddress>
    </ContactPerson>
    <ContactPerson contactType="technical">
        <Company>Sweden Connect</Company>
        <EmailAddress>stefan@aaa-sec.com</EmailAddress>
    </ContactPerson>
</EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

EntityCategory-IdP

This Identity Provider has the following EntityCategory values for LoA and attribute profile:

-	*http://id.elegnamnden.se/ec/1.0/loa3-pnr*

ERROR

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa3-pnr" does not have the required complementary EntityCategory value "http://id.swedenconnect.se/ec/1.0/loa3-name"

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa3-pnr" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/loa3

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: Historiskt Legitimeringstjänst för test*
-	*en: Test Identity Provider*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: Historisk legitimeringstjänst för Sweden Connect testfederation*
-	*en: Legacy Test Identity Provider for Sweden Connect test federation*

MDUI-Logotype

Working logotypes present:

H:60	W:168	Type:SVG
H:60	W:60	Type:SVG

MDUI-Logotype

At least one logo contains vector graphic of type SVG. This gives the best expected UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/loa2

- http://id.elegnamnden.se/loa/1.0/loa3

- http://id.elegnamnden.se/loa/1.0/loa4

- http://id.elegnamnden.se/loa/1.0/loa2-sigmessage

- http://id.elegnamnden.se/loa/1.0/loa3-sigmessage

- http://id.elegnamnden.se/loa/1.0/loa4-sigmessage

ERROR

LOA

IdP declares the following deprecated Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/loa2-sigmessage

- http://id.elegnamnden.se/loa/1.0/loa3-sigmessage

- http://id.elegnamnden.se/loa/1.0/loa4-sigmessage

ERROR

LOA-Holder-of-key

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://idp.svelegtest.se/idp is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Sweden Connect)

CONTACT-SUPP

Support contact e-mail (stefan@aaa-sec.com) is present

CONTACT-TECH

Technical contact e-mail (stefan@aaa-sec.com) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

Sweden Connect (https://internal-dev.connector.swedenconnect.se/eidas) (1) (2)

Sweden Connect (https://internal-dev.connector.swedenconnect.se/eidas)

(1)

(2)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor entityID="https://internal-dev.connector.swedenconnect.se/eidas" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml2:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-low</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-nf-low</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-sub</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-nf-sub</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-high</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-nf-high</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-low-sigm</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-sub-sigm</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-nf-sub-sigm</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-high-sigm</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-nf-high-sigm</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/eidas-naturalperson</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/scal2</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml2:AttributeValue>
            </saml2:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">eIDAS International eID - For internal tests</mdui:DisplayName>
                <mdui:DisplayName xml:lang="sv">eIDAS Internationell eID - För interna tester</mdui:DisplayName>
                <mdui:Description xml:lang="en">Test IdP for eIDAS authentication - For internal tests</mdui:Description>
                <mdui:Description xml:lang="sv">Test-legitimeringstjänst för eIDAS legitimering -  För interna tester</mdui:Description>
                <mdui:Logo height="68" width="68">https://con.sandbox.swedenconnect.se/internal/idp/img/sc-logo-notext.svg</mdui:Logo>
                <mdui:Logo height="140" width="391">https://con.sandbox.swedenconnect.se/internal/idp/img/sc-logo.svg</mdui:Logo>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor use="signing" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIFFDCCAvygAwIBAgIEXUqqADANBgkqhkiG9w0BAQsFADBMMQswCQYDVQQGEwJTRTEXMBUGA1UECgwOU3dlZGVuIENvbm5lY3QxJDAiBgNVBAMMG0RldmVsb3BtZW50IGVJREFTIENvbm5lY3RvcjAeFw0xOTA4MDcxMDM3NTJaFw0yMDA4MDYxMDM3NTJaMEwxCzAJBgNVBAYTAlNFMRcwFQYDVQQKDA5Td2VkZW4gQ29ubmVjdDEkMCIGA1UEAwwbRGV2ZWxvcG1lbnQgZUlEQVMgQ29ubmVjdG9yMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqNbH7daqenTHYMbKx28GRm3qB/z5ckHEzFWGtgHMKAdcGHRBy1u87uglzgJ52XBjS3GERAbLdc/wMl+w97IlcmHAx54rfK8ghzI4SYZXzL35njh2b0MAfdNkPqjWuzmTQyW54XumF84NMNi3We3EL1NzXd3Dpk+3J90YfmaLIQxWWNVxE5xyD2bqT2YCzmUKQJvrFhxjnsJqrJeVlyuhyA5iGtg1YikVAXqRij1cbrNioIMAebD4xKNs7in236H27vnR3pbCgsP0wt3oHkDcbJymzrmtJ4rAwNOLfcb1X5m3q4j2XCt1r8aUVuScbKVXTzCRlu2mYVwQSykpU+yWbZvORfWfUEG3mbap0F9L3GYR8zAv1k0ml6Rlw9jIixHzD3csLOQ0sVOlbhN/0dYi3YbNVMrxaWaFE+7xMurcWfg2pBqSGSo9I8ntR6A2nc0u19Ys0x3+srDCapEYDSduQJQX/f49J0DqyN0lr9YTgmc8yNO6hnOogjNKJtJ+bYtk/tMiaaOsg7kykT8jntQGoKP7lxlb9HXuqdFo9YmeeZ584694bzMdsBxSCaHG3jm1M9qZ/rh2SawKPdg6QaE7E0629iJzsYcCoxB4uf8CTbUkZqWfNU9nJKptH9HjRYVB+LH+6QvV9wQG/n51MdlN3aoQ9GvJc7Je9UbpgSOIy88CAwEAATANBgkqhkiG9w0BAQsFAAOCAgEAjn+tuS6YwhnuRvVHv1+CMknBdd/lwvMRiaz1yMa0RtShcTAIvAFDBQylHn2h+xmy1+eNl8rMndGFfJkdbiNEVO4H/H9D4iuDsoGB7Zj1GnW73VWP532gNIDSIfoKshN4KOGYOssB5kciEwB3nFGS4LEZeX+rE12Zf7Wt0LOZ/ucYP++E4yhAh0GXmE3C5DJ08fI9/z7pKR+Rlzq1443LV/xmXvyJAL/S5hlPg5qxqJwIgCPy2JrJwWizMWOQuFqZVxaaxQzbk+o3MBwFXV3V7C8JGjaj2CFqOWNDS8fjEBYPokUXIfOfhbPTVVmsITBn3GTWmaIvw5AUZRmM9NsJrX+v1vFrAUW8wWEWhVovTWZyje3AVYMOj+rnGx5/+LSnugpZhWtHcrxSVep0SDV0fc/FflgDOvDmRJRP2/CpoWcgT/v61c0w4aPc7Scj9GzaUNnxTDSdt74gX9Hw/7Q4Q/ZHGuDEVt2BFF0GPq6qmtZ96VQ/Edry8Rfax3Z4pT2aF5a9mXWk/yk8S7qXteL8u/PtcBawDlY/QXLKQTFbsXvhDALW2eGTTInR4REEwrEeepEOlLig/aGfsXqC33WTxKvtOMXAep3Gz05ZT00CdwOREdRQD/McjOw5RBO9OxWcZXBA0CrBGBXrAhEhUAlzO2FIUVssfWq0aA6K3iy5m+g=</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="encryption" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIFFDCCAvygAwIBAgIEXUqrJTANBgkqhkiG9w0BAQsFADBMMQswCQYDVQQGEwJTRTEXMBUGA1UECgwOU3dlZGVuIENvbm5lY3QxJDAiBgNVBAMMG0RldmVsb3BtZW50IGVJREFTIENvbm5lY3RvcjAeFw0xOTA4MDcxMDQyNDVaFw0yMDA4MDYxMDQyNDVaMEwxCzAJBgNVBAYTAlNFMRcwFQYDVQQKDA5Td2VkZW4gQ29ubmVjdDEkMCIGA1UEAwwbRGV2ZWxvcG1lbnQgZUlEQVMgQ29ubmVjdG9yMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArNgnsTDaDjKxzP1xxQIADLMhnymtKIaAX8IxOrHV8LB93Fj6yLOfKBUbQEDNNLbOYQ8YcuxAntiwPxtmmxYNCK6rvL7rM8wFWFP4AYlJGoDrayTil3bBM8QHqqHtm8nHVo+k1N3aVzED3ww4X55T9ZtAFdKgJlC62uuDPIY/5owysXHf14BxcAdUFCCV4ro6hoMNM4AonQpcom6gnSm7MWKgZv8Wb14qlwbOcph60kVIXXAY+44KTy6L5PvzLvUrBjJuUlZ1Pew1GwcFecp/4DE+rep35P+iMv0b+RLatEsKNR75g6Rn1OZVICWWVz3BzbI+gnXwIuhQrkMPu6kC/R4gqXmY9XLBfPw4O3xCINjXlWjdXY1ENnM1HOrS2RXwRSX7glWi+e/DQyca5pE+nDqmphQetPQlSNmjybaEo0mNlunYm/fuhWNY+dLdtNhFo7VgRbepaWzUjw7dLOoLdo7yxLT7WBhrQUG+LjCslo4OUeS/Ydx2iH6vUlGIn+ixwoI79zHFpt8D7OKVja/+HMmeqQYVtLPZGFbKZUr43wwEp5NB2V2mdOee9eI31sLlBbRu01tYaRfnN1H5z3vhVSKU7i3dPPEeH2GrpdL3hPNZlu/e/ncYOGXXjsp+wLGmUXEnzT4gch5j7Y6WoNnWxA+QhL4Txnjg0iWWe0ixX9MCAwEAATANBgkqhkiG9w0BAQsFAAOCAgEAIiCz3UHaQpNF8U0kvai6aUxJl8SJrxR0vV1Cga7OiAIMumOvsjnpL5JLcdCiaLnRHmbItILUuol5tebkzI8NsT6n+6603RiWQlGl+XtRdLCBs1mzVlFSqlxXwUkTej1en9n12BMy0ZX+Q1KPB7wLVq/15vDdGCxQ+t/2Srve2W8stC9XWXiFnq/LlR0EU2omVMFiOLqZyQod8Fd8nTeNVr+iywJlKUuhGhvN/oCp+RrN3b1DGV0rvwqzaRZfBX6HnZO6tP6RMhFHMfsUryoyoagQxSe06QU+/BxAvIqq/xhUyJqiDAXfnHNA2gKiBtLF/zrBv1HwQVoyVG4X2bkEZNS3fO4iKHaBSbJTxXu7XyfEyd9mFDZ3oca1zAvVXI63fWta5siAd5e4+UG6VIBYkd5Prm9DRXCokv4QHq6voMlqi0LVewqjRB5vKQw01qAnKBB7fjaCA1w2QSLuf8NnaEWE+ZXnbbYyTjIodc4ZToyFSxjFvIzIKlBn5ynsqx8TN/GKFeEzy5CHLvS4hL53KL+wIz5i0n3yNMSKozmZ6abbS7RlWPrVAhhpQaSUymcK8ZogNSNQRPgN+S0iqcIp50SEZte85Axbgt1KgKFLhV69AynPWWwKuI3/azMPULsm4iU3scmoVdoa/hXQXqzxy8kD3ABKL//sMlfFh1+5DVY=</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:NameIDFormat xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://con.sandbox.swedenconnect.se/internal/idp/profile/SAML2/Redirect/SSO" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://con.sandbox.swedenconnect.se/internal/idp/profile/SAML2/POST/SSO" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"/>
    </IDPSSODescriptor>
    <md:Organization xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
        <md:OrganizationName xml:lang="en">Sweden Connect</md:OrganizationName>
        <md:OrganizationName xml:lang="sv">Sweden Connect</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="en">Sweden Connect</md:OrganizationDisplayName>
        <md:OrganizationDisplayName xml:lang="sv">Sweden Connect</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="en">http://swedenconnect.se</md:OrganizationURL>
        <md:OrganizationURL xml:lang="sv">http://swedenconnect.se</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="support" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
        <md:Company>Sweden Connect</md:Company>
        <md:EmailAddress>operations@swedenconnect.se</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="technical" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
        <md:Company>Sweden Connect</md:Company>
        <md:EmailAddress>operations@swedenconnect.se</md:EmailAddress>
    </md:ContactPerson>
</EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

WARNING

Certificates

The certificate for signing has expired

WARNING

Certificates

The certificate for encryption has expired

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

EntityCategory-IdP

This Identity Provider has the following EntityCategory values for LoA and attribute profile:

-	*http://id.elegnamnden.se/ec/1.0/eidas-naturalperson*

EntityCategory-Consistency

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: eIDAS Internationell eID - För interna tester*
-	*en: eIDAS International eID - For internal tests*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: Test-legitimeringstjänst för eIDAS legitimering - För interna tester*
-	*en: Test IdP for eIDAS authentication - For internal tests*

MDUI-Logotype

Working logotypes present:

H:68	W:68	Type:SVG
H:140	W:391	Type:SVG

MDUI-Logotype

At least one logo contains vector graphic of type SVG. This gives the best expected UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/eidas-low

- http://id.elegnamnden.se/loa/1.0/eidas-nf-low

- http://id.elegnamnden.se/loa/1.0/eidas-sub

- http://id.elegnamnden.se/loa/1.0/eidas-nf-sub

- http://id.elegnamnden.se/loa/1.0/eidas-high

- http://id.elegnamnden.se/loa/1.0/eidas-nf-high

- http://id.elegnamnden.se/loa/1.0/eidas-low-sigm

- http://id.elegnamnden.se/loa/1.0/eidas-sub-sigm

- http://id.elegnamnden.se/loa/1.0/eidas-nf-sub-sigm

- http://id.elegnamnden.se/loa/1.0/eidas-high-sigm

- http://id.elegnamnden.se/loa/1.0/eidas-nf-high-sigm

ERROR

LOA

IdP declares the following deprecated Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/eidas-low-sigm

- http://id.elegnamnden.se/loa/1.0/eidas-sub-sigm

- http://id.elegnamnden.se/loa/1.0/eidas-nf-sub-sigm

- http://id.elegnamnden.se/loa/1.0/eidas-high-sigm

- http://id.elegnamnden.se/loa/1.0/eidas-nf-high-sigm

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://internal-dev.connector.swedenconnect.se/eidas is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Sweden Connect)

CONTACT-SUPP

Support contact e-mail (operations@swedenconnect.se) is present

CONTACT-TECH

Technical contact e-mail (operations@swedenconnect.se) is present

EIDAS-Connector

This eIDAS Connector has appropriate EntityCategory declarations and supports eIDAS LoA levels.

