7. mojeID Test Instance

It is possible to test your implementation using our mojeID test instance where you can test logging of mojeID users, registering of new accounts and transferring of accounts from the central register.

Before you start testing, send the metadata you are going to use for testing to techsupport@mojeid.cz. This metadata differs for each protocol (see infomation about the individual protocols below).

Important

Use different metadata than for the production instance!

We will grant you access to the test instance and set up a so-called full access, for the purpose of testing, so that you can receive all the mojeID account data, including status, valid and more that are transferred only to the providers with full access.

7.1. Test Accounts

To test mojeID, we recommend creating three test users with different levels of validation:

• partially identified, with only PIN1 and PIN2 entered,

• identified, with PIN1, PIN2 and PIN3 entered,

• validated, with PIN1, PIN2, PIN3, and the validation flag entered.

This allows you to test returned values in the status parameter for both variants of identification and for validation.

Create all three test accounts at https://mojeid.regtest.nic.cz/registration/. You can enter any contact information. PIN1, PIN2 and the verification letter with PIN3 are not sent; enter the following universal PINs instead:

• PIN1: 11111111 (8 times “1”),

• PIN2: 22222222 (8 times “2”),

• PIN3: 33333333 (8 times “3”).

To validate an account, it is necessary to generate the Validation Request document (PDF) from the corresponding user’s profile.. To generate the document, it is necessary to enter a date of birth. Send the generated PDF document to techsupport@mojeid.cz. Then, we will set the validation flag on the corresponding profile.

7.2. Mutual Endpoints

Part of the interface addresses does not depend on the selected protocol. Those addresses are listed here. However, you will also need addresses of endpoints specific for individual protocols that are listed below.

A test instance with more detailed outputs in case of errors is available at the following addresses:

• Registering a new mojeID account: https://mojeid.regtest.nic.cz/registration/endpoint/

• Transferring a contact to mojeID from the domain registry: https://mojeid.regtest.nic.cz/transfer/endpoint/

The following addresses will be available to implement mojeID to production environment:

• Registering a new mojeID account: https://mojeid.cz/registration/endpoint/

• Transferring a contact to mojeID from the domain registry: https://mojeid.cz/transfer/endpoint/

7.3. OpenID Connect

Metadata that need to be sent to support

• Client_ID you will use for testing – a combination of 12 characters (lower- and uppercase letters and digits) generated automatically upon the registration of the service

Specific endpoints for the protocol

• Addresses of the test endpoints:

  • Registration Endpoint: https://mojeid.regtest.nic.cz/oidc/registration/

  • Authorization Endpoint: https://mojeid.regtest.nic.cz/oidc/authorization/

  • Token Endpoint: https://mojeid.regtest.nic.cz/oidc/token/

  • UserInfo Endpoint: https://mojeid.regtest.nic.cz/oidc/userinfo/

  A full description of OIDC configuration in JSON: https://mojeid.regtest.nic.cz/.well-known/openid-configuration/

• Addresses of the production endpoints:

  • Registration Endpoint: https://mojeid.cz/oidc/registration/

  • Authorization Endpoint: https://mojeid.cz/oidc/authorization/

  • Token Endpoint: https://mojeid.cz/oidc/token/

  • UserInfo Endpoint: https://mojeid.cz/oidc/userinfo/

  A full description of OIDC configuration in JSON: https://mojeid.cz/.well-known/openid-configuration/

7.4. OpenID 2.0

Metadata that need to be sent to support

• the realm you will use for testing (URL), see Choosing a Suitable Realm

Specific endpoints for the protocol

• test endpoint: https://mojeid.regtest.nic.cz/endpoint/

• production endpoint: https://mojeid.cz/endpoint/

7.5. SAML

The metadata of the test instance are available at: https://mojeid.regtest.nic.cz/saml/idp.xml

Metadata that need to be sent to support

• string entityID you will use for testing – maximal length 1024 characters, specifications recommend the string to be in a form of URL and to include a domain name of the provider or the provided service

  Example: https://sluzba.example.cz

• an XML file with the service metadata (EntityDescriptor), that contains the same entityID

  You can find more details on how to get the file with metadata in this article about metadata preparation.

Endpoints specific for the protocol

• test endpoint: https://mojeid.regtest.nic.cz/saml/

• production endpoint: https://mojeid.cz/saml/