NemLog In3 Overview - kmd-identity/documentation GitHub Wiki

KMD Identity is an NSIS certified Identity Broker on level Substantial

Since introduction of NSIS (National Standard for Identity Assurance Levels) and MitID, it is required to use certified brokers in a process of authenticating users using MitID. According to regulations only certified brokers can join MitID's common identity core. Therefore, service providers must be connected via broker before they can offer login with MitID to their users. The broker is responsible for the technical integration to the core (or other certified broker) by issuing its own authentication ticket to the service provider in e.g. SAML format.

KMD Identity is using NemLog-In3 as a certified MitID broker to enable MitID authentication for end-customers. Detailed authentication flows supported by KMD Identity are derived directly from Identity Broker (NemLog-In3) and includes Access with authentication, Access with single sign-on, Single Log-Out. Diagrams for the flows can be found in “NemLog-In Test and Documentation page” specifically in section OIOSAML3. KMD Identity is using single integration point for public customers and separate integration point for private customers. Any behavior (including the NSIS levels and full authentication flow) remains unchanged.