Sweden Connect (https://mdidp.svelegtest.se/idp) (1)

Sweden Connect (https://mdidp.svelegtest.se/idp)

(1)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor entityID="https://mdidp.svelegtest.se/idp" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
    <Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa2</saml:AttributeValue>
            </saml:Attribute>
            <saml:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/loa2-email</saml:AttributeValue>
            </saml:Attribute>
        </mdattr:EntityAttributes>
    </Extensions>
    <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
        <Extensions>
            <shibmd:Scope regexp="false" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0">3xasecurity.com</shibmd:Scope>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">Dev federation metadata IdP</mdui:DisplayName>
                <mdui:DisplayName xml:lang="sv">Utvecklingsfederation metadata IdP</mdui:DisplayName>
                <mdui:Description xml:lang="en">Sweden Connect Sanbox Environment</mdui:Description>
                <mdui:Description xml:lang="sv">Sweden Connect Sanbox Environment testtjänster</mdui:Description>
                <mdui:Logo height="60" width="168">https://eid.svelegtest.se/logos/sc-logo.svg</mdui:Logo>
                <mdui:Logo height="60" width="60">https://eid.svelegtest.se/logos/sc-logo-notext.svg</mdui:Logo>
            </mdui:UIInfo>
        </Extensions>
        <KeyDescriptor use="signing">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIDLDCCAhSgAwIBAgIUa6xFOlcuPP5/TPLxzS7SVn1pokMwDQYJKoZIhvcNAQEL
                        BQAwHjEcMBoGA1UEAwwTbWRpZHAuc3ZlbGVndGVzdC5zZTAeFw0xNjA3MjgyMTU2
                        NTZaFw0zNjA3MjgyMTU2NTZaMB4xHDAaBgNVBAMME21kaWRwLnN2ZWxlZ3Rlc3Qu
                        c2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRa1nLquNA+ls1G64e
                        r7w/xDwwFDTgQdKY9oy/iRSMDcZ+9OYKzvtbZQFXt0IQtq+pgRImRSsO7jN8Bwg5
                        oXcRlsWjjMPoPF8Dhpgh1edkQsQ0cZPstWfPMv2OG5N9t9EVVORjt6t2SU0KKWE9
                        eqW5xhkU/EF7/01v1Z5Xh0HjDFSJpmpwojAjLEOQgHbyS/bX2/hSDAaXEJp6SPP8
                        AyFWdzgqWoRpIhaRhgnA7lcpHFAdc8oxLAg8hHZCnUgSHPTindEBBd0rzkNy+WBE
                        Kv9p3Yu+QUdaHAXUuCcvBXj2ROC5CfAg0YJ+VYEzFBOj684h5gUL/7iOcoh2+eSN
                        MJInAgMBAAGjYjBgMB0GA1UdDgQWBBQrxR/A4jNQloStUJLgDycMkqH3+TA/BgNV
                        HREEODA2ghNtZGlkcC5zdmVsZWd0ZXN0LnNlhh9odHRwczovL21kaWRwLnN2ZWxl
                        Z3Rlc3Quc2UvaWRwMA0GCSqGSIb3DQEBCwUAA4IBAQAN/R83TBeMAeakoyLkap16
                        JkC9xq5UoBOEr9LKSEIkbXUclxzjZamemwAeGj9vngRp8qVK2PDhVAq1hRjzi9BG
                        QY4fk1ADEvM0vDkWp/QyDgh+xvF3BlvM9S60msQWqlLgjaQXsx7m1RtFK4iWn8lX
                        QM/EStmTwmI4GkyL/0M8VJPJcLxoCN05Mpju1p7fME7MSpDQf5rXjk0d5e77Op+P
                        td4ydtjCHjkUC8S+Ge7jFpiaN1KyuQuqmgfkjNLTFt9USPLSC0zJuvdNLfm0WH2i
                        Z6UQsmInY0wZJX/gXOq2viYUeNuVbxbdFGl/flm7L0FBA7G1m/vr+xRxoafF16Mz</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </KeyDescriptor>
        <KeyDescriptor use="signing">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIDLDCCAhSgAwIBAgIUGPTk+OBTJli2NfN8XHD1dY+2h6kwDQYJKoZIhvcNAQEL
                        BQAwHjEcMBoGA1UEAwwTbWRpZHAuc3ZlbGVndGVzdC5zZTAeFw0xNjA3MjgyMTU2
                        NThaFw0zNjA3MjgyMTU2NThaMB4xHDAaBgNVBAMME21kaWRwLnN2ZWxlZ3Rlc3Qu
                        c2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqfRVRV9qMgxQZ65mQ
                        1lAYTA0leRzpk++vdV77xCPTkunayvIPXFrW2Jn9m1Tjhb5HZEgu7SE5guzFnxov
                        2+qBBTfupRC3R1gaSpUboMU6HZ3tYjL55vZPbtx2GRkjqDlSKmx/21zxV5fk1+9k
                        fiq4IlIcYoM5hJNqI4r8JgVI+1S1PXwZHq6PeoKoemGt32wvRe+aO3WxUsH+snF3
                        WQErAcjh+ZRs/BawBCdD00ScnKZvJ8BczcqGfqeCYDEZn5L4TjcFWfT9s2WbAv8S
                        56j6MRBoX2Pyx2TAOfxrNTGUtG66KV3JOkOetYmEcomElbb/Cg5lVHkNkJt5vIpo
                        WX9JAgMBAAGjYjBgMB0GA1UdDgQWBBTQnbBwhM2hCSqWfgUU7vYVLM0T7TA/BgNV
                        HREEODA2ghNtZGlkcC5zdmVsZWd0ZXN0LnNlhh9odHRwczovL21kaWRwLnN2ZWxl
                        Z3Rlc3Quc2UvaWRwMA0GCSqGSIb3DQEBCwUAA4IBAQAnp/Dc5iPtGsVlWbt0RE+g
                        Et2+oRQONpH4DS3Qt4L4hndqtzTT1HMqCaG8jYsit+9fhNbEg4T12rrHCnylbYsu
                        dTyIkAxdN+9pRS4aBk6L8AeQlb7yUI8iuG6GPHmzSQeYOpUuLY1yDmsTD1MI9nJ0
                        +OQVMqwvfN6dpyK/AA0RSNEL2VyPpa8rfQ2ERM7Fjel5psco6h7R0UmiGYYGSbKJ
                        EMvOSUOuiTGCXyuNZNk0ihiSHwYRp+7KRhLaeJEaS//1ig4ccOC6ohnQllX7fgM3
                        QkaTr7ukoAUrN47twVbWpIN9SBD+NZLX86ACT118st70A0VdKzVao0sqnu6XwrPM</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </KeyDescriptor>
        <KeyDescriptor use="encryption">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIDLDCCAhSgAwIBAgIUBdVTFy2cEoClcQlslB2BDvXUA40wDQYJKoZIhvcNAQEL
                        BQAwHjEcMBoGA1UEAwwTbWRpZHAuc3ZlbGVndGVzdC5zZTAeFw0xNjA3MjgxNDQz
                        NDhaFw0zNjA3MjgxNDQzNDhaMB4xHDAaBgNVBAMME21kaWRwLnN2ZWxlZ3Rlc3Qu
                        c2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeMZ3dSCNllYaXNgWI
                        5ANBItoT8yQHgOf7t8OUiak6YDMK/pdnuoGGnO7Lop7HqrjqPLqN7Qo1mrb5ZIrg
                        p8YsJsepRu8GJ8Zcfglpiex0Gslies00IrhQenQQuxheSIWLBwUO+J4b5fhCLEqa
                        oXsG9s8tEOB1ziAy7EI6wAH4lBS+I9ZINLpKzHr/G8cfB+rH7BuKIc2xJTBaFHbL
                        luvzKItkAC0nbIP4Z0EFAs9GrodbY2YSamu2rMc3PTWK0wIF/lX9W81WUR+CPFEu
                        O9fvrhEQ3dsmPiYry2HeRI1tqDG/RtoHas5yNtIT7jtyu3k3sIbNQIWLnbEWFqdb
                        h/TpAgMBAAGjYjBgMB0GA1UdDgQWBBSOkNrhFjcTvT/kJeoZ7mHOJQN0mTA/BgNV
                        HREEODA2ghNtZGlkcC5zdmVsZWd0ZXN0LnNlhh9odHRwczovL21kaWRwLnN2ZWxl
                        Z3Rlc3Quc2UvaWRwMA0GCSqGSIb3DQEBCwUAA4IBAQBBK6FJyQBowv+ec//2t3ge
                        nb4ev824SiQjg+OQGDbCLRVN/eu/2uAn5AT0T9LOgooX43yFE8RDU6XzefTrSs/K
                        Cm80S3pW/mMcPpHNSIfWSUbEF570gIb2Cdq0QJv5YOViz5ZfnH2zRutS7taaYsvl
                        VZZS16UltlGJfB91RjrKJRnaFiOPozhvNBIrVhOU1L+2+g5/1M/YcB4cEgYWVndH
                        LcLvnvqmB/EaKI09pwZC8DIyK5jORPwTsQjb/b75mQuaulVo3cdbeC1llZOC2cUa
                        0zOONfeSETlNA0NF+bHD9wrzqYJ7Rfdr6D2KvOFmuOQnqrskg5+STaACEibMeSKG</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </KeyDescriptor>
        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://mdidp.svelegtest.se/idp/profile/SAML2/Redirect/SSO"/>
        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mdidp.svelegtest.se/idp/profile/SAML2/POST/SSO"/>
    </IDPSSODescriptor>
    <Organization>
        <OrganizationName xml:lang="en">Sweden Connect</OrganizationName>
        <OrganizationName xml:lang="sv">Sweden Connect</OrganizationName>
        <OrganizationDisplayName xml:lang="en">Sweden Connect</OrganizationDisplayName>
        <OrganizationDisplayName xml:lang="sv">Sweden Connect</OrganizationDisplayName>
        <OrganizationURL xml:lang="en">https://swedenconnect.se</OrganizationURL>
    </Organization>
    <ContactPerson contactType="support">
        <Company>Sweden Connect</Company>
        <EmailAddress>stefan@aaa-sec.com</EmailAddress>
    </ContactPerson>
    <ContactPerson contactType="technical">
        <Company>Sweden Connect</Company>
        <EmailAddress>stefan@aaa-sec.com</EmailAddress>
    </ContactPerson>
</EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

WARNING

EntityCategory-IdP

This Identity Provider does not have an EntityCategory value for LoA and attribute profile.
It is recommended that IdP's have at least one EntityCategory value that indicates supported attributes

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: Utvecklingsfederation metadata IdP*
-	*en: Dev federation metadata IdP*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: Sweden Connect Sanbox Environment testtjänster*
-	*en: Sweden Connect Sanbox Environment*

MDUI-Logotype

Working logotypes present:

H:60	W:168	Type:SVG
H:60	W:60	Type:SVG

MDUI-Logotype

At least one logo contains vector graphic of type SVG. This gives the best expected UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/loa2

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.elegnamnden.se/loa/1.0/loa2

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://mdidp.svelegtest.se/idp is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Sweden Connect)

CONTACT-SUPP

Support contact e-mail (stefan@aaa-sec.com) is present

CONTACT-TECH

Technical contact e-mail (stefan@aaa-sec.com) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

Sweden Connect (https://midp.svelegtest.se/idp) (3)

Sweden Connect (https://midp.svelegtest.se/idp)

(3)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor entityID="https://midp.svelegtest.se/idp" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
    <Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa2</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa3</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa4</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa2-sigmessage</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa3-sigmessage</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa4-sigmessage</saml:AttributeValue>
            </saml:Attribute>
            <saml:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/loa3-pnr</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/loa2-basic</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/loa3-int</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml:AttributeValue>
            </saml:Attribute>
        </mdattr:EntityAttributes>
    </Extensions>
    <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <Extensions>
            <shibmd:Scope regexp="false" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0">3xasecurity.com</shibmd:Scope>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">Mobile Test Identity Provider</mdui:DisplayName>
                <mdui:DisplayName xml:lang="sv">Mobilanpassad Legitimeringstjänst för test</mdui:DisplayName>
                <mdui:Description xml:lang="en">Legacy Test Identity Provider for Sweden Connect test federation</mdui:Description>
                <mdui:Description xml:lang="sv">Historisk legitimeringstjänst för Sweden Connect testfederation</mdui:Description>
                <mdui:Logo height="60" width="168">https://eid.svelegtest.se/logos/sc-logo.svg</mdui:Logo>
                <mdui:Logo height="60" width="60">https://eid.svelegtest.se/logos/sc-logo-notext.svg</mdui:Logo>
            </mdui:UIInfo>
        </Extensions>
        <KeyDescriptor use="signing">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIDKTCCAhGgAwIBAgIVAIPGXGydRK0xBr18RwWLeOuk3JI8MA0GCSqGSIb3DQEB
                        CwUAMB0xGzAZBgNVBAMMEm1pZHAuc3ZlbGVndGVzdC5zZTAeFw0xNjA5MTAxNTIy
                        MzZaFw0zNjA5MTAxNTIyMzZaMB0xGzAZBgNVBAMMEm1pZHAuc3ZlbGVndGVzdC5z
                        ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIcivH1yLkAZubduKBMY
                        LNjLw/aQQ5zbNxG78Ke2sXPGEjzi/3ePdFvmkco4mi00sjDxxHHInlb18oDVRY/N
                        uAx8EcLUt1FnOG6VripElQTlGioJyAUdt+2JdMI9F8UOmDlZRUTvT1WAOqJpGqXv
                        23W86eAOkeP1sUPbwaLKGSo9s9edqwoAsroJEwn/kXsLlcdKamE96azsv1DOUX7D
                        z1KtOupz4+nSFvqQIhiTJQ36pTxV/gol0oBCW/5k95jeLuBI5zwYb6Qhk111Z2MJ
                        fVFMJV85jcpMi98ITE5te9UprROpedBgUa3QLnJgxiyeMp7G34HcCYltQPOsnMgv
                        R7ECAwEAAaNgMF4wHQYDVR0OBBYEFIof8DxGRhdvDHWAK/a1t/2g2JEBMD0GA1Ud
                        EQQ2MDSCEm1pZHAuc3ZlbGVndGVzdC5zZYYeaHR0cHM6Ly9taWRwLnN2ZWxlZ3Rl
                        c3Quc2UvaWRwMA0GCSqGSIb3DQEBCwUAA4IBAQAlDSuZHaT9J5xDUHh7f1JV5i8a
                        ET03OizdkX7A9ZcQIiSJwJ5pl/my3mjvex25D4jz2i1JwPju73AXAhqqpkUIpnXb
                        g0Fh3ZrieZSWXoBec4MVqv3rR/ZIWO2+tqyXPTrwpa5iYXYuBcymRaqL/yaJmcIA
                        gXZqtpXzLuefL9jFDOZCG3zLn6zM3fPJ0HUypyN2X7IGn8J55L7HAPL4vg2UTpZg
                        6Ky5cNM4wEjE8xmx5sBccZHFlOBEa1ly+Fusi4WLz/+6OiI8l/G/eKk6XfvEZZ3b
                        IghKAoAEJkdZSCWwNgQ2dpOEomXWSlV1TZf9SFvnfKT+MEf5OGLbxHami1bL</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </KeyDescriptor>
        <KeyDescriptor use="signing">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIDKDCCAhCgAwIBAgIUC970aM/mhXbN43j/xYH3IvfNnXYwDQYJKoZIhvcNAQEL
                        BQAwHTEbMBkGA1UEAwwSbWlkcC5zdmVsZWd0ZXN0LnNlMB4XDTE2MDkxMDE1MjIz
                        NVoXDTM2MDkxMDE1MjIzNVowHTEbMBkGA1UEAwwSbWlkcC5zdmVsZWd0ZXN0LnNl
                        MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJMsd8KpSTgLTNTK3HyB
                        jp8XrvYIucAcZEdC7luh4nkOG9fsL/u4Z+22hAurJxoRWntLqXPkc1sd5CHd8LvH
                        E/lnRlHrXEkMSJPXCKp9mzA+UagkWvAt90qytangIERB9FVbGqmJxwlUK/jtcELb
                        Ql+jUbO/qJbT9TiG168D0zE1bK7t6ZPH2MoBp9OT82sPcUJ9YvogxkMfzkmA/atj
                        Tpe1l6dYX3VbZ9tWEQgT4o1xM55b1WnEkzytXiQZDXgVK9ptYt5/4l9nvQLPfsSF
                        LzJGwEgjOUnSIWdthC/xTLw8y+xqzn7ciebqwsSkDDRQHJqaNt3ZOcmn0rftFMLJ
                        DwIDAQABo2AwXjAdBgNVHQ4EFgQUY6QnUvXdO8yhpxrkeHBZuRkjI2owPQYDVR0R
                        BDYwNIISbWlkcC5zdmVsZWd0ZXN0LnNlhh5odHRwczovL21pZHAuc3ZlbGVndGVz
                        dC5zZS9pZHAwDQYJKoZIhvcNAQELBQADggEBAGmndfNPHg6mRiVaJiYBzs139vvi
                        0I09yv+aIa/aabtYDOthB9JXvObx574m3rVrFQQOcolD1RA+J/RGxr7BeBgdfPFd
                        ZeR8IBoKNJbqWwewEVALOwYkTJ4WE682QRNjxg4JLyNaWbRabt0+3BbGq7y7/sA/
                        KeJm4Xwsq5ZK4z2lJtdkSY4bB8N+6DTBa722/AIseHboFM1StrtwL4jEW9x4YQFC
                        IjWYCpe5r/R71RD+/J5bq/1qvxlsaqMZlEcjaRSVjIrvFycWtpniyEqzIxqd7sxA
                        RJ6tTrp4xjz6KR/a7Gu+lDS2sDiqYjiqpjUAK2nmUt5MDzQd8IOfdF4opHs=</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </KeyDescriptor>
        <KeyDescriptor use="encryption">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIDKDCCAhCgAwIBAgIUMz4Xv/IkuVzqpVzKOBdPfzJHe6kwDQYJKoZIhvcNAQEL
                        BQAwHTEbMBkGA1UEAwwSbWlkcC5zdmVsZWd0ZXN0LnNlMB4XDTE2MDkxMDE1MjIz
                        NVoXDTM2MDkxMDE1MjIzNVowHTEbMBkGA1UEAwwSbWlkcC5zdmVsZWd0ZXN0LnNl
                        MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZdob7ee4AxGOAlaIzXC
                        e9zDUyQ/QzPVGpuUmCv7sAG4S+rGBMaBiKke2XdFedMUo0fJNIdOqesMttorOT0X
                        I4iehtCMrsL7Gc3aFAyFeCa/IgKeHPo5/Eg6S/LZ0xZeJK843ut0RI56GwXKzx4b
                        fU/PrNW+XbWfmhtDlKQdrUTHmf4zwXyekoAJ7l+2ZBEZFtgLSAdUtgafuZUZOIgM
                        AVBYdOeJQZ9RJOSy257jP9Hhwm2V4PhFxVNUpfAtVOzrzCuM/RcVBtDvzXxIrwXb
                        4i34g8XwonEklbDFF99qad8//gBw2VjfsNaAiir+PJlu75cRv4IqU9mXHQwof1OA
                        xQIDAQABo2AwXjAdBgNVHQ4EFgQUJkLpGhmSDfZmms7N4fcyIWqzWWcwPQYDVR0R
                        BDYwNIISbWlkcC5zdmVsZWd0ZXN0LnNlhh5odHRwczovL21pZHAuc3ZlbGVndGVz
                        dC5zZS9pZHAwDQYJKoZIhvcNAQELBQADggEBAFiqxxOTzGN+jyih55pYaFfN0D9n
                        S5otLxJSbIuooQ1/7HT3N0KBp1fGa1te4dVWHYNmSNc0ZHHTWrMYG11rBmze3m8t
                        vvrhI9TY14jY/lfVB/PZahBoOV1+rTy+ut3G5pLWzCR2AcGNXdix8XRga6iwumT7
                        Ve9CN66Yxk051tpy7sk0FWsneOBGMSn5nbF6XxDVTnYyACuEVTkFi9CRMgLxq6YU
                        Tcg+DJB6w5zniR9WkY9wh6lnIxwljJu1c/BF7S4BWOwKczA66e9cQWDNHtnUaQ4W
                        tHjgqak+d747VFm1x6qOHhzTZaDkTtnqzJ7iGgdJDjtWzAQXp1/rWZ3xr2E=</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </KeyDescriptor>
        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
        <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://midp.svelegtest.se/idp/profile/SAML2/Redirect/SSO"/>
        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://midp.svelegtest.se/idp/profile/SAML2/POST/SSO"/>
    </IDPSSODescriptor>
    <Organization>
        <OrganizationName xml:lang="en">Sweden Connect</OrganizationName>
        <OrganizationName xml:lang="sv">Sweden Connect</OrganizationName>
        <OrganizationDisplayName xml:lang="en">Sweden Connect</OrganizationDisplayName>
        <OrganizationDisplayName xml:lang="sv">Sweden Connect</OrganizationDisplayName>
        <OrganizationURL xml:lang="en">https://swedenconnect.se</OrganizationURL>
    </Organization>
    <ContactPerson contactType="support">
        <Company>Sweden Connect</Company>
        <EmailAddress>stefan@aaa-sec.com</EmailAddress>
    </ContactPerson>
    <ContactPerson contactType="technical">
        <Company>Sweden Connect</Company>
        <EmailAddress>stefan@aaa-sec.com</EmailAddress>
    </ContactPerson>
</EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

