By Mikkel Hald, 06/02/25
Denmark's Agency for Digital Government has just published version 4 of OIOSAML, the Agency's technical standard for cross-organisational login within Denmark's public sector. OIOSAML is, for instance, the way online services communicate with NemLog-in and thus indirectly with MitID.
Work on the new version of the standard was initiated precisely to prepare Danish services to receive authentications also from “MitIDs” of other EU member states through an integration to NemLog-in – an option the Agency for Digital Government is expected to launch quite soon. Service providers connected to NemLog-in through WAYF will, of course, receive this option.
In November of 2024, the Agency for Digital Government circulated OIOSAML 4 for consultation among a number of stakeholders, including WAYF. The Agency has now published the Consultation Note and is seen there to have made a number of modifications to the specification based on WAYF's comments. A fundamental one relates to the way a service can request specific user profiles being released from a login system. Here, the Agency in the end has adopted a solution closer to the EU standard and at the same time better in line with the foundational SAML documents.