The Information System Authority’s services for partners:
Electronic identity in information systems
More information about adding the digital signature or signature verification functions to your system is available in the environment id.ee.
- Digital signing and digital stamping »Information for developers on website id.ee
The software’s source code
The eID software has an open source code, so that all interested parties can see the source code and take part in its development via GitHub.
- Source code »ID-software’s source code in GitHub
- Specification for the ID-card’s ESTEID application (1.75 MB, PDF)EstEID version 3.5
- CDOC specification modified for elliptic curves (266.72 KB, PDF)Version 1.1
The Information System Authority (RIA) offers two authentication services for public sector institutions.
RIA's authentication service TARA is designated for the public sector's e-services and it enables institutions to authenticate ID-card, mobile-ID or bank link users. Additionally, it is possible to authenticate an eID user from an EU Member State (if the eID means of the given Member State have been submitted to the commission for evaluation) as of autumn 2018.
Purpose: to create a common solution for logging in to public sector’s e-services to provide a uniform user experience and avoid parallel developments.
As at August 2018, the eID means of Germany, Estonia, Italy, Luxembourg, Spain, and Croatia have been evaluated.
Public sector e-services must enable login with Germany’s eID, i.e. Germany’s ID-card from October 2018 and the eID means of the other countries stated above from August 2019 at latest.
The purpose of eIDAS is to facilitate the cross-border use of e-services.
The TARA service enables to apply different authentication means according to the requests of the e service provider. For example, it is possible to apply the module of foreign eIDs only.
This service enables to authenticate an Estonian ID-card or mobile-ID user when he/she wants to enter a foreign e-service that requires authentication. Therefore, the service authenticates an Estonian ID-card or mobile-ID user who has been forwarded for authentication from a foreign state.
The commercial user of this service is the foreign state’s e-service administrator. The e-service must be connected with the EU’s cross-border authentication infrastructure eIDAS.
The end user of the service is the user of an Estonian ID-card or mobile-ID.
- Technical specification »In Estonian language in GitHub
In the case of any questions, please write to email@example.com.
RIA-s Digital Signature Gateway provides a REST based interface for creating and signing ASiC-E based containers (this includes BDOC) with XAdES signatures in a hashcode form.
- Technical specification »In English in GitHub
Anyone interested can use our demo service. The software used in the service is open source and everyone can host it themselves.
To integrate your service with RIA-s signature gateway service (demo), fill in the application (unfortunately only available in estonian right now) and send it (signed) to firstname.lastname@example.org.
To integrate with our production service, you must first make successful queries in the demo service.
- Demo service application (177.57 KB, PDF)In Estonian
Please also contact email@example.com with any further questions.
Digital Signature Validation Service SiVa allows you to validate documents digitally signed in legacy or lesser known formats. The service aims to simplify the validation of signatures. Instead of developing signature validation based on libraries, you can interface your system with SiVa. Thus, SiVa is an alternative to DigiDoc4j ».
SiVa connects through X-tee or the JSON interface.
The endpoints of the service production are located at https://siva.eesti.ee/V2/<interface>. To make a valid query, read more here: http://open-eid.github.io/SiVa/siva3/interfaces/ A sample solution is located at https://siva-arendus.eesti.ee/V2/
A demo version of the validation service with a user interface is available at https://siva-arendus.eesti.ee/V2test ».
You can validate:
- ETSI standard based ASiCE and ASiCS signatures
- Estonian DDOC signatures
- Estonian BDOC signatures
- Estonian ASiCS signatures with time stamp tokens
- ETSI standard based XAXAdES, CAdES, and PAdES (signed PDF files) signatures
- Estonian X-tee security server ASiCE signatures