EntityCategory-IdP

This Identity Provider has the following EntityCategory values for LoA and attribute profile:

-	*http://id.elegnamnden.se/ec/1.0/loa3-pnr*

ERROR

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa3-pnr" does not have the required complementary EntityCategory value "http://id.swedenconnect.se/ec/1.0/loa3-name"

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa3-pnr" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/loa3

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: Mobilanpassad Legitimeringstjänst för test*
-	*en: Mobile Test Identity Provider*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: Historisk legitimeringstjänst för Sweden Connect testfederation*
-	*en: Legacy Test Identity Provider for Sweden Connect test federation*

MDUI-Logotype

Working logotypes present:

H:60	W:168	Type:SVG
H:60	W:60	Type:SVG

MDUI-Logotype

At least one logo contains vector graphic of type SVG. This gives the best expected UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/loa2

- http://id.elegnamnden.se/loa/1.0/loa3

- http://id.elegnamnden.se/loa/1.0/loa4

- http://id.elegnamnden.se/loa/1.0/loa2-sigmessage

- http://id.elegnamnden.se/loa/1.0/loa3-sigmessage

- http://id.elegnamnden.se/loa/1.0/loa4-sigmessage

ERROR

LOA

IdP declares the following deprecated Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/loa2-sigmessage

- http://id.elegnamnden.se/loa/1.0/loa3-sigmessage

- http://id.elegnamnden.se/loa/1.0/loa4-sigmessage

ERROR

LOA-Holder-of-key

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://midp.svelegtest.se/idp is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Sweden Connect)

CONTACT-SUPP

Support contact e-mail (stefan@aaa-sec.com) is present

CONTACT-TECH

Technical contact e-mail (stefan@aaa-sec.com) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

Talgildu Føroyar (https://www.talgildu.fo/demoidp) (5) (2)

Talgildu Føroyar (https://www.talgildu.fo/demoidp)

(5)

(2)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor entityID="https://www.talgildu.fo/demoidp" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml2:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa2</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa3</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa4</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa2-sigmessage</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa3-sigmessage</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa4-sigmessage</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-nf-low</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-nf-sub</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-nf-high</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/loa2-pnr</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/loa3-pnr</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/loa4-pnr</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/eidas-pnr-delivery</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/scal2</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml2:AttributeValue>
            </saml2:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">Faroese eID Demo IdP</mdui:DisplayName>
                <mdui:DisplayName xml:lang="sv">Färöarnas eID Demo IdP</mdui:DisplayName>
                <mdui:DisplayName xml:lang="fo">Faroese eID Demo IdP</mdui:DisplayName>
                <mdui:Description xml:lang="en">Faroese eID Demo Identity Provider</mdui:Description>
                <mdui:Description xml:lang="sv">Färöarnas eID legitimeringstjänst för demo</mdui:Description>
                <mdui:Description xml:lang="fo">Faroese eID Demo Identity Provider</mdui:Description>
                <mdui:Logo height="65" width="133">https://eid.idsec.se/foidp/images/logo.png</mdui:Logo>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor use="signing" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIE+DCCAuCgAwIBAgIEWwfwADANBgkqhkiG9w0BAQsFADA+MQswCQYDVQQGEwJTRTEXMBUGA1UECgwOU3dlZGVuIENvbm5lY3QxFjAUBgNVBAMMDVJlZmVyZW5jZSBJZFAwHhcNMTgwNTI1MTExNDA4WhcNMTkwNTI1MTExNDA4WjA+MQswCQYDVQQGEwJTRTEXMBUGA1UECgwOU3dlZGVuIENvbm5lY3QxFjAUBgNVBAMMDVJlZmVyZW5jZSBJZFAwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC6vU34iEipXtu3l592hKDdwPWPvdNyTZuFOBCtzgYayUALOcCxtW8urUd2OTTlXcR4oHSIRhG/1ssR568ZxWYUO+kxzAOIERGWQRylGALBe4tvLxx+Ks0PgkAP+BobO3mf3cOLOKk4GCwltqK1zctBQpZMl99xiQbEp1ys2v2LDH27HJ+Ws+A0XNXiXvj07ZBcrqpfN6dLLQivJZTtYjv9zVgn3WtHUXvTerCuwEuDfFWDWU0w4ko6sBsumaRc0Wqj6I2Q7eRbBAXCPjYlCOiHJUUJIihN9ZNCwbleqKwCy3TgtEsrvpKjES3DI1nRd33oseLKg7noYvmBiqAWr9PDq1t6Cn7mu1RfGBHvqrFxRi4s5HcYM4clOR2tU9kSCuYUfgv8bTKbhJiEPJSzBxkZvgjrYevofU0+lylILeNY7moaPIH3Ykrf+D5pHX93gjfbDEA5V+YsOZJa/bXEqMJ3VWOdGFvd4reGgyZea/yChoYJ83QYk67GEcVcijXppC1J+Vysu+TnJenIT6It1QsC1XZjniL3QvC10Oy9/zqjkh3YL8bakUhFRwbSPpIzWY6tCzCDKvE2I+sPLmSyg6/BbIGrPNgDUdJOhRxTk45pK99Cw8+lPexvqfwdKpvHHkfQB6TgDgVcxT4/VBwDjju/hEAqbRMjZg8o9AQV4ACYQwIDAQABMA0GCSqGSIb3DQEBCwUAA4ICAQB3Uwmsss/guCxLES2iG9CPl30EtmVe1/mNtQ1ccwdqSl6EQRtvE/ygE0HgvZcU6HpkB4AHeuh0pVZV1cCkiZyHQ8vX0La1xMhbsaSma5J3pAW8bT+RaGbtheUaDF9kQ0qlq/aPPkk9CI2LtcZD77n3XEVslrtwzIeVrQySfx9B4uoHcqov7spgqPlzTGZZBC7F1xuoeO6QS06I3iVjXj98HWzBq6acplsgF613HzdPsnCPxQIVQCUNE1gEhQ8BitWX5RhInm5xGBNMpOnhuXb66obmhNI6HD18J/XBrIUEY7+12OqjNDLEWES6tKJUD4RLz1j8Vpb8vx0p1USdy90R+Jfdx7Tbovso6L90CQPTuDXiw3pX095bvfs7XW3SoBYLaMwFEtVzO4NVWujHghZvN/DAxetfR0AsykhKSplJbMPrX2oZlcad5LRCa4hEYKYwjvG0ZAGuyELQ45NRiS0wer8hqhz8vfB13OWFcoT1J+hwGbJOObglt/4yC0TMfvOQvV4A3LuVyxq5aynhZBecyDEmJXa3zXGSpaxUbfzZD30JzzXEHgVZfzNJ213pHr6IxPY8pk45668liTXdyNicZDkUhBqDuPAPw08571qN16/iCNox2fTUmEKXK6wJVabPQdkMa0ieCVhPOY7JzfjExMnkQE/f339Db1Bt90u5DA==</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="encryption" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIE+DCCAuCgAwIBAgIEWwfwUTANBgkqhkiG9w0BAQsFADA+MQswCQYDVQQGEwJTRTEXMBUGA1UECgwOU3dlZGVuIENvbm5lY3QxFjAUBgNVBAMMDVJlZmVyZW5jZSBJZFAwHhcNMTgwNTI1MTExNTI5WhcNMTkwNTI1MTExNTI5WjA+MQswCQYDVQQGEwJTRTEXMBUGA1UECgwOU3dlZGVuIENvbm5lY3QxFjAUBgNVBAMMDVJlZmVyZW5jZSBJZFAwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCZCAQORPkyayDKEqoZm4C5qXv8Y8h93FMLA96WfIP7UZxZI7edbZPr3nEDW//k97c5eMAqEnfK5pFxBbOM3VsBpxg2YNNz+BpGTmF9BmNjQONs4DKjFJc5Xt2IUyW2tq7UG3Bb89x/LZqxewHp6vH6jf0MpG5HgrAA30w5559cNL/qglxy8noVqCazuG7Ln0serQk5hW6KMMf1o2R+whi55h3SLHUqmemEnUi//KR+ZgQlpY9lJhVwDuYR0/PwLYTfW47OfbfySlqRiNWlgG1HAdYCUdUrX86fI4R3USRB+gPeqp+OwuONILDfiwv5oH87DklJXtfJOz+sVFD5SHSyALKLiaamVTPK+IRlxUDRZh8K/ZUv6ljFul/f74w+VJW9AkIORJBPezags9ZZZVhktQ8mErQqeP/c0JoK1vfvJAUI4g8ZuVeM+yURljMRVPQWdYHKq/e9viFVbCDEf5IqQi/laAZpCTRqv569qAnQX/WvkcoGM9UFdpz9SH0SayJuFGizXfRT/vXXuts250FOzTiR53MWATLck+7JXoJluaQJfu41NFxP0Pch114k1GRBhVzr8XZBtiIZXZCVHSok1h+jrpgtRFrUmelh5T00r8en/o2Y21zVPKdvu3z6T0pmuh2xphjWRzzJfMvcx5DqEEUE4Bej2IatLtzuhdqaDQIDAQABMA0GCSqGSIb3DQEBCwUAA4ICAQAkKeKpXvKD5tfhF4b4L5Xd8jgZ9f9DXPcPG1GejupnovJ0dCqQWytcyDHweNXwIrx5zQizX7OWuEcOrfA+IZ7G5xFHPKcPtKaZ5e1+vxqRlJ0IG/mGhXx58ZuLK/7ckox//51VimzM8hw4fC89Va1hZw1tJlWx8KpQBzvr53EMGYyFdRk7uT8h2o/SLymC8yTc5UpW0h/dvH2HLYRZn1L79sfB4uAE0u5D7+OHVjI9p33WYfJKDebGnhS5LfQOge8YHxFbAvqCIyX40+E0l2QFiNORAsk+K2wBcEySrq3+G4LpeWdCQsn02/MEp1fiAGQYV68gpUJFYYbFqq2zecUkyfz57xRFcnN/YzZnXeFMEbu5Xm2B5qQuNF6Y0E/cik/+Be6HQgRmtSx51JIdgzBuZXQhSlEU73Xcm1HActy/n4nc5QZzycOSdQy4qh5pABFdMviTcKFBGQeNh8VBRoAd0x/9PujsKeIhvtadWIQ3FohBaVzhY6TSlwthDQskhr1SBTSbPsQp1fVjafbG9/imFeZKGxxoqXgJ8pOA70cwKbCGVdxwok4s1Spw60bg2omP3Jbq2RyT0IT8litd1q+iYkveFIqSl/Z/wrNZ2UQfWdVbBjqhmysls2btNVq7X3a0ie5qSw5+TXTpBQtwmTAElQBBMFgU/WBa7Bi2t2KZZQ==</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:NameIDFormat xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://eid.idsec.se/foidp/profile/SAML2/Redirect/SSO" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://eid.idsec.se/foidp/profile/SAML2/POST/SSO" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"/>
    </IDPSSODescriptor>
    <Organization>
        <OrganizationName xml:lang="en">Talgildu Føroyar</OrganizationName>
        <OrganizationName xml:lang="sv">Talgildu Føroyar</OrganizationName>
        <OrganizationName xml:lang="fo">Talgildu Føroyar</OrganizationName>
        <OrganizationDisplayName xml:lang="en">Talgildu Føroyar</OrganizationDisplayName>
        <OrganizationDisplayName xml:lang="sv">Talgildu Føroyar</OrganizationDisplayName>
        <OrganizationDisplayName xml:lang="fo">Talgildu Føroyar</OrganizationDisplayName>
        <OrganizationURL xml:lang="fo">https://www.talgildu.fo</OrganizationURL>
        <OrganizationURL xml:lang="en">https://www.talgildu.fo/english/</OrganizationURL>
    </Organization>
    <ContactPerson contactType="technical">
        <Company>IDsec Solutions AB</Company>
        <GivenName>Martin</GivenName>
        <SurName>Lindström</SurName>
        <EmailAddress>martin@idsec.se</EmailAddress>
        <TelephoneNumber>+46 (0)70 361 98 80</TelephoneNumber>
    </ContactPerson>
    <ContactPerson contactType="support">
        <Company>IDsec Solutions AB</Company>
        <GivenName>Martin</GivenName>
        <SurName>Lindström</SurName>
        <EmailAddress>martin@idsec.se</EmailAddress>
        <TelephoneNumber>+46 (0)70 361 98 80</TelephoneNumber>
    </ContactPerson>
</EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

