Sweden Connect Specifications

December 2024

Copyright © The Swedish Agency for Digital Government (Digg), 2015-2024. All Rights Reserved.

This is the December 2024 version of the Sweden Connect Framework. It replaces the previous November 2021 release as the official version for the Sweden Connect Framework.

Changes since last version

Below follows a listing of all significant changes since the November 2021 release of the Sweden Connect Framework.

• The OpenID Connect specifications OpenID Connect Profile for Sweden Connect and OpenID Connect Claims and Scopes Specification for Sweden Connect were introduced. Future versions of the Sweden Connect Framework will include more OpenID Connect support. The two specifications added to this version is intended to serve as support for early adopters of the OpenID Connect technology within the Sweden Connect federation.
• The specification User Message Extension in SAML Authentication Requests was added. This specification introduces a SAML Authentication Request extension for Service Providers wishing to pass a custom "authentication message" for the Identity Provider to display for the user during the authentication.
• The document Binding eIDAS Identities to Records in the Swedish Population Register was introduced to describe the process of eIDAS Identity Binding.
• Section 3.3.2 of Attribute Specification for the Swedish eID Framework was updated with extended descriptions of how the mappedPersonalIdentityNumber and personalIdentityNumberBinding attributes should be consumed when eIDAS Identity Binding has been applied.
• The BankID Profile for the Swedish eID Framework was updated to reflect the latest changes in the BankID API:s.
• New Sign Response status codes were defined in section 2.2.2 of Implementation Profile for using DSS in Central Signing Services.
• In section 3.1, of DSS Extension for Federated Signing Services, the requirements for NotBefore and NotOnOrAfter to be present under the saml:Conditions element was removed. The reason for this is that it will always be the SignService itself that determines whether a message has expired or not.

Each document also contains a "Changes between versions" section where you can see what has been updated for that particular specification.

For a detailed list of changes you can view all changes in GitHub using this link: https://github.com/swedenconnect/technical-framework/compare.

Introduction

Overview that describes the different parts of the Sweden Connect Framework.

En introduktion till Sweden Connect Tekniskt ramverk - In Swedish

Introduction to the Sweden Connect Technical Framework - In English

Specifications

• Sweden Connect - Registry for Identifiers - version 1.8
• Deployment Profile for the Swedish eID Framework - version 1.8
• OpenID Connect Profile for Sweden Connect - version 1.0
• Attribute Specification for the Swedish eID Framework - version 1.8
• OpenID Connect Claims and Scopes Specification for Sweden Connect - version 1.0
• Entity Categories for the Swedish eID Framework - version 1.9
• eIDAS Constructed Attributes Specification for the Swedish eID Framework - version 1.2
• Principal Selection in SAML Authentication Requests - version 1.0
• User Message Extension in SAML Authentication Requests - version 1.0
• BankID Profile for the Swedish eID Framework - version 1.4
• Implementation Profile for using DSS in Central Signing Services - version 1.6
• Certificate Profile for Central Signing Services - version 1.2
• DSS Extension for Federated Signing Services - version 1.5
• Signature Activation Protocol - version 1.2

All specifications are also available in Markdown format on GitHub - https://github.com/swedenconnect/technical-framework. Here you can follow the further development of the Sweden Connect Framework.