One-time password, sms (OTP, sms) means that during authentication user receives text message into his/hers mobile phone, containing randomly generated one-time password, which is required to be added to authentication page before user can access customers Self-Service or Efecte solution. 

As it self, one-time password authentication does not provide any services to Self-Service or any configuration (workflows, templates etc.) to customers Efecte solution. It only authenticates users, and customer needs to define & implement services and processes which are available for users after the authentication. 

Options for the authentication process, 

1. User provides username & password (user federation) → user is directed to request and add one-time password → user is directed to Self-Service or customer Efecte solution. 
2. User authenticates using customers SSO-authentication (not a visible step) → user is directed to request and add one-time password → user is directed to Self-Service or customers Efecte solution. 
3. User is directed straight to request and add one-time password → user is directed to Self-Service or customers Efecte solution. 

Data preparations, 

Most important thing is that all users need to have required information for the authentication stored in customers Efecte solution. 

Mandatory information: username, password, email and phone number

1. For local users information needs to be stored in customers Efecte solution. 
2. For user federation & SSO authentication information needs to be stored in customers directory, and read to customers Efecte solution (by using Efecte Provisioning Engine)

Customer can make sure that mandatory information is found from correct place and the data is up to date. In case for example csv. imports are required or other configuration related to data quality, make sure that work related to those tasks are included in your delivery estimations. 

During delivery, 

Efecte will first implement authentication technically into customers test Efecte environment, customer is responsible to test authentication (and that services or processes are working as agreed in the delivery scope and work estimations). 

Customer is responsible to inform all needed internal stakeholders according to organization processes (like for example if data privacy policy need to be updated) and communicate this change to end-users in their organization. 

After successful testing and communication, implementation is moved into production environment, where customer performs last validation that authentication is working also in the production environment. 

During production use, 

Customers responsibilities varies according to agreed service levels and possible admin or care services. One important thing to notice, is that customers test- & production environments need to be as identical as possible, meaning that strong authentication is recommended to be used also in test environments (at least during Efecte release upgrades). 

We always highly recommend to search instructions from Efecte Docs (IGA solution library), from Efecte Community or contact Efecte Service Desk. 

servicedesk@efecte.com
Tel. +358 424 724 724
Opening times 08.00 – 16.00 EET/EEST (or according to agreed service level).

Support is available in Finnish, English, German, and Swedish.

Suomi.fi authentication service is for Finnish government organizations and before customer can use suomi.fi authentication, they need have approved permission from Digital and Population Data Services Agency. 

In suomi.fi authentication user is directed from Efecte login page → to suomi.fi login page where user selects correct bank → user authenticates according to selected banks authentication process → user is directed to Self-Service or customers Efecte solution. 

Customer applies permission,

Whole process starts when customer applies permission to use suomi.fi service from Digital and Population Data Services Agency, but before that customer needs to allocate someone to be responsible for making permission request and also maintaining them in the future, if services are changed or extended. 

Notice, that Efecte cannot affect to time how long permission process takes, and in generally it has taken from few days up to few weeks, therefore its important to start process as soon as possible. 

How permission is applied?

1. Customer authenticates to service in Digital and Population Data Services Agency
   • Finnish bank ID credentials are required during the authentication
2. Customer fulfills the application according to instructions.
3. When application is approved, customer sends following information to Efecte, most commonly to project manager or other delivery team member. 
   • Application ID (diaarinumero in Finnish) 
   • Application approval date
   • Service name (which will be visible in suomi.fi front page, see picture bellow) 
   • Service descrption (also visible in suomi.fi front page)

Data preparations, 

Most important thing is that all users need to have required information for the authentication stored in customers Efecte solution. 

There are two recommended options, so data preparation depends which option customer is using 

1. Only recognized users can authenticate to Self-Service or Efecte solutions, this means that users social security number needs to be found from customers Efecte solution and during authentication it is validated.  
2. Anyone with Finnish bank ID credentials can authenticate to Self-Service or Efecte solutions, this means that user is created during the authentication and social security number is stored as a unique ID in customers Efecte solution. 

Customer can make sure that mandatory information is found from correct place and the data is up to date. In case for example csv. imports are required or other configuration related to data quality, make sure that work related to those tasks are included in your delivery estimations. 

Customer tasks during implementation 

Efecte will first implement authentication technically into customers test Efecte environment, customer is responsible to test authentication (and that services or processes are working as agreed in the delivery scope and work estimations). 

Customer is responsible to inform all needed internal stakeholders according to organization processes (like for example if data privacy policy need to be updated) and communicate this change to end-users in their organization. 

After successful testing and communication, implementation is moved into production environment, where customer performs last validation that authentication is working also in the production environment. 

Customer tasks during production usage

Customers responsibilities varies according to agreed service levels and possible admin or care services. One important thing to notice, is that customers test- & production environments need to be as identical as possible, meaning that strong authentication is recommended to be used also in test environments (at least during Efecte release upgrades). 

We always highly recommend to search instructions from Efecte Docs (IGA solution library), from Efecte Community or contact Efecte Service Desk. 

servicedesk@efecte.com
Tel. +358 424 724 724
Opening times 08.00 – 18.00 EET/EEST (or according to agreed service level).

Support is available in Finnish, English, German, and Swedish.