WARNING

Certificates

The certificate for signing has expired

WARNING

Certificates

The certificate for encryption has expired

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

EntityCategory-IdP

This Identity Provider has the following EntityCategory values for LoA and attribute profile:

-	*http://id.elegnamnden.se/ec/1.0/loa2-pnr*
-	*http://id.elegnamnden.se/ec/1.0/loa3-pnr*
-	*http://id.elegnamnden.se/ec/1.0/loa4-pnr*
-	*http://id.elegnamnden.se/ec/1.0/eidas-pnr-delivery*

ERROR

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa2-pnr" does not have the required complementary EntityCategory value "http://id.swedenconnect.se/ec/1.0/loa2-name"

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa2-pnr" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/loa2

ERROR

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa3-pnr" does not have the required complementary EntityCategory value "http://id.swedenconnect.se/ec/1.0/loa3-name"

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa3-pnr" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/loa3

ERROR

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa4-pnr" does not have the required complementary EntityCategory value "http://id.swedenconnect.se/ec/1.0/loa4-name"

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa4-pnr" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/loa4

EntityCategory-Consistency

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: Färöarnas eID Demo IdP*
-	*en: Faroese eID Demo IdP*
-	*fo: Faroese eID Demo IdP*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: Färöarnas eID legitimeringstjänst för demo*
-	*en: Faroese eID Demo Identity Provider*
-	*fo: Faroese eID Demo Identity Provider*

MDUI-Logotype

Working logotypes present:

H:65

W:133

Type:PNG

MDUI-Logotype

All logotypes are OK but no vector graphic image of type SVG is present. Consider providing images in vector graphic for best UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/loa2

- http://id.elegnamnden.se/loa/1.0/loa3

- http://id.elegnamnden.se/loa/1.0/loa4

- http://id.elegnamnden.se/loa/1.0/loa2-sigmessage

- http://id.elegnamnden.se/loa/1.0/loa3-sigmessage

- http://id.elegnamnden.se/loa/1.0/loa4-sigmessage

- http://id.elegnamnden.se/loa/1.0/eidas-nf-low

- http://id.elegnamnden.se/loa/1.0/eidas-nf-sub

- http://id.elegnamnden.se/loa/1.0/eidas-nf-high

ERROR

LOA

IdP declares the following deprecated Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/loa2-sigmessage

- http://id.elegnamnden.se/loa/1.0/loa3-sigmessage

- http://id.elegnamnden.se/loa/1.0/loa4-sigmessage

ERROR

LOA-Holder-of-key

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://www.talgildu.fo/demoidp is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Talgildu Føroyar)

CONTACT-SUPP

Support contact e-mail (martin@idsec.se) is present

CONTACT-TECH

Technical contact e-mail (martin@idsec.se) is present

EIDAS-IdP

This IdP is configured to support the eIDAS proxy service through appropriate EntityCategory declarations and supports eIDAS LoA levels

Technology Nexus AB (https://idp.nexusgroup.com/dss) (7) (1)

Technology Nexus AB (https://idp.nexusgroup.com/dss)

(7)

(1)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="https://idp.nexusgroup.com/dss" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa2</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa3</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa4</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa2-sigmessage</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa3-sigmessage</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa4-sigmessage</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-nf-low</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-nf-sub</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-nf-high</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3-sigmessage</saml:AttributeValue>
            </saml:Attribute>
            <saml:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/loa2-pnr</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/loa3-pnr</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/loa4-pnr</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/eidas-pnr-delivery</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/scal2</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/sc/uncertified-loa3-pnr</saml:AttributeValue>
            </saml:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <md:IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:Logo height="100" width="100" xml:lang="en">https://dss-dev.go.nexusgroup.com/nexus_logo.svg</mdui:Logo>
                <mdui:Logo height="100" width="100" xml:lang="en">https://dss-dev.go.nexusgroup.com/nexus_logo.png</mdui:Logo>
                <mdui:DisplayName xml:lang="sv">Nexus Test IDP</mdui:DisplayName>
                <mdui:DisplayName xml:lang="en">Nexus Test IDP</mdui:DisplayName>
                <mdui:Description xml:lang="sv">Nexus Test IDP</mdui:Description>
                <mdui:Description xml:lang="en">Nexus Test IDP</mdui:Description>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor use="signing">
            <xd:KeyInfo xmlns:xd="http://www.w3.org/2000/09/xmldsig#">
                <xd:X509Data>
                    <xd:X509Certificate>MIIEJjCCAw6gAwIBAgIBATANBgkqhkiG9w0BAQsFADCBnTELMAkGA1UEBhMCTVkxFDASBgNVBAgTC015IFByb3ZpbmNlMRAwDgYDVQQHEwdNeSBDaXR5MRMwEQYDVQQKEwpNeSBDb21wYW55MRMwEQYDVQQLEwpNeSBTZWN0aW9uMRkwFwYDVQQDExB3d3cubXljb21wYW55Lm15MSEwHwYJKoZIhvcNAQkBFhJlbWFpbC5teWNvbXBhbnkubXkwHhcNMTUwNzA4MTUwMDAwWhcNMjUwNzA1MTUwMDAwWjCBnTELMAkGA1UEBhMCTVkxFDASBgNVBAgTC015IFByb3ZpbmNlMRAwDgYDVQQHEwdNeSBDaXR5MRMwEQYDVQQKEwpNeSBDb21wYW55MRMwEQYDVQQLEwpNeSBTZWN0aW9uMRkwFwYDVQQDExB3d3cubXljb21wYW55Lm15MSEwHwYJKoZIhvcNAQkBFhJlbWFpbC5teWNvbXBhbnkubXkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfcvbxwincw8qSQPcZgyfni3chrRq5nhqkPRzMesreZdNSR2OR0Z8PU+JSe6YPZpubi8R22zfiE6d1CMYm6/cU+uc0dS7KPKSZjj4pSuobGxwanyOgiMFgbihBK5RmjXzJ+25jHUqqHsIqbHK10i5900zaKMRGIJps+gUbBlkU9KMUpGQQh8RH8VNhaDFIUMIOi1Yd7LvEVWBe1h3cJjvPR5NGgoxFniNxrbSYUzZgxzNjmyBCiZEInxdeK2IbbFmXrfuTN0CnmwblvG0Etk2J/koVf8TT0ANF2tSuxezxBJtagCikHLAIexNENLslFsYKV2xerbYLYNnt5mEN2Z4fAgMBAAGjbzBtMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFA9D31T01BN9kcFkXY/J+ydBgFnBMAsGA1UdDwQEAwIF4DARBglghkgBhvhCAQEEBAMCBkAwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTANBgkqhkiG9w0BAQsFAAOCAQEAI1mATsxD46D86RXxi8xY6bfFMjLIbXgOx7jE1UPROSZonr1Ut8SSZjxxb9C7WsCk1GisWi63nqKjBAFqVLK5zoCeWkyDoPFYg0bxSlctTtSbfsUTayRO0RQHdrOaa/VDzTELo4UnDN1wBkVH1ZOwj/iCXPDkByIo76pUXJm0djJMdIC5/U+cD5n+GLl0sJDjbvuBYSvFJnzjnOgv0LhF4POHHS6iAOyYsRRSt3X6ewRYEVnfAf3DWhmD/vixjVALbxCnnItk0Ud9KrCSi4Hp7Y03vk1phvqFcJA2ZrJaEo4ZpQ3WhTsSS78Uu2YsuY6gyXWe6gl4Z+vSMLVw8gxEDw==</xd:X509Certificate>
                </xd:X509Data>
            </xd:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="encryption">
            <xd:KeyInfo xmlns:xd="http://www.w3.org/2000/09/xmldsig#">
                <xd:X509Data>
                    <xd:X509Certificate>MIIEJjCCAw6gAwIBAgIBATANBgkqhkiG9w0BAQsFADCBnTELMAkGA1UEBhMCTVkxFDASBgNVBAgTC015IFByb3ZpbmNlMRAwDgYDVQQHEwdNeSBDaXR5MRMwEQYDVQQKEwpNeSBDb21wYW55MRMwEQYDVQQLEwpNeSBTZWN0aW9uMRkwFwYDVQQDExB3d3cubXljb21wYW55Lm15MSEwHwYJKoZIhvcNAQkBFhJlbWFpbC5teWNvbXBhbnkubXkwHhcNMTUwNzA4MTUwMDAwWhcNMjUwNzA1MTUwMDAwWjCBnTELMAkGA1UEBhMCTVkxFDASBgNVBAgTC015IFByb3ZpbmNlMRAwDgYDVQQHEwdNeSBDaXR5MRMwEQYDVQQKEwpNeSBDb21wYW55MRMwEQYDVQQLEwpNeSBTZWN0aW9uMRkwFwYDVQQDExB3d3cubXljb21wYW55Lm15MSEwHwYJKoZIhvcNAQkBFhJlbWFpbC5teWNvbXBhbnkubXkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfcvbxwincw8qSQPcZgyfni3chrRq5nhqkPRzMesreZdNSR2OR0Z8PU+JSe6YPZpubi8R22zfiE6d1CMYm6/cU+uc0dS7KPKSZjj4pSuobGxwanyOgiMFgbihBK5RmjXzJ+25jHUqqHsIqbHK10i5900zaKMRGIJps+gUbBlkU9KMUpGQQh8RH8VNhaDFIUMIOi1Yd7LvEVWBe1h3cJjvPR5NGgoxFniNxrbSYUzZgxzNjmyBCiZEInxdeK2IbbFmXrfuTN0CnmwblvG0Etk2J/koVf8TT0ANF2tSuxezxBJtagCikHLAIexNENLslFsYKV2xerbYLYNnt5mEN2Z4fAgMBAAGjbzBtMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFA9D31T01BN9kcFkXY/J+ydBgFnBMAsGA1UdDwQEAwIF4DARBglghkgBhvhCAQEEBAMCBkAwHgYJYIZIAYb4QgENBBEWD3hjYSBjZXJ0aWZpY2F0ZTANBgkqhkiG9w0BAQsFAAOCAQEAI1mATsxD46D86RXxi8xY6bfFMjLIbXgOx7jE1UPROSZonr1Ut8SSZjxxb9C7WsCk1GisWi63nqKjBAFqVLK5zoCeWkyDoPFYg0bxSlctTtSbfsUTayRO0RQHdrOaa/VDzTELo4UnDN1wBkVH1ZOwj/iCXPDkByIo76pUXJm0djJMdIC5/U+cD5n+GLl0sJDjbvuBYSvFJnzjnOgv0LhF4POHHS6iAOyYsRRSt3X6ewRYEVnfAf3DWhmD/vixjVALbxCnnItk0Ud9KrCSi4Hp7Y03vk1phvqFcJA2ZrJaEo4ZpQ3WhTsSS78Uu2YsuY6gyXWe6gl4Z+vSMLVw8gxEDw==</xd:X509Certificate>
                </xd:X509Data>
            </xd:KeyInfo>
        </md:KeyDescriptor>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.nexusgroup.com/wa/auth/saml/"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.nexusgroup.com/wa/auth/saml/"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="en">Technology Nexus AB</md:OrganizationName>
        <md:OrganizationName xml:lang="sv">Technology Nexus AB</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="en">Technology Nexus</md:OrganizationDisplayName>
        <md:OrganizationDisplayName xml:lang="sv">Technology Nexus</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="en">https://www.nexusgroup.com</md:OrganizationURL>
        <md:OrganizationURL xml:lang="sv">https://www.nexusgroup.com</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="technical">
        <md:Company>Technology Nexus AB</md:Company>
        <md:GivenName>Daniel</md:GivenName>
        <md:SurName>Forssten</md:SurName>
        <md:EmailAddress>daniel.forssten@Nexusgroup.com</md:EmailAddress>
        <md:TelephoneNumber>+46733458701</md:TelephoneNumber>
    </md:ContactPerson>
    <md:ContactPerson contactType="support">
        <md:Company>Technology Nexus AB</md:Company>
        <md:GivenName>Daniel</md:GivenName>
        <md:SurName>Forssten</md:SurName>
        <md:EmailAddress>daniel.forssten@Nexusgroup.com</md:EmailAddress>
        <md:TelephoneNumber>+46733458701</md:TelephoneNumber>
    </md:ContactPerson>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

EntityCategory-IdP

This Identity Provider has the following EntityCategory values for LoA and attribute profile:

-	*http://id.elegnamnden.se/ec/1.0/loa2-pnr*
-	*http://id.elegnamnden.se/ec/1.0/loa3-pnr*
-	*http://id.elegnamnden.se/ec/1.0/loa4-pnr*
-	*http://id.elegnamnden.se/ec/1.0/eidas-pnr-delivery*

ERROR

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa2-pnr" does not have the required complementary EntityCategory value "http://id.swedenconnect.se/ec/1.0/loa2-name"

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa2-pnr" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/loa2

ERROR

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa3-pnr" does not have the required complementary EntityCategory value "http://id.swedenconnect.se/ec/1.0/loa3-name"

EntityCategory-Consistency

ERROR

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa4-pnr" does not have the required complementary EntityCategory value "http://id.swedenconnect.se/ec/1.0/loa4-name"

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa4-pnr" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/loa4

EntityCategory-Consistency

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: Nexus Test IDP*
-	*en: Nexus Test IDP*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: Nexus Test IDP*
-	*en: Nexus Test IDP*

ERROR

MDUI-Logotype

No working logotype are present in mdui

ERROR

MDUI-Logotype

The following errors were encountered while processing logotypes:

-	Logotype download from: *https://dss-dev.go.nexusgroup.com/nexus_logo.svg* failed with HTTP response code 0
-	Logotype download from: *https://dss-dev.go.nexusgroup.com/nexus_logo.png* failed with HTTP response code 0

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/loa2

- http://id.elegnamnden.se/loa/1.0/loa3

- http://id.elegnamnden.se/loa/1.0/loa4

- http://id.elegnamnden.se/loa/1.0/loa2-sigmessage

- http://id.elegnamnden.se/loa/1.0/loa3-sigmessage

- http://id.elegnamnden.se/loa/1.0/loa4-sigmessage

- http://id.elegnamnden.se/loa/1.0/eidas-nf-low

- http://id.elegnamnden.se/loa/1.0/eidas-nf-sub

- http://id.elegnamnden.se/loa/1.0/eidas-nf-high

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3-sigmessage

ERROR

LOA

IdP declares the following deprecated Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/loa2-sigmessage

- http://id.elegnamnden.se/loa/1.0/loa3-sigmessage

- http://id.elegnamnden.se/loa/1.0/loa4-sigmessage

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3-sigmessage

ERROR

LOA-Holder-of-key

WARNING

NameID-IdP

The following unrecognized/unsupported NameID declaration are present.This could indicate misconfiguration:

-	*urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress*

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://idp.nexusgroup.com/dss is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Technology Nexus AB)

CONTACT-SUPP

Support contact e-mail (daniel.forssten@Nexusgroup.com) is present

CONTACT-TECH

Technical contact e-mail (daniel.forssten@Nexusgroup.com) is present

EIDAS-IdP

This IdP is configured to support the eIDAS proxy service through appropriate EntityCategory declarations and supports eIDAS LoA levels

Verisec AB (https://idp.frejaeid.com/test) (4)

Verisec AB (https://idp.frejaeid.com/test)

