By Mikkel Hald, 06/02/25
Denmark's Agency for Digital Government has just published version 4 of OIOSAML, the Agency's technical standard for cross-organisational login within Denmark's public sector. OIOSAML is, for instance, the way online services communicate with NemLog-in and thus indirectly with MitID.
Work on the new version of the standard was initiated precisely to prepare services integrated with NemLog-in to soon also receive, through that integration, authentications from “NemLog-ins” of other EU member states – an option the Agency for Digital Government is expected to launch quite soon. Service providers connected to NemLog-in through WAYF will, of course, receive this option.
In November of 2024, the Agency for Digital Government circulated OIOSAML 4 for consultation among a number of stakeholders, including WAYF. The Agency has now published the Consultation Note and is seen there to have made a number of modifications to the specification based on WAYF's comments. A fundamental one relates to the way a service can request specific user profiles being released from a login system. Here, the Agency in the end has adopted a solution closer to the EU standard and at the same time better in line with the foundational SAML documents.