Knogin
[Developers]

X-Road and eIDAS Federation

A border control officer needs to verify a traveller's identity against a partner nation's civil registry before granting entry. The request must be logged, justified, and constrained to the specific service the officer

Back to All Modules
Category: ModulesLast Updated: Mar 24, 2026
modules

Overview#

A border control officer needs to verify a traveller's identity against a partner nation's civil registry before granting entry. The request must be logged, justified, and constrained to the specific service the officer is authorised to query. An ambient dashboard summary would be meaningless here; what the officer needs is a controlled, deliberate lookup workflow that produces an auditable result and nothing more.

X-Road and eIDAS Federation provides exactly that. Every query is operator-initiated with explicit parameters, every result is tied to the operator's identity and session, and every request is written to the audit trail. Public sector agencies, border management authorities, and cross-border legal services in the European Union and partner states use this module to access federated services without building fragile bespoke integrations for each exchange.

Key Features#

  • Operator-Initiated Queries: All lookups are launched with explicit operator-supplied parameters so external requests remain deliberate and auditable. Ambient or automated queries are not permitted; every call has an accountable operator attached.
  • Trusted Service Exchange: Supports service-oriented exchange across federated public-sector and partner systems through X-Road's standardised message transport, with mutual authentication between service consumers and providers.
  • Identity-Backed Access: Aligns query execution with the operator's identity and trust level under eIDAS or compatible frameworks, ensuring only appropriately authorised operators can execute sensitive lookups.
  • Workflow-First Design: Prioritises safe, guided entry into the external-lookup workflow. The module does not attempt to surface summary statistics about external services where no ambient state exists, avoiding misleading dashboards.
  • Secure Hub Integration: Lives naturally alongside secure communications and interoperability workflows used by communications operators, fitting into existing mission workflows without requiring a separate system login.

Use Cases#

  • Cross-Border Identity Verification: Operators run trusted external checks when a mission workflow requires identity or registry confirmation from a partner jurisdiction, with full audit trail for every query.
  • Public-Sector Service Lookup: Teams access partner services through controlled, operator-driven queries instead of maintaining brittle ad hoc integrations with each external registry.
  • Regulated Partner Exchange: Organisations use a formal trust-backed workflow when sensitive data requests must be logged, justified, and constrained to named services under data-sharing agreements.
  • Operational Verification Support: Communications and interoperability teams use the workflow to validate partner-held records during time-sensitive operations, with results captured in the case record.

Integration#

  • X-Road service integrations with standardised message transport and mutual authentication
  • eIDAS and trust-backed identity workflows compatible with EU electronic identity frameworks (ETSI TC MTS standards)
  • Communications and interoperability hub presets for rapid workflow access
  • Audit and governance controls for external query execution backed by PostgreSQL, with userId and organizationId on every record

Open Standards#

  • X-Road Data Exchange Layer Protocol: The integration uses the X-Road security server REST gateway, attaching mandatory X-Road-Client and X-Road-Service headers on every request and routing calls through the standardised /r1/ path prefix with mutual authentication between consumer and provider subsystems.
  • EU eIDAS Regulation (910/2014): Identity proofing is performed via the eIDAS bridge, which returns cross-border identity claims (name, date of birth, personal code) at the assurance level granted by the operator's trust framework, consistent with eIDAS Level of Assurance requirements.
  • SAML 2.0 (OASIS): Federation provider metadata, entity ID, Single Sign-On URL, certificate expiry, and provider type, is synchronised and stored in accordance with the SAML 2.0 metadata specification used by EU trust federations.
  • ETSI TC MTS eIDAS Technical Standards: The module's trust framework integration is explicitly aligned with ETSI TC MTS standards that govern electronic identity interoperability within EU member states and partner nations.
  • TLS (RFC 5246 / 8446): All communication with the X-Road security server is enforced over HTTPS; the SSRF guard rejects any non-HTTPS scheme before a request is forwarded, ensuring transport-layer confidentiality and server authentication.
  • GraphQL (June 2018 Specification): All registry queries and eIDAS identity verification mutations are exposed through a Strawberry GraphQL schema, with field-level authentication guards and organisation-scoped resolvers on every operation.
  • RFC 1918 (Private Address Allocation): The SSRF protection layer explicitly validates incoming security server URLs against RFC 1918 private ranges, loopback, and link-local addresses, blocking server-side request forgery before any external call is made.

Last Reviewed: 2026-03-24 Last Updated: 2026-04-14

Ready to Build?

Get started with our APIs or contact our integration team for support.