(4)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor entityID="https://idp.frejaeid.com/test" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml2:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa3</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/loa3-sigmessage</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/loa/1.0/eidas-sub</saml2:AttributeValue>
            </saml2:Attribute>
            <saml2:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/loa3-pnr</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/eidas-pnr-delivery</saml2:AttributeValue>
                <saml2:AttributeValue xsi:type="xsd:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/contract/sc/eid-choice-2017</saml2:AttributeValue>
            </saml2:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">Freja eID+ localhost</mdui:DisplayName>
                <mdui:DisplayName xml:lang="sv">Freja eID+ localhost</mdui:DisplayName>
                <mdui:Description xml:lang="en">Freja eID is an electronic identity on your mobile that allows you to log in, sign and approve transactions. It comes with two levels of identity assurance, basic level and Freja eID+, which is officially approved by the Swedish E-identification board with the quality mark Svensk e-legitimation. Freja eID+ gives you access to more services and a free ID protection, alerting you if your official residential address is changed.</mdui:Description>
                <mdui:Description xml:lang="sv">Freja eID är en mobil e-legitimation som gör att du kan logga in, skriva under och godkänna transaktioner hos anslutna tjänster. Den utfärdas i två olika tillitsnivåer, Freja eID Bas och Freja eID+, varav den senare har statliga E-legitimationsnämnden godkänt för kvalitetsmärket Svensk e-legitimation. Med Freja eID+ kan du nå ännu fler tjänster och får även ett ID-Skydd som varnar ifall någon ändrar din folkbokföringsadress hos Skatteverket.</mdui:Description>
                <mdui:Logo height="75" width="75">https://localhost:9160/idp/images/frejaeid_logo.svg</mdui:Logo>
                <mdui:Logo height="120" width="120">https://localhost:9160/idp/images/frejaeid_logo_vertical.svg</mdui:Logo>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor use="signing" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIC/DCCAeSgAwIBAgIEW1h9BzANBgkqhkiG9w0BAQsFADBAMRAwDgYDVQQKDAd2ZXJpc2VjMRUwEwYDVQQLDAx2ZXJpc2VjLWxhYnMxFTATBgNVBAMMDGZyZWphZWlkLWlkcDAeFw0xODA3MjUxMzM4MDdaFw0yMzA3MjUxMzM4MDdaMEAxEDAOBgNVBAoMB3ZlcmlzZWMxFTATBgNVBAsMDHZlcmlzZWMtbGFiczEVMBMGA1UEAwwMZnJlamFlaWQtaWRwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAPZ86bYvVFEJIJX/x09JKe5AoCcQU7KrMvPP3I+xg6GSlszDDpkgEZsSiAsxMxQrRPQjKPezHVLvJqUXTL1sny2xZc31vAsVm4POIflIMRtzQFLNkbs3itrvAap7Vus2sbotMPSCNsIHWXuy0u7X4XH8Oviw2xgNHs/fPMPnrqMpICcq6M1BkgS97dHz44Mk7vrtX08sxM4CgXg/GeANFSp8uPu6D+LlucV1cWQgbMXoiRxnkNoqP7l++TZ11MXOCEjnsm+PNoIvkq7VUbzuGHNgF0pUPf8yn7qj2CQcpwJbAcQAPI7iXh+MUjLtJjdvC88i+NOXxOJvW3ToxDTrQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCJ6LZLSKecPW+PUjBIuaHkt7bVd2v2j218h8h8fDBJuPcy9wggDKYgmbd4BVeRjFLjcB5I5KqILPeUB6vMg6vUaY/6lWdw7Xw/2bDn3yA/YUFXl7T4gVZDQVTfZdLbxSPCX7gTLetMv6FsB2jfEGPT18HksBVmHctDHcOmrI68j2CehVoyJ/N+Y/YtGfWw/vrwsSt5xWf+GlJdOVgSYlsLK0a6czAnHFYy5tl+CCs3i0Zw6d60pKHjxtw2xqwFdBOf03OTt+uG5VJRUkoB3IG4eiVd/RdcOoTuzs+4WSSVcpi6rNrbb5FgYhVyIKctSwjoHFz2kj0OE/OQnX1piQEm</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="encryption" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIDJDCCAgygAwIBAgIUE9Ed7iaZQARLB0/bFaPXwwUSBY8wDQYJKoZIhvcNAQELBQAwHDEaMBgGA1UEAwwRaWRwLnN2ZWxlZ3Rlc3Quc2UwHhcNMTYwOTEwMTAxNzA1WhcNMzYwOTEwMTAxNzA1WjAcMRowGAYDVQQDDBFpZHAuc3ZlbGVndGVzdC5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK0qTFerVx3p4rk7trhMOf6KC9c1+Rq7w1oqTis/ml/ooMRzVmfHmDQTGwoKTIY25R/bSeqoTJEshA8nZw48fCr1jgNVyBxRGIGbFMXazAg/tH3EyiKxXtUnKtOpawx7+sV5uNwq/6i2n2euGFPbRkOclYNjCd0UYK6BgxKsX7XFDkQygggOI8jXe4LmPu36e9zOJ37QLWou2EdLSiNYqX38Mrps20oxG1Imy1O4pKTTV0zUtis/ujKrk/zlSkQEhwH0lW+UT0J0k9Drohj4xq+r7SDWSyGDN32W3DlLGKsdssmClU/xEJl1slyy1O51L51ETpCc02xarrbid9Swzj8CAwEAAaNeMFwwHQYDVR0OBBYEFAGh74d7hApkF8IZ5ZVGy6rblI1WMDsGA1UdEQQ0MDKCEWlkcC5zdmVsZWd0ZXN0LnNlhh1odHRwczovL2lkcC5zdmVsZWd0ZXN0LnNlL2lkcDANBgkqhkiG9w0BAQsFAAOCAQEAW8dvmOcr2e8R5E0O97GM+dCkmd6f2v8MF+yHwM/RHaip2PNZguIrYkQY291Mq6PT8gU/mZhDu1xDOF7pjlroZyWJanlT7m33xvI6mUHK4GCNgmC5AkG1ZFmYS8zQLH/gYLFbn3+v7uMg14MDPhA8Z0+zFGN9o+DPTZg2m8XkvM4Biyu0s0OYrWeAMfgrhcFX1/u6j8vTIcqS9xH6RKC2sAqsDCD9e5V6cfUvsUxGdR1sAN2aAD5iMQLc/6TO0u9jcVTWaNxfd8kk0pyILNYU1zWOn/b6rke/trVDW9mnFH106/gUq4ZLzd3aY5ZUeyJkKZaJobbifsdO1huOpl67UQ==</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:NameIDFormat xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://localhost:9160/idp/profile/SAML2/Redirect/SSO" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://localhost:9160/idp/profile/SAML2/POST/SSO" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"/>
    </IDPSSODescriptor>
    <Organization>
        <OrganizationName xml:lang="en">Verisec AB</OrganizationName>
        <OrganizationName xml:lang="sv">Verisec AB</OrganizationName>
        <OrganizationDisplayName xml:lang="en">Verisec AB</OrganizationDisplayName>
        <OrganizationDisplayName xml:lang="sv">Verisec AB</OrganizationDisplayName>
        <OrganizationURL xml:lang="en">https://frejaeid.com/en/</OrganizationURL>
        <OrganizationURL xml:lang="sv">https://frejaeid.com</OrganizationURL>
    </Organization>
    <ContactPerson contactType="technical">
        <Company>Verisec AB</Company>
        <EmailAddress>partnersupport@frejaeid.com</EmailAddress>
    </ContactPerson>
    <ContactPerson contactType="support">
        <Company>Verisec AB</Company>
        <EmailAddress>partnersupport@frejaeid.com</EmailAddress>
    </ContactPerson>
</EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

EntityCategory-IdP

This Identity Provider has the following EntityCategory values for LoA and attribute profile:

-	*http://id.elegnamnden.se/ec/1.0/loa3-pnr*
-	*http://id.elegnamnden.se/ec/1.0/eidas-pnr-delivery*

ERROR

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa3-pnr" does not have the required complementary EntityCategory value "http://id.swedenconnect.se/ec/1.0/loa3-name"

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/loa3-pnr" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/loa3

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/eidas-pnr-delivery" is supported by the following compatible LoA:s
- http://id.elegnamnden.se/loa/1.0/eidas-sub

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: Freja eID+ localhost*
-	*en: Freja eID+ localhost*

MDUI-Description

Description in Swedish and English present in mdui:

sv: Freja eID är en mobil e-legitimation som gör att du kan logga in, skriva under och godkänna transaktioner hos anslutna tjänster. Den utfärdas i två olika tillitsnivåer, Freja eID Bas och Freja eID+, varav den senare har statliga E-legitimationsnämnden godkänt för kvalitetsmärket Svensk e-legitimation. Med Freja eID+ kan du nå ännu fler tjänster och får även ett ID-Skydd som varnar ifall någon ändrar din folkbokföringsadress hos Skatteverket.

en: Freja eID is an electronic identity on your mobile that allows you to log in, sign and approve transactions. It comes with two levels of identity assurance, basic level and Freja eID+, which is officially approved by the Swedish E-identification board with the quality mark Svensk e-legitimation. Freja eID+ gives you access to more services and a free ID protection, alerting you if your official residential address is changed.

ERROR

MDUI-Logotype

No working logotype are present in mdui

ERROR

MDUI-Logotype

The following errors were encountered while processing logotypes:

-	Logotype download from: *https://localhost:9160/idp/images/frejaeid_logo.svg* failed with HTTP response code 0
-	Logotype download from: *https://localhost:9160/idp/images/frejaeid_logo_vertical.svg* failed with HTTP response code 0

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/loa3

- http://id.elegnamnden.se/loa/1.0/loa3-sigmessage

- http://id.elegnamnden.se/loa/1.0/eidas-sub

ERROR

LOA

IdP declares the following deprecated Levels of Assurance:

- http://id.elegnamnden.se/loa/1.0/loa3-sigmessage

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value https://idp.frejaeid.com/test is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Verisec AB)

CONTACT-SUPP

Support contact e-mail (partnersupport@frejaeid.com) is present

CONTACT-TECH

Technical contact e-mail (partnersupport@frejaeid.com) is present

EIDAS-IdP

This IdP is configured to support the eIDAS proxy service through appropriate EntityCategory declarations and supports eIDAS LoA levels

Visma (urn:visma:idp-test.ciceron.cloud:saml20.bankid-mobile) (1)

Visma (urn:visma:idp-test.ciceron.cloud:saml20.bankid-mobile)

(1)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="urn:visma:idp-test.ciceron.cloud:saml20.bankid-mobile" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3</saml:AttributeValue>
            </saml:Attribute>
            <saml:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/sc/uncertified-loa3-pnr</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/general-ec/1.0/secure-authenticator-binding</saml:AttributeValue>
            </saml:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions>
            <psc:RequestedPrincipalSelection xmlns:psc="http://id.swedenconnect.se/authn/1.0/principal-selection/ns">
                <psc:MatchValue Name="urn:oid:1.2.752.29.4.13"/>
            </psc:RequestedPrincipalSelection>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">Mobile BankID</mdui:DisplayName>
                <mdui:DisplayName xml:lang="sv">Mobilt BankID</mdui:DisplayName>
                <mdui:Description xml:lang="en">Swedish e-identification for authentication and signing using Mobile BankID</mdui:Description>
                <mdui:Description xml:lang="sv">Svensk e-legitimation fÃ¶r autentisering och signering med Mobilt BankID</mdui:Description>
                <mdui:InformationURL xml:lang="sv">https://www.visma.com</mdui:InformationURL>
                <mdui:PrivacyStatementURL xml:lang="sv">https://www.visma.com/privacy-statement</mdui:PrivacyStatementURL>
                <mdui:Logo height="160" width="160">https://idp.ciceron.cloud/media/ca_bankid.png</mdui:Logo>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor use="signing">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIDsjCCApqgAwIBAgIUM7VTDhGHIso4hZU3VszeGLp8keswDQYJKoZIhvcNAQELBQAwcTEgMB4GCSqGSIb3DQEJARYRY2ljZXJvbkB2aXNtYS5jb20xCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVWaXNtYTETMBEGA1UECwwKQ29uc3VsdGluZzEbMBkGA1UEAwwSdGlja2V0LXNlcnZlci10ZXN0MB4XDTIwMDYzMDEwMTk1NFoXDTMwMDYyODEwMTk1NFowcTEgMB4GCSqGSIb3DQEJARYRY2ljZXJvbkB2aXNtYS5jb20xCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVWaXNtYTETMBEGA1UECwwKQ29uc3VsdGluZzEbMBkGA1UEAwwSdGlja2V0LXNlcnZlci10ZXN0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyO/wUJmYlEeR0Mef+XRdviIfSOmdkIDsnCdzYLVWopctOrsi2oqQ5YrqCUcjcAjuPTToyzjXZp5/UfU+qe3/BulDV2u6Zvtkvix78Ep8qfxnLNVRM+Fsx55eJBp3V3bWp/hUhZ15flZa+80lvzNNVhft6bGlvw7Vo9/FDBDi8HL0g9koHG54WFqXHsU44J/1poiFsQMBwl/7TH2ewksWzR/nMR8zZLR5KO3Id4abUpzsi+aMrkDqgpChLeU/xYQoXBIaY8oU0SwMlIzFfEIZwFF6yO6FCRhTsR8fgk2Z+f4mxCT/RAOZYEm0wG9YNf40JJqyu/L5FP0cPm1lkyfSZwIDAQABo0IwQDAdBgNVHQ4EFgQUGh5YnMARRWf0Fe3dwWAOpP3iDGswHwYDVR0jBBgwFoAUGh5YnMARRWf0Fe3dwWAOpP3iDGswDQYJKoZIhvcNAQELBQADggEBADFlaCDYftu2UUdfijGtKYgPblemVV+ApXqkJhzNnB7qeGFfaXNTDjtHwymVbn5uFQ6Q9www53Ml7re473tr18Pk5BkRsoAV0jznGD95MItDcNrUzFEaH5E1aahkXy8xc4VKYUz0UFS3ViW8u/9gCX/Xt7luHmzyEqe2I74JOlxfztx9ACe2PyDJBMNKKD9nYUzUr4dy4/c14Q3LZ3nYCfbrYZKHhJMU0UluH39n1e/vzgmBykVrzOei9aZkR/DQ9T3NFbeD9qKBlD6GpRAadPHCFP/XdEsVU+wirgVV0xZR3VXm/UZzDZZfYYQ/ngXnGe6l+SF0TNUldVP72lky75o=</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="encryption">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIFujCCA6KgAwIBAgIUQ1j8+L0oovcq0XGGz8eZUnx9ungwDQYJKoZIhvcNAQELBQAwdTELMAkGA1UEBhMCU0UxDjAMBgNVBAoMBVZpc21hMRMwEQYDVQQLDApDb25zdWx0aW5nMR8wHQYDVQQDDBZ0aWNrZXQtc2VydmVyLXRlc3QtZW5jMSAwHgYJKoZIhvcNAQkBFhFjaWNlcm9uQHZpc21hLmNvbTAeFw0yMTA0MDkwODM0MDdaFw0zMTA0MDcwODM0MDdaMHUxCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVWaXNtYTETMBEGA1UECwwKQ29uc3VsdGluZzEfMB0GA1UEAwwWdGlja2V0LXNlcnZlci10ZXN0LWVuYzEgMB4GCSqGSIb3DQEJARYRY2ljZXJvbkB2aXNtYS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC9oAdSnZAGXNFWNlsyVSLGrDZrBMuHjxqUK5uRa/FWkHDr0UwC9XtcXwQIimDmfHFDsg2rAyuRQSf3eCPQNXSE7vifQQvnmvd56jnKS7fDcWBQxdit1d1p7kqase2PBpkGPyV6vM+a8bM5E/qmCjjhnqR4oNnU34HBnYmXWmyIuc+wFQ9HnkM+e+8Yyw+vLKL1cAdGDRXAFsoKKaRtAGA8d4S/HBSi93p0qccDZ49r2LT4ak6rvshms4pU/OcgwiZj0yscHPztrYxKAyQRtPP3ObMtQj37IHvWCXzqAfeTORAGwi+PXKYKDC2MbhrGJvBq5ZIU1M8ExwUu45VfznjONxMKgbAU9Qigz2MX56e2XkIILC0uqLeXV+bmfgNSuS4ib24J/O7GY83as0uHgx522HtbIg/e6Ojb+UC6BuuyVIF4d3LMl7q/5bwRSu6Y+GQ7XcoCoME1TsPI7LZXql1FPSWhGdV5bpv+jNP0Cj2/XmC9idiBlRKElfkXlUD0NDzbHZnMesBknceJt8xC4q4liRTdgdsWyqGyGhsNpdJI4nUvhW5JCwt8lyHjffKeXPCGP2WP/4EBk5gl2lHNI/gog0bvwMbJvsBtuzqdQwprfuasG1yrVJSCKnwl/HVeC4ZNsMEcezlpLVPX7MhBan0U9JtV1MDxdB9vmYuirYmrfwIDAQABo0IwQDAdBgNVHQ4EFgQUon9fldYH/kZFgonVnRS1fT8WQ4MwHwYDVR0jBBgwFoAUon9fldYH/kZFgonVnRS1fT8WQ4MwDQYJKoZIhvcNAQELBQADggIBADuF+kjDV/K42MOhUkXem6+X5V1u4LiMXvO1U/x1p3PNofeM7L+/5FSw0wh6245A+3zbe87vQ7DU1YlFnCFGliornPJd4yw1fW7kOqoJ5ycQqKl9GnmLeSyKvXHKZlcGCgVgY0+R7EkLDyS4he8VE17FYaPTscbIlSR1w/4KH14kaTwbh97vhUmkuNWh1MTQasyQRVqhrDCqt7alhYcWSrs+tUW6D7YVyzaUUUejzgm3sP8MENd0/Jtx78g+SBpQg1qZH73hCfV6AgK0LQBiy2S280qwL4eDyVPT48vxOmth5Ln4UeLLiZNndnK2Xeb4ESK8sho2oDYjjY7tilbflnbpSLgRobxhO8ib0gRAF6Jl6suBktpZUkae09obPx6wzMLPVDGL/hHi3lzPX0tcqqbj69h17Lc0SLErZvnRbw4w9UTvnCrgH4yXLHFj8VgK7EnA8ALg531kDwaTrLL4NIZE8vo7W8RgHoRnLlXT83AgK2wMh3JMrxDuu8v3VQMNpfQOvvUcHrkO8n0pqXiFx1NQqx7yr7ryQukYg8vNBXUlzy6JiJN2veR8k6I33IuIUO78SDxuxQObcY4WFF0/8BxWV72+rYTTMf+4isKUqaRitO0jUTcOIpiC3ulhP5JAUVu3Z95oLeQupYHc8PkvbvZBWkU4dOJbvERabE1qtJ7u</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-test.ciceron.cloud/single.logout.bankid-mobile"/>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-test.ciceron.cloud/single.logout.bankid-mobile"/>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-test.ciceron.cloud/authenticate.request.bankid-mobile"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-test.ciceron.cloud/authenticate.request.bankid-mobile"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="en">Visma</md:OrganizationName>
        <md:OrganizationName xml:lang="sv">Visma</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="en">Visma Federation Server</md:OrganizationDisplayName>
        <md:OrganizationDisplayName xml:lang="sv">Visma Federation Server</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="en">http://www.visma.com</md:OrganizationURL>
        <md:OrganizationURL xml:lang="sv">http://www.visma.com</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="support">
        <md:SurName>support</md:SurName>
        <md:EmailAddress>mailto:ciceron@visma.com</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="technical">
        <md:SurName>technical</md:SurName>
        <md:EmailAddress>mailto:ciceron@visma.com</md:EmailAddress>
    </md:ContactPerson>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

