The Authentication component allows registered users to access applications using a smartcard.
The smartcard contains a certificate that is authenticated by Spine CIS. Once the card is authenticated, the access rights associated with the user are attached to a token generated by the authentication process.
The user is then presented with a screen, the Spine portal, with a list of applications. Applications the user has rights to will start when selected in the portal.
Endpoint registration service
The endpoint registration service (EPR) is used to create and manage the messaging endpoints and products used by transaction messaging service (TMS) endpoints.
EPR also allows products to be associated with endpoints to be created and managed. The basic EPR tasks have been handed over to specific administrators within supplier organisations in the Path to Live environments. to speed the process up., although requests can still be made to: firstname.lastname@example.org
Endpoint registration service user guide
The Endpoint registration service user guide describes how to manage an endpoint registration request, end to end, using the endpoint registration service.
Spine Directory Service (SDS)
The Spine Directory Service (SDS) is an LDAP repository of all data used in Spine. This includes all types of message interaction data and associated contract properties. All endpoint and product messaging data, all user profile and position data and all Role Based Access Control (RBAC) data is also held with the Spine CIS LDAP service.
Certification data such as the Certificate Revocation List (CRL) is stored in SDS. Each Path to Live environment has its own dedicated CA and Sub CA for creating all types of certificates. This means the certificates are not cross transferable between Path to Live environments. The non-functional test environment is an exception to this rule as it uses the Development CA and SubCA to create certificates.
Last edited: 14 June 2019 2:47 pm