When logging in to Priima, it is possible to introduce strong authentication with a mobile ID or personal online banking IDs.
The customer and Discendum agree on the matter, after which Discendum switches the function to that Priima environment. The strong authentication function appears in the Administration / Environment / Environment settings view, after which the customer can activate the function at a suitable time and select the mode of use in which each new or existing user must log in in the future:
- once through strong identification
- each time through strong identification
- It is also possible to create a registration and login page that allows the user to create a Priima account for themselves so that it is always authenticated with strong authentication. Such a user must always log in to Priima through this particular page, i.e. user will not at any point switch to using the organisation’s regular login page.
The strong authentication function will not be visible to the administrator unless the Customer and Discendum have separately agreed to implement this function.
Customers who have strong authentication enabled through the registration pages can hide the username and password fields on the login page. This simplifies the structure of the login page, for example in cases where all users log into the environment strongly. In this case, local IDs do not need to be displayed on the home page. However, instead of the login fields, the “Show local login” link remains visible, through which, for example, administrators of the environment can access the environment with manual credentials.
When strong authentication is enabled in the environment, users are redirected to the authentication service page after normal login, where they choose to authenticate with either a mobile ID or personal online banking IDs. (Without strong authentication, it is not possible to enter the environment after this.) Once authenticated, the user will be able to enter the environment and continue there as usual. With strong authentication, there is no need to ask the user to register any information, as his / her name and personal identity information will be transferred to Prima in connection with strong authentication. For this reason, the Personal ID field in the Administration > Environment Settings view must first be enabled in Priima. This strong authentication will ask for an email address, but it is not a required field. For the registration form, other user information can also be selected for the user to fill in, which allows him or her to be directed to a certain dynamic group, for example, and to obtain memberships in the desired courses automatically. A list of courses for which the user can register directly can also be attached to the registration form. In this case, the registrations and registrations logged are displayed in aggregate in the Registration Statistics report (Reports > Registration Statistics).
Priima saves the name information used for identification and updates it on the user card over the previous information. If a personal identity code is used in the Priima environment, then the it is also stored during the strong authentication. Administrators will see on the user card when the login is done using strong authentication. Priima saves the name information used for identification and updates it on the user card over the previous information. If a personal identity code is used in the Priima environment, then it is also stored during strong authentication. Administrators will see on the user card when the login is done using strong authentication.
If desired, the function can also be switched off from the same administration view.
Strong authentication is a paid service with a connection fee as well as a usage fee. For more information about the service, contact the customer contact person or email firstname.lastname@example.org.