WARNING

EntityCategory-IdP

This Identity Provider does not have an EntityCategory value for LoA and attribute profile.
It is recommended that IdP's have at least one EntityCategory value that indicates supported attributes

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: Mobilt BankID*
-	*en: Mobile BankID*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: Svensk e-legitimation fÃ¶r autentisering och signering med Mobilt BankID*
-	*en: Swedish e-identification for authentication and signing using Mobile BankID*

MDUI-Logotype

Working logotypes present:

H:160

W:160

Type:PNG

MDUI-Logotype

All logotypes are OK but no vector graphic image of type SVG is present. Consider providing images in vector graphic for best UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value urn:visma:idp-test.ciceron.cloud:saml20.bankid-mobile is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Visma)

CONTACT-SUPP

Support contact e-mail (mailto:ciceron@visma.com) is present

CONTACT-TECH

Technical contact e-mail (mailto:ciceron@visma.com) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

Visma (urn:visma:idp-test.ciceron.cloud:saml20.bankid) (1)

Visma (urn:visma:idp-test.ciceron.cloud:saml20.bankid)

(1)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="urn:visma:idp-test.ciceron.cloud:saml20.bankid" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3</saml:AttributeValue>
            </saml:Attribute>
            <saml:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/sc/uncertified-loa3-pnr</saml:AttributeValue>
            </saml:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions>
            <psc:RequestedPrincipalSelection xmlns:psc="http://id.swedenconnect.se/authn/1.0/principal-selection/ns">
                <psc:MatchValue Name="urn:oid:1.2.752.29.4.13"/>
            </psc:RequestedPrincipalSelection>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">BankID</mdui:DisplayName>
                <mdui:DisplayName xml:lang="sv">BankID</mdui:DisplayName>
                <mdui:Description xml:lang="en">Swedish e-identification for authentication and signing using BankID</mdui:Description>
                <mdui:Description xml:lang="sv">Svensk e-legitimation fÃ¶r autentisering och signering med BankID</mdui:Description>
                <mdui:InformationURL xml:lang="sv">https://www.visma.com</mdui:InformationURL>
                <mdui:PrivacyStatementURL xml:lang="sv">https://www.visma.com/privacy-statement</mdui:PrivacyStatementURL>
                <mdui:Logo height="160" width="160">https://idp.ciceron.cloud/media/ca_bankid.png</mdui:Logo>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor use="signing">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIDsjCCApqgAwIBAgIUM7VTDhGHIso4hZU3VszeGLp8keswDQYJKoZIhvcNAQELBQAwcTEgMB4GCSqGSIb3DQEJARYRY2ljZXJvbkB2aXNtYS5jb20xCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVWaXNtYTETMBEGA1UECwwKQ29uc3VsdGluZzEbMBkGA1UEAwwSdGlja2V0LXNlcnZlci10ZXN0MB4XDTIwMDYzMDEwMTk1NFoXDTMwMDYyODEwMTk1NFowcTEgMB4GCSqGSIb3DQEJARYRY2ljZXJvbkB2aXNtYS5jb20xCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVWaXNtYTETMBEGA1UECwwKQ29uc3VsdGluZzEbMBkGA1UEAwwSdGlja2V0LXNlcnZlci10ZXN0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyO/wUJmYlEeR0Mef+XRdviIfSOmdkIDsnCdzYLVWopctOrsi2oqQ5YrqCUcjcAjuPTToyzjXZp5/UfU+qe3/BulDV2u6Zvtkvix78Ep8qfxnLNVRM+Fsx55eJBp3V3bWp/hUhZ15flZa+80lvzNNVhft6bGlvw7Vo9/FDBDi8HL0g9koHG54WFqXHsU44J/1poiFsQMBwl/7TH2ewksWzR/nMR8zZLR5KO3Id4abUpzsi+aMrkDqgpChLeU/xYQoXBIaY8oU0SwMlIzFfEIZwFF6yO6FCRhTsR8fgk2Z+f4mxCT/RAOZYEm0wG9YNf40JJqyu/L5FP0cPm1lkyfSZwIDAQABo0IwQDAdBgNVHQ4EFgQUGh5YnMARRWf0Fe3dwWAOpP3iDGswHwYDVR0jBBgwFoAUGh5YnMARRWf0Fe3dwWAOpP3iDGswDQYJKoZIhvcNAQELBQADggEBADFlaCDYftu2UUdfijGtKYgPblemVV+ApXqkJhzNnB7qeGFfaXNTDjtHwymVbn5uFQ6Q9www53Ml7re473tr18Pk5BkRsoAV0jznGD95MItDcNrUzFEaH5E1aahkXy8xc4VKYUz0UFS3ViW8u/9gCX/Xt7luHmzyEqe2I74JOlxfztx9ACe2PyDJBMNKKD9nYUzUr4dy4/c14Q3LZ3nYCfbrYZKHhJMU0UluH39n1e/vzgmBykVrzOei9aZkR/DQ9T3NFbeD9qKBlD6GpRAadPHCFP/XdEsVU+wirgVV0xZR3VXm/UZzDZZfYYQ/ngXnGe6l+SF0TNUldVP72lky75o=</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="encryption">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIFujCCA6KgAwIBAgIUQ1j8+L0oovcq0XGGz8eZUnx9ungwDQYJKoZIhvcNAQELBQAwdTELMAkGA1UEBhMCU0UxDjAMBgNVBAoMBVZpc21hMRMwEQYDVQQLDApDb25zdWx0aW5nMR8wHQYDVQQDDBZ0aWNrZXQtc2VydmVyLXRlc3QtZW5jMSAwHgYJKoZIhvcNAQkBFhFjaWNlcm9uQHZpc21hLmNvbTAeFw0yMTA0MDkwODM0MDdaFw0zMTA0MDcwODM0MDdaMHUxCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVWaXNtYTETMBEGA1UECwwKQ29uc3VsdGluZzEfMB0GA1UEAwwWdGlja2V0LXNlcnZlci10ZXN0LWVuYzEgMB4GCSqGSIb3DQEJARYRY2ljZXJvbkB2aXNtYS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC9oAdSnZAGXNFWNlsyVSLGrDZrBMuHjxqUK5uRa/FWkHDr0UwC9XtcXwQIimDmfHFDsg2rAyuRQSf3eCPQNXSE7vifQQvnmvd56jnKS7fDcWBQxdit1d1p7kqase2PBpkGPyV6vM+a8bM5E/qmCjjhnqR4oNnU34HBnYmXWmyIuc+wFQ9HnkM+e+8Yyw+vLKL1cAdGDRXAFsoKKaRtAGA8d4S/HBSi93p0qccDZ49r2LT4ak6rvshms4pU/OcgwiZj0yscHPztrYxKAyQRtPP3ObMtQj37IHvWCXzqAfeTORAGwi+PXKYKDC2MbhrGJvBq5ZIU1M8ExwUu45VfznjONxMKgbAU9Qigz2MX56e2XkIILC0uqLeXV+bmfgNSuS4ib24J/O7GY83as0uHgx522HtbIg/e6Ojb+UC6BuuyVIF4d3LMl7q/5bwRSu6Y+GQ7XcoCoME1TsPI7LZXql1FPSWhGdV5bpv+jNP0Cj2/XmC9idiBlRKElfkXlUD0NDzbHZnMesBknceJt8xC4q4liRTdgdsWyqGyGhsNpdJI4nUvhW5JCwt8lyHjffKeXPCGP2WP/4EBk5gl2lHNI/gog0bvwMbJvsBtuzqdQwprfuasG1yrVJSCKnwl/HVeC4ZNsMEcezlpLVPX7MhBan0U9JtV1MDxdB9vmYuirYmrfwIDAQABo0IwQDAdBgNVHQ4EFgQUon9fldYH/kZFgonVnRS1fT8WQ4MwHwYDVR0jBBgwFoAUon9fldYH/kZFgonVnRS1fT8WQ4MwDQYJKoZIhvcNAQELBQADggIBADuF+kjDV/K42MOhUkXem6+X5V1u4LiMXvO1U/x1p3PNofeM7L+/5FSw0wh6245A+3zbe87vQ7DU1YlFnCFGliornPJd4yw1fW7kOqoJ5ycQqKl9GnmLeSyKvXHKZlcGCgVgY0+R7EkLDyS4he8VE17FYaPTscbIlSR1w/4KH14kaTwbh97vhUmkuNWh1MTQasyQRVqhrDCqt7alhYcWSrs+tUW6D7YVyzaUUUejzgm3sP8MENd0/Jtx78g+SBpQg1qZH73hCfV6AgK0LQBiy2S280qwL4eDyVPT48vxOmth5Ln4UeLLiZNndnK2Xeb4ESK8sho2oDYjjY7tilbflnbpSLgRobxhO8ib0gRAF6Jl6suBktpZUkae09obPx6wzMLPVDGL/hHi3lzPX0tcqqbj69h17Lc0SLErZvnRbw4w9UTvnCrgH4yXLHFj8VgK7EnA8ALg531kDwaTrLL4NIZE8vo7W8RgHoRnLlXT83AgK2wMh3JMrxDuu8v3VQMNpfQOvvUcHrkO8n0pqXiFx1NQqx7yr7ryQukYg8vNBXUlzy6JiJN2veR8k6I33IuIUO78SDxuxQObcY4WFF0/8BxWV72+rYTTMf+4isKUqaRitO0jUTcOIpiC3ulhP5JAUVu3Z95oLeQupYHc8PkvbvZBWkU4dOJbvERabE1qtJ7u</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-test.ciceron.cloud/single.logout.bankid"/>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-test.ciceron.cloud/single.logout.bankid"/>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-test.ciceron.cloud/authenticate.request.bankid"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-test.ciceron.cloud/authenticate.request.bankid"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="en">Visma</md:OrganizationName>
        <md:OrganizationName xml:lang="sv">Visma</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="en">Visma Federation Server</md:OrganizationDisplayName>
        <md:OrganizationDisplayName xml:lang="sv">Visma Federation Server</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="en">http://www.visma.com</md:OrganizationURL>
        <md:OrganizationURL xml:lang="sv">http://www.visma.com</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="support">
        <md:SurName>support</md:SurName>
        <md:EmailAddress>mailto:ciceron@visma.com</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="technical">
        <md:SurName>technical</md:SurName>
        <md:EmailAddress>mailto:ciceron@visma.com</md:EmailAddress>
    </md:ContactPerson>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

WARNING

EntityCategory-IdP

This Identity Provider does not have an EntityCategory value for LoA and attribute profile.
It is recommended that IdP's have at least one EntityCategory value that indicates supported attributes

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: BankID*
-	*en: BankID*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: Svensk e-legitimation fÃ¶r autentisering och signering med BankID*
-	*en: Swedish e-identification for authentication and signing using BankID*

MDUI-Logotype

Working logotypes present:

H:160

W:160

Type:PNG

MDUI-Logotype

All logotypes are OK but no vector graphic image of type SVG is present. Consider providing images in vector graphic for best UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value urn:visma:idp-test.ciceron.cloud:saml20.bankid is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Visma)

CONTACT-SUPP

Support contact e-mail (mailto:ciceron@visma.com) is present

CONTACT-TECH

Technical contact e-mail (mailto:ciceron@visma.com) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

Visma (urn:visma:idp-test.ciceron.cloud:saml20.telia) (1)

Visma (urn:visma:idp-test.ciceron.cloud:saml20.telia)

(1)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="urn:visma:idp-test.ciceron.cloud:saml20.telia" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3</saml:AttributeValue>
            </saml:Attribute>
            <saml:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/sc/uncertified-loa3-pnr</saml:AttributeValue>
            </saml:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions>
            <psc:RequestedPrincipalSelection xmlns:psc="http://id.swedenconnect.se/authn/1.0/principal-selection/ns">
                <psc:MatchValue Name="urn:oid:1.2.752.29.4.13"/>
            </psc:RequestedPrincipalSelection>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">Telia</mdui:DisplayName>
                <mdui:DisplayName xml:lang="sv">Telia</mdui:DisplayName>
                <mdui:Description xml:lang="en">Swedish e-identification for authentication and signing using Telia</mdui:Description>
                <mdui:Description xml:lang="sv">Svensk e-legitimation för autentisering och signering med Telia</mdui:Description>
                <mdui:InformationURL xml:lang="sv">https://www.visma.com</mdui:InformationURL>
                <mdui:PrivacyStatementURL xml:lang="sv">https://www.visma.com/privacy-statement</mdui:PrivacyStatementURL>
                <mdui:Logo height="160" width="160">https://idp.ciceron.cloud/media/ca_telia.png</mdui:Logo>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor use="signing">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIDsjCCApqgAwIBAgIUM7VTDhGHIso4hZU3VszeGLp8keswDQYJKoZIhvcNAQELBQAwcTEgMB4GCSqGSIb3DQEJARYRY2ljZXJvbkB2aXNtYS5jb20xCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVWaXNtYTETMBEGA1UECwwKQ29uc3VsdGluZzEbMBkGA1UEAwwSdGlja2V0LXNlcnZlci10ZXN0MB4XDTIwMDYzMDEwMTk1NFoXDTMwMDYyODEwMTk1NFowcTEgMB4GCSqGSIb3DQEJARYRY2ljZXJvbkB2aXNtYS5jb20xCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVWaXNtYTETMBEGA1UECwwKQ29uc3VsdGluZzEbMBkGA1UEAwwSdGlja2V0LXNlcnZlci10ZXN0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyO/wUJmYlEeR0Mef+XRdviIfSOmdkIDsnCdzYLVWopctOrsi2oqQ5YrqCUcjcAjuPTToyzjXZp5/UfU+qe3/BulDV2u6Zvtkvix78Ep8qfxnLNVRM+Fsx55eJBp3V3bWp/hUhZ15flZa+80lvzNNVhft6bGlvw7Vo9/FDBDi8HL0g9koHG54WFqXHsU44J/1poiFsQMBwl/7TH2ewksWzR/nMR8zZLR5KO3Id4abUpzsi+aMrkDqgpChLeU/xYQoXBIaY8oU0SwMlIzFfEIZwFF6yO6FCRhTsR8fgk2Z+f4mxCT/RAOZYEm0wG9YNf40JJqyu/L5FP0cPm1lkyfSZwIDAQABo0IwQDAdBgNVHQ4EFgQUGh5YnMARRWf0Fe3dwWAOpP3iDGswHwYDVR0jBBgwFoAUGh5YnMARRWf0Fe3dwWAOpP3iDGswDQYJKoZIhvcNAQELBQADggEBADFlaCDYftu2UUdfijGtKYgPblemVV+ApXqkJhzNnB7qeGFfaXNTDjtHwymVbn5uFQ6Q9www53Ml7re473tr18Pk5BkRsoAV0jznGD95MItDcNrUzFEaH5E1aahkXy8xc4VKYUz0UFS3ViW8u/9gCX/Xt7luHmzyEqe2I74JOlxfztx9ACe2PyDJBMNKKD9nYUzUr4dy4/c14Q3LZ3nYCfbrYZKHhJMU0UluH39n1e/vzgmBykVrzOei9aZkR/DQ9T3NFbeD9qKBlD6GpRAadPHCFP/XdEsVU+wirgVV0xZR3VXm/UZzDZZfYYQ/ngXnGe6l+SF0TNUldVP72lky75o=</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="encryption">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIFujCCA6KgAwIBAgIUQ1j8+L0oovcq0XGGz8eZUnx9ungwDQYJKoZIhvcNAQELBQAwdTELMAkGA1UEBhMCU0UxDjAMBgNVBAoMBVZpc21hMRMwEQYDVQQLDApDb25zdWx0aW5nMR8wHQYDVQQDDBZ0aWNrZXQtc2VydmVyLXRlc3QtZW5jMSAwHgYJKoZIhvcNAQkBFhFjaWNlcm9uQHZpc21hLmNvbTAeFw0yMTA0MDkwODM0MDdaFw0zMTA0MDcwODM0MDdaMHUxCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVWaXNtYTETMBEGA1UECwwKQ29uc3VsdGluZzEfMB0GA1UEAwwWdGlja2V0LXNlcnZlci10ZXN0LWVuYzEgMB4GCSqGSIb3DQEJARYRY2ljZXJvbkB2aXNtYS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC9oAdSnZAGXNFWNlsyVSLGrDZrBMuHjxqUK5uRa/FWkHDr0UwC9XtcXwQIimDmfHFDsg2rAyuRQSf3eCPQNXSE7vifQQvnmvd56jnKS7fDcWBQxdit1d1p7kqase2PBpkGPyV6vM+a8bM5E/qmCjjhnqR4oNnU34HBnYmXWmyIuc+wFQ9HnkM+e+8Yyw+vLKL1cAdGDRXAFsoKKaRtAGA8d4S/HBSi93p0qccDZ49r2LT4ak6rvshms4pU/OcgwiZj0yscHPztrYxKAyQRtPP3ObMtQj37IHvWCXzqAfeTORAGwi+PXKYKDC2MbhrGJvBq5ZIU1M8ExwUu45VfznjONxMKgbAU9Qigz2MX56e2XkIILC0uqLeXV+bmfgNSuS4ib24J/O7GY83as0uHgx522HtbIg/e6Ojb+UC6BuuyVIF4d3LMl7q/5bwRSu6Y+GQ7XcoCoME1TsPI7LZXql1FPSWhGdV5bpv+jNP0Cj2/XmC9idiBlRKElfkXlUD0NDzbHZnMesBknceJt8xC4q4liRTdgdsWyqGyGhsNpdJI4nUvhW5JCwt8lyHjffKeXPCGP2WP/4EBk5gl2lHNI/gog0bvwMbJvsBtuzqdQwprfuasG1yrVJSCKnwl/HVeC4ZNsMEcezlpLVPX7MhBan0U9JtV1MDxdB9vmYuirYmrfwIDAQABo0IwQDAdBgNVHQ4EFgQUon9fldYH/kZFgonVnRS1fT8WQ4MwHwYDVR0jBBgwFoAUon9fldYH/kZFgonVnRS1fT8WQ4MwDQYJKoZIhvcNAQELBQADggIBADuF+kjDV/K42MOhUkXem6+X5V1u4LiMXvO1U/x1p3PNofeM7L+/5FSw0wh6245A+3zbe87vQ7DU1YlFnCFGliornPJd4yw1fW7kOqoJ5ycQqKl9GnmLeSyKvXHKZlcGCgVgY0+R7EkLDyS4he8VE17FYaPTscbIlSR1w/4KH14kaTwbh97vhUmkuNWh1MTQasyQRVqhrDCqt7alhYcWSrs+tUW6D7YVyzaUUUejzgm3sP8MENd0/Jtx78g+SBpQg1qZH73hCfV6AgK0LQBiy2S280qwL4eDyVPT48vxOmth5Ln4UeLLiZNndnK2Xeb4ESK8sho2oDYjjY7tilbflnbpSLgRobxhO8ib0gRAF6Jl6suBktpZUkae09obPx6wzMLPVDGL/hHi3lzPX0tcqqbj69h17Lc0SLErZvnRbw4w9UTvnCrgH4yXLHFj8VgK7EnA8ALg531kDwaTrLL4NIZE8vo7W8RgHoRnLlXT83AgK2wMh3JMrxDuu8v3VQMNpfQOvvUcHrkO8n0pqXiFx1NQqx7yr7ryQukYg8vNBXUlzy6JiJN2veR8k6I33IuIUO78SDxuxQObcY4WFF0/8BxWV72+rYTTMf+4isKUqaRitO0jUTcOIpiC3ulhP5JAUVu3Z95oLeQupYHc8PkvbvZBWkU4dOJbvERabE1qtJ7u</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-test.ciceron.cloud/single.logout.telia"/>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-test.ciceron.cloud/single.logout.telia"/>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-test.ciceron.cloud/authenticate.request.telia"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-test.ciceron.cloud/authenticate.request.telia"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="en">Visma</md:OrganizationName>
        <md:OrganizationName xml:lang="sv">Visma</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="en">Visma Ticket Server</md:OrganizationDisplayName>
        <md:OrganizationDisplayName xml:lang="sv">Visma Ticket Server</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="en">http://www.visma.com</md:OrganizationURL>
        <md:OrganizationURL xml:lang="sv">http://www.visma.com</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="support">
        <md:SurName>support</md:SurName>
        <md:EmailAddress>mailto:ciceron@visma.com</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="technical">
        <md:SurName>technical</md:SurName>
        <md:EmailAddress>mailto:ciceron@visma.com</md:EmailAddress>
    </md:ContactPerson>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

WARNING

EntityCategory-IdP

This Identity Provider does not have an EntityCategory value for LoA and attribute profile.
It is recommended that IdP's have at least one EntityCategory value that indicates supported attributes

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: Telia*
-	*en: Telia*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: Svensk e-legitimation för autentisering och signering med Telia*
-	*en: Swedish e-identification for authentication and signing using Telia*

MDUI-Logotype

Working logotypes present:

H:160

W:160

Type:PNG

MDUI-Logotype

All logotypes are OK but no vector graphic image of type SVG is present. Consider providing images in vector graphic for best UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value urn:visma:idp-test.ciceron.cloud:saml20.telia is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Visma)

CONTACT-SUPP

Support contact e-mail (mailto:ciceron@visma.com) is present

CONTACT-TECH

Technical contact e-mail (mailto:ciceron@visma.com) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

Visma (urn:visma:idp-test.ciceron.cloud:saml20) (2)

Visma (urn:visma:idp-test.ciceron.cloud:saml20)

(2)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="urn:visma:idp-test.ciceron.cloud:saml20" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-eidas-low</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-eidas-sub</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-eidas-high</saml:AttributeValue>
            </saml:Attribute>
            <saml:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/sc/uncertified-loa3-pnr</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/general-ec/1.0/secure-authenticator-binding</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/ec/1.0/eidas-naturalperson</saml:AttributeValue>
            </saml:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions>
            <psc:RequestedPrincipalSelection xmlns:psc="http://id.swedenconnect.se/authn/1.0/principal-selection/ns">
                <psc:MatchValue Name="urn:oid:1.2.752.201.3.4"/>
                <psc:MatchValue Name="urn:oid:1.2.752.201.3.7"/>
                <psc:MatchValue Name="urn:oid:1.2.752.29.4.13"/>
            </psc:RequestedPrincipalSelection>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">Visma IdP</mdui:DisplayName>
                <mdui:DisplayName xml:lang="sv">Visma IdP</mdui:DisplayName>
                <mdui:Description xml:lang="en">Visma Identity Provider for authentication and signing</mdui:Description>
                <mdui:Description xml:lang="sv">Visma Federationstjänst för autentisering och signering</mdui:Description>
                <mdui:InformationURL xml:lang="sv">https://www.visma.com</mdui:InformationURL>
                <mdui:PrivacyStatementURL xml:lang="sv">https://www.visma.com/privacy-statement</mdui:PrivacyStatementURL>
                <mdui:Logo height="19" width="97">https://www.visma.com/style/images/logo.png</mdui:Logo>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor use="signing">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIDsjCCApqgAwIBAgIUM7VTDhGHIso4hZU3VszeGLp8keswDQYJKoZIhvcNAQELBQAwcTEgMB4GCSqGSIb3DQEJARYRY2ljZXJvbkB2aXNtYS5jb20xCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVWaXNtYTETMBEGA1UECwwKQ29uc3VsdGluZzEbMBkGA1UEAwwSdGlja2V0LXNlcnZlci10ZXN0MB4XDTIwMDYzMDEwMTk1NFoXDTMwMDYyODEwMTk1NFowcTEgMB4GCSqGSIb3DQEJARYRY2ljZXJvbkB2aXNtYS5jb20xCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVWaXNtYTETMBEGA1UECwwKQ29uc3VsdGluZzEbMBkGA1UEAwwSdGlja2V0LXNlcnZlci10ZXN0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyO/wUJmYlEeR0Mef+XRdviIfSOmdkIDsnCdzYLVWopctOrsi2oqQ5YrqCUcjcAjuPTToyzjXZp5/UfU+qe3/BulDV2u6Zvtkvix78Ep8qfxnLNVRM+Fsx55eJBp3V3bWp/hUhZ15flZa+80lvzNNVhft6bGlvw7Vo9/FDBDi8HL0g9koHG54WFqXHsU44J/1poiFsQMBwl/7TH2ewksWzR/nMR8zZLR5KO3Id4abUpzsi+aMrkDqgpChLeU/xYQoXBIaY8oU0SwMlIzFfEIZwFF6yO6FCRhTsR8fgk2Z+f4mxCT/RAOZYEm0wG9YNf40JJqyu/L5FP0cPm1lkyfSZwIDAQABo0IwQDAdBgNVHQ4EFgQUGh5YnMARRWf0Fe3dwWAOpP3iDGswHwYDVR0jBBgwFoAUGh5YnMARRWf0Fe3dwWAOpP3iDGswDQYJKoZIhvcNAQELBQADggEBADFlaCDYftu2UUdfijGtKYgPblemVV+ApXqkJhzNnB7qeGFfaXNTDjtHwymVbn5uFQ6Q9www53Ml7re473tr18Pk5BkRsoAV0jznGD95MItDcNrUzFEaH5E1aahkXy8xc4VKYUz0UFS3ViW8u/9gCX/Xt7luHmzyEqe2I74JOlxfztx9ACe2PyDJBMNKKD9nYUzUr4dy4/c14Q3LZ3nYCfbrYZKHhJMU0UluH39n1e/vzgmBykVrzOei9aZkR/DQ9T3NFbeD9qKBlD6GpRAadPHCFP/XdEsVU+wirgVV0xZR3VXm/UZzDZZfYYQ/ngXnGe6l+SF0TNUldVP72lky75o=</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="encryption">
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIFujCCA6KgAwIBAgIUQ1j8+L0oovcq0XGGz8eZUnx9ungwDQYJKoZIhvcNAQELBQAwdTELMAkGA1UEBhMCU0UxDjAMBgNVBAoMBVZpc21hMRMwEQYDVQQLDApDb25zdWx0aW5nMR8wHQYDVQQDDBZ0aWNrZXQtc2VydmVyLXRlc3QtZW5jMSAwHgYJKoZIhvcNAQkBFhFjaWNlcm9uQHZpc21hLmNvbTAeFw0yMTA0MDkwODM0MDdaFw0zMTA0MDcwODM0MDdaMHUxCzAJBgNVBAYTAlNFMQ4wDAYDVQQKDAVWaXNtYTETMBEGA1UECwwKQ29uc3VsdGluZzEfMB0GA1UEAwwWdGlja2V0LXNlcnZlci10ZXN0LWVuYzEgMB4GCSqGSIb3DQEJARYRY2ljZXJvbkB2aXNtYS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC9oAdSnZAGXNFWNlsyVSLGrDZrBMuHjxqUK5uRa/FWkHDr0UwC9XtcXwQIimDmfHFDsg2rAyuRQSf3eCPQNXSE7vifQQvnmvd56jnKS7fDcWBQxdit1d1p7kqase2PBpkGPyV6vM+a8bM5E/qmCjjhnqR4oNnU34HBnYmXWmyIuc+wFQ9HnkM+e+8Yyw+vLKL1cAdGDRXAFsoKKaRtAGA8d4S/HBSi93p0qccDZ49r2LT4ak6rvshms4pU/OcgwiZj0yscHPztrYxKAyQRtPP3ObMtQj37IHvWCXzqAfeTORAGwi+PXKYKDC2MbhrGJvBq5ZIU1M8ExwUu45VfznjONxMKgbAU9Qigz2MX56e2XkIILC0uqLeXV+bmfgNSuS4ib24J/O7GY83as0uHgx522HtbIg/e6Ojb+UC6BuuyVIF4d3LMl7q/5bwRSu6Y+GQ7XcoCoME1TsPI7LZXql1FPSWhGdV5bpv+jNP0Cj2/XmC9idiBlRKElfkXlUD0NDzbHZnMesBknceJt8xC4q4liRTdgdsWyqGyGhsNpdJI4nUvhW5JCwt8lyHjffKeXPCGP2WP/4EBk5gl2lHNI/gog0bvwMbJvsBtuzqdQwprfuasG1yrVJSCKnwl/HVeC4ZNsMEcezlpLVPX7MhBan0U9JtV1MDxdB9vmYuirYmrfwIDAQABo0IwQDAdBgNVHQ4EFgQUon9fldYH/kZFgonVnRS1fT8WQ4MwHwYDVR0jBBgwFoAUon9fldYH/kZFgonVnRS1fT8WQ4MwDQYJKoZIhvcNAQELBQADggIBADuF+kjDV/K42MOhUkXem6+X5V1u4LiMXvO1U/x1p3PNofeM7L+/5FSw0wh6245A+3zbe87vQ7DU1YlFnCFGliornPJd4yw1fW7kOqoJ5ycQqKl9GnmLeSyKvXHKZlcGCgVgY0+R7EkLDyS4he8VE17FYaPTscbIlSR1w/4KH14kaTwbh97vhUmkuNWh1MTQasyQRVqhrDCqt7alhYcWSrs+tUW6D7YVyzaUUUejzgm3sP8MENd0/Jtx78g+SBpQg1qZH73hCfV6AgK0LQBiy2S280qwL4eDyVPT48vxOmth5Ln4UeLLiZNndnK2Xeb4ESK8sho2oDYjjY7tilbflnbpSLgRobxhO8ib0gRAF6Jl6suBktpZUkae09obPx6wzMLPVDGL/hHi3lzPX0tcqqbj69h17Lc0SLErZvnRbw4w9UTvnCrgH4yXLHFj8VgK7EnA8ALg531kDwaTrLL4NIZE8vo7W8RgHoRnLlXT83AgK2wMh3JMrxDuu8v3VQMNpfQOvvUcHrkO8n0pqXiFx1NQqx7yr7ryQukYg8vNBXUlzy6JiJN2veR8k6I33IuIUO78SDxuxQObcY4WFF0/8BxWV72+rYTTMf+4isKUqaRitO0jUTcOIpiC3ulhP5JAUVu3Z95oLeQupYHc8PkvbvZBWkU4dOJbvERabE1qtJ7u</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-test.ciceron.cloud/single.logout"/>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-test.ciceron.cloud/single.logout"/>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-test.ciceron.cloud/authenticate.request"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-test.ciceron.cloud/authenticate.request"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="en">Visma</md:OrganizationName>
        <md:OrganizationName xml:lang="sv">Visma</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="en">Visma Ticket Server - DIGG Test</md:OrganizationDisplayName>
        <md:OrganizationDisplayName xml:lang="sv">Visma Ticket Server - DIGG Test</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="en">http://www.visma.com</md:OrganizationURL>
        <md:OrganizationURL xml:lang="sv">http://www.visma.com</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="support">
        <md:SurName>support</md:SurName>
        <md:EmailAddress>mailto:ciceron@visma.com</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="technical">
        <md:SurName>technical</md:SurName>
        <md:EmailAddress>mailto:ciceron@visma.com</md:EmailAddress>
    </md:ContactPerson>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

Certificates

This service has a key for signing and a key for encryption using separate certificates in metadata

EntityCategory-IdP

This Identity Provider has the following EntityCategory values for LoA and attribute profile:

-	*http://id.elegnamnden.se/ec/1.0/eidas-naturalperson*

ERROR

EntityCategory-Consistency

The present EntityCategory value "http://id.elegnamnden.se/ec/1.0/eidas-naturalperson" is not supported by a compatible LoA. One of the following LoAs must be supported:

-	*http://id.elegnamnden.se/loa/1.0/eidas-low*
-	*http://id.elegnamnden.se/loa/1.0/eidas-sub*
-	*http://id.elegnamnden.se/loa/1.0/eidas-high*
-	*http://id.elegnamnden.se/loa/1.0/eidas-nf-low*
-	*http://id.elegnamnden.se/loa/1.0/eidas-nf-sub*
-	*http://id.elegnamnden.se/loa/1.0/eidas-nf-high*

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: Visma IdP*
-	*en: Visma IdP*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: Visma Federationstjänst för autentisering och signering*
-	*en: Visma Identity Provider for authentication and signing*

MDUI-Logotype

Working logotypes present:

H:19

W:97

Type:PNG

MDUI-Logotype

All logotypes are OK but no vector graphic image of type SVG is present. Consider providing images in vector graphic for best UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

- http://id.swedenconnect.se/loa/1.0/uncertified-eidas-low

- http://id.swedenconnect.se/loa/1.0/uncertified-eidas-sub

- http://id.swedenconnect.se/loa/1.0/uncertified-eidas-high

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value urn:visma:idp-test.ciceron.cloud:saml20 is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Visma)

CONTACT-SUPP

Support contact e-mail (mailto:ciceron@visma.com) is present

CONTACT-TECH

Technical contact e-mail (mailto:ciceron@visma.com) is present

ERROR

EIDAS-Connector

This eIDAS Connector does not support any SE eIDAS assurance levels

Visma (urn:visma:idp-utv.ciceron.cloud:saml20.bankid-customer) (2)

Visma (urn:visma:idp-utv.ciceron.cloud:saml20.bankid-customer)

(2)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="urn:visma:idp-utv.ciceron.cloud:saml20.bankid-customer" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3</saml:AttributeValue>
            </saml:Attribute>
            <saml:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/sc/uncertified-loa3-pnr</saml:AttributeValue>
            </saml:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">BankID</mdui:DisplayName>
                <mdui:DisplayName xml:lang="sv">BankID</mdui:DisplayName>
                <mdui:Description xml:lang="en">Swedish e-identification for authentication and signing using BankID</mdui:Description>
                <mdui:Description xml:lang="sv">Svensk e-legitimation för autentisering och signering med BankID</mdui:Description>
                <mdui:InformationURL xml:lang="sv">http://www.visma.com</mdui:InformationURL>
                <mdui:PrivacyStatementURL xml:lang="sv">http://www.visma.com/privacy-statement</mdui:PrivacyStatementURL>
                <mdui:Logo height="160" width="160">https://idp.ciceron.cloud/media/ca_bankid.png</mdui:Logo>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIDXjCCAkYCCQCHiKACz5NJPTANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJTRTEOMAwGA1UECgwFVmlzbWExEzARBgNVBAsMCkNvbnN1bHRpbmcxGzAZBgNVBAMMEnRpY2tldC1zZXJ2ZXItdGVzdDEgMB4GCSqGSIb3DQEJARYRY2ljZXJvbkB2aXNtYS5jb20wHhcNMTUwMjA5MDkyNDMxWhcNMjUwMjA2MDkyNDMxWjBxMQswCQYDVQQGEwJTRTEOMAwGA1UECgwFVmlzbWExEzARBgNVBAsMCkNvbnN1bHRpbmcxGzAZBgNVBAMMEnRpY2tldC1zZXJ2ZXItdGVzdDEgMB4GCSqGSIb3DQEJARYRY2ljZXJvbkB2aXNtYS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuWktafleN0P63DYefjInOGrzePfeSSFZfd17rPjdLsd63Cm3Sx6frZMNh0VL8684C2nBy9JK1uZbckUV7dWFFzcG7RobaGCdeS6DwIBHAm0Z4Kg3Eex18bk7VMIXl80BUlPvMS8lGC0z8V5wUxvR/o+mt8h2MP+SNVTvMwz/KFyo5HkpRyFH1M+PNJKWsS4Vk5pscPLXKzASirLQ1iWMXgbSu0iPeV8/Iz+KnGwv9VQk84mDQ1I7EuRUHTrZ3zcurZ+1DV2wxKh85J88ewMtcItL6jphjv9RgCPmAyqs05Ow0CVwrkXCkP8u7dqX1P3yMN8oWHWQP1kuCnLp5E9FFAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBADlINW5OcMpxhzrxFvOOlzTPPAfGUfihNlyvpg9Y9xrtMJylMtThL63tX/LoeUIWsy0wYlbsuL+x5mNa/N/M3bpsVYka3jRQamB3g2+etXP0fnvKIdn6ecAcSkmjzTCX9yhflwTmeryas4GO7NG66o42AVk34X85jmN9uLOYzI0pRwT3j5XEv7jP8ffCef2FrHvR0HHp1kCSNl/slVANlaLbAy3XzTZwz0FPKqMUBZgaKGSAHXA0blaX+zW3XcZ0Y6jH625dFWOWogaBEQWIujf1EZl2JDu7WPfPELgG2ixmitIGl0n/wbUZR2WwEhggLqsXWBRxADb5w/LKRI3xaQU=</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://WWSI000304.internal.visma.com:12001/single.logout.bankid-customer"/>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://WWSI000304.internal.visma.com:12001/single.logout.bankid-customer"/>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</md:NameIDFormat>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://WWSI000304.internal.visma.com:12001/authenticate.request.bankid-customer"/>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://WWSI000304.internal.visma.com:12001/authenticate.request.bankid-customer"/>
    </md:IDPSSODescriptor>
    <md:Organization>
        <md:OrganizationName xml:lang="en">Visma</md:OrganizationName>
        <md:OrganizationName xml:lang="sv">Visma</md:OrganizationName>
        <md:OrganizationDisplayName xml:lang="en">Visma</md:OrganizationDisplayName>
        <md:OrganizationDisplayName xml:lang="sv">Visma</md:OrganizationDisplayName>
        <md:OrganizationURL xml:lang="en">http://www.visma.com</md:OrganizationURL>
        <md:OrganizationURL xml:lang="sv">http://www.visma.com</md:OrganizationURL>
    </md:Organization>
    <md:ContactPerson contactType="support">
        <md:SurName>support</md:SurName>
        <md:EmailAddress>mailto:ciceron@visma.com</md:EmailAddress>
    </md:ContactPerson>
    <md:ContactPerson contactType="technical">
        <md:SurName>technical</md:SurName>
        <md:EmailAddress>mailto:ciceron@visma.com</md:EmailAddress>
    </md:ContactPerson>
</md:EntityDescriptor>

Test Results Results from defined test cases

Test Results

Status

Test

Message

SCHEMA

Entity Descriptor pass basic XML schema validation

Roles

This service is declared as an identity provider and has no other conflicting roles

WARNING

Certificates

This service share the same certificate for signing and encryption

WARNING

EntityCategory-IdP

This Identity Provider does not have an EntityCategory value for LoA and attribute profile.
It is recommended that IdP's have at least one EntityCategory value that indicates supported attributes

MDUI

mdui:UIInfo element is present

MDUI-DisplayName

Display text in Swedish and English present in mdui:

-	*sv: BankID*
-	*en: BankID*

MDUI-Description

Description in Swedish and English present in mdui:

-	*sv: Svensk e-legitimation för autentisering och signering med BankID*
-	*en: Swedish e-identification for authentication and signing using BankID*

MDUI-Logotype

Working logotypes present:

H:160

W:160

Type:PNG

MDUI-Logotype

All logotypes are OK but no vector graphic image of type SVG is present. Consider providing images in vector graphic for best UI experience.

LOA

IdP declares compliance with the following Levels of Assurance:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

LOA-SE-eID

IdP declares compliance with the following Swedish eID LoA levels:

- http://id.swedenconnect.se/loa/1.0/uncertified-loa3

NameID-IdP

NameID support contains the required NameID:s

-	*urn:oasis:names:tc:SAML:2.0:nameid-format:persistent*
-	*urn:oasis:names:tc:SAML:2.0:nameid-format:transient*

EntityID-URI

The EntityID value urn:visma:idp-utv.ciceron.cloud:saml20.bankid-customer is a valid URI

ORG

OrganizationName element is present

ORG-SWE

OrganizationName element has a value in Swedish (Visma)

CONTACT-SUPP

Support contact e-mail (mailto:ciceron@visma.com) is present

CONTACT-TECH

Technical contact e-mail (mailto:ciceron@visma.com) is present

EIDAS-IdP

Note: This IdP is not configured as eIDAS Connector or as national IdP supporting eIDAS. No further eIDAS checks

Visma (urn:visma:idp-utv.ciceron.cloud:saml20.bankid-mobile-customer) (2)

Visma (urn:visma:idp-utv.ciceron.cloud:saml20.bankid-mobile-customer)

(2)

Metadata Metadata XML for this entity

Metadata

<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor entityID="urn:visma:idp-utv.ciceron.cloud:saml20.bankid-mobile-customer" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
    <md:Extensions>
        <mdattr:EntityAttributes xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
            <saml:Attribute Name="urn:oasis:names:tc:SAML:attribute:assurance-certification" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/loa/1.0/uncertified-loa3</saml:AttributeValue>
            </saml:Attribute>
            <saml:Attribute Name="http://macedir.org/entity-category" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/ec/sc/uncertified-loa3-pnr</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.elegnamnden.se/sprop/1.0/mobile-auth</saml:AttributeValue>
                <saml:AttributeValue xsi:type="xs:string" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">http://id.swedenconnect.se/general-ec/1.0/secure-authenticator-binding</saml:AttributeValue>
            </saml:Attribute>
        </mdattr:EntityAttributes>
    </md:Extensions>
    <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        <md:Extensions>
            <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
                <mdui:DisplayName xml:lang="en">Mobile BankID</mdui:DisplayName>
                <mdui:DisplayName xml:lang="sv">Mobilt BankID</mdui:DisplayName>
                <mdui:Description xml:lang="en">Swedish e-identification for authentication and signing using Mobile BankID</mdui:Description>
                <mdui:Description xml:lang="sv">Svensk e-legitimation för autentisering och signering med Mobilt BankID</mdui:Description>
                <mdui:InformationURL xml:lang="sv">http://www.visma.com</mdui:InformationURL>
                <mdui:PrivacyStatementURL xml:lang="sv">http://www.visma.com/privacy-statement</mdui:PrivacyStatementURL>
                <mdui:Logo height="160" width="160">https://idp.ciceron.cloud/media/ca_bankid.png</mdui:Logo>
            </mdui:UIInfo>
        </md:Extensions>
        <md:KeyDescriptor>
            <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                <ds:X509Data>
                    <ds:X509Certificate>MIIDXjCCAkYCCQCHiKACz5NJPTANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJTRTEOMAwGA1UECgwFVmlzbWExEzARBgNVBAsMCkNvbnN1bHRpbmcxGzAZBgNVBAMMEnRpY2tldC1zZXJ2ZXItdGVzdDEgMB4GCSqGSIb3DQEJARYRY2ljZXJvbkB2aXNtYS5jb20wHhcNMTUwMjA5MDkyNDMxWhcNMjUwMjA2MDkyNDMxWjBxMQswCQYDVQQGEwJTRTEOMAwGA1UECgwFVmlzbWExEzARBgNVBAsMCkNvbnN1bHRpbmcxGzAZBgNVBAMMEnRpY2tldC1zZXJ2ZXItdGVzdDEgMB4GCSqGSIb3DQEJARYRY2ljZXJvbkB2aXNtYS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuWktafleN0P63DYefjInOGrzePfeSSFZfd17rPjdLsd63Cm3Sx6frZMNh0VL8684C2nBy9JK1uZbckUV7dWFFzcG7RobaGCdeS6DwIBHAm0Z4Kg3Eex18bk7VMIXl80BUlPvMS8lGC0z8V5wUxvR/o+mt8h2MP+SNVTvMwz/KFyo5HkpRyFH1M+PNJKWsS4Vk5pscPLXKzASirLQ1iWMXgbSu0iPeV8/Iz+KnGwv9VQk84mDQ1I7EuRUHTrZ3zcurZ+1DV2wxKh85J88ewMtcItL6jphjv9RgCPmAyqs05Ow0CVwrkXCkP8u7dqX1P3yMN8oWHWQP1kuCnLp5E9FFAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBADlINW5OcMpxhzrxFvOOlzTPPAfGUfihNlyvpg9Y9xrtMJylMtThL63tX/LoeUIWsy0wYlbsuL+x5mNa/N/M3bpsVYka3jRQamB3g2+etXP0fnvKIdn6ecAcSkmjzTCX9yhflwTmeryas4GO7NG66o42AVk34X85jmN9uLOYzI0pRwT3j5XEv7jP8ffCef2FrHvR0HHp1kCSNl/slVANlaLbAy3XzTZwz0FPKqMUBZgaKGSAHXA0blaX+zW3XcZ0Y6jH625dFWOWogaBEQWIujf1EZl2JDu7WPfPELgG2ixmitIGl0n/wbUZR2WwEhggLqsXWBRxADb5w/LKRI3xaQU=</ds: