Background
In the initial plans for OS2valghalla 3.0 it was decided to use integrations to KOMBIT’s Serviceplatformen and Fælleskommunal Adgangsstyring for the following tasks:
Get CPR data using https://digitaliseringskataloget.dk/integration/sf1525
Send Digital Post using https://digitaliseringskataloget.dk/integration/sf1601
Access control and user rights for administrative users using FK Adgangsstyring https://digitaliseringskataloget.dk/l%C3%B8sninger/adgangsstyring-brugere
Bad experiences during the general election in November '22 has shown a need to reconsider these integrations. Would it be more wise to use other integrations or have backup plans in case Serviceplatformen or FK Adgangsstyring is down? Therefore knowledge has been gathered from KOMBIT and experienced users of Serviceplatformen.
Supplier knowledge
On a meeting with Brian Graversen (Digital Identity), Anne-Marie Mikkelsen, Dan Nobel and Mogens Kjeldsen (Unlicensed) possible integrations were discussed.
Brian has extensive knowledge of Serviceplatformen both as a consultant working for KOMBIT and as a user of Serviceplatformen.
CPR data
Brian has used https://digitaliseringskataloget.dk/integration/sf1520 for other products, finds it quick and even had a useful open source component written in .NET from OS2osfd: https://github.com/OS2sofd/middleware/tree/master/sofd-core-cpr-integration
It was also discussed getting a full copy of the CPR data from the each relevant municipality using https://digitaliseringskataloget.dk/integration/sf6002 and updating this data once a day or similar. This requires a license between each municipality and Serviceplatformen as a supplier can’t use SF6002 for themselves. Using SF1520 the hosting supplier can get their own license with Serviceplatformen.
In general Brian hasn’t experienced more downtime on SF1520 than other similar systems, but of course he suggests a logic handling possible timeouts on calls to Serviceplatformen.
It is also worth to note that it is free for the municipalities to use an integration to Serviceplatformen, whereas it will cost for each call directly to the CPR registry.
Digital Post
In Brian’s view the only thing gained using https://digitaliseringskataloget.dk/integration/sf1601 instead of a direct integration to Digital Post, is that each municipality won’t have to setup OS2valghalla as a new system in Digital Post. Instead we just need a few “keys” to be able to send on behalf of each municipality.
On a side note each municipality pays for how much data they send through Digital Post but this is handled directly between Digitaliseringsstyrelsen and the municipality and costs the same regardless of which integration is used.
Serviceplatformen adds an extra layer between OS2valghalla and Digital Post and an extra place where errors can happen.
Brian didn’t have a clear suggestion for Digital Post.
There is a SF1601 component in the OS2sofd repository which might be useful.
Access control and user rights
It has been decided that both access control and user rights have to be handled outside OS2valghalla which means FK Adgangsstyring should be fully integrated. We talked about the possibility to use the IdM of each municipality instead of FK adgangsstyring, but Mogens didn’t think this would be the best solution as this requires more work setting up the integration in each municipality.
We ended up agreeing on a back up to FK adgangsstyring as MitID/Nemlogin will already be integrated for the participants. This means we can have the ability to turn on MitID for administrative users if FX Adgangsstyring is down. Using CPR number as the identifier to match the user rights gained from FX Adgangsstyring.
SMS gateway
After the meeting it also came to our attention, that there is a possible useful SMS gateway komponent integrating to Computonic in the OS2sofd repository.
KOMBIT/Serviceplatformen knowledge
CPR data
Mogens had a talk with Kasper Rubin, PO of CPR at KOMBIT on and a following mail correspondence.
The focus was to clarify if “valgoplysninger” data in https://digitaliseringskataloget.dk/integration/sf6002 are of any use for OS2valghalla 3.0. Kasper has checked with the CPR office to get more background on the data.
Valgoplysninger data:
(1) Udlandsdanskere
(2) Brexit – britisk statsborger.
(3) Udgået
(4) Herboende EU-borgere (ja)
(5) Danskere bosat i et andet EU-land (nej)
(6) Danskere bosat i et andet EU-land (ja/Kbh.)
(7) Nordatlant Afstemning (Kbh.)
(8) Nordatlant EP-valg (Kbh.)
This data is mainly about Danes living abroad and tells nothing about the general right to vote.
Kasper Rubin sends the following suggestion: “Mit bedste bud på en "godkendte vælgere til et givet valg", vil være en liste/udtræk direkte fra CPR, baseret på deres kriterier. Alternetiv skal I selv bygge det op omkring en logik baseret på hvor borgeren bor, hvor længe de har boet der, hvilket nationalitet de har, deres aldre, m.m.”
Getting more information on the “valgoplysninger” data he added: “Så der findes ikke en entydig kode i CPR registreret der viser om man har ret til at stemme eller ej. Det er en kombination, der selvfølgelig skal sammenholdes med den eksisterende lovgivning.”
Uptime experience and licenses
If the purpose of a system is right, it is not more or less difficult to use SF6002 instead of SF1520.
To his knowledge it was rare that the CPR integrations were affected by downtime.
Kasper suggested also looking into Datafordeleren as another possible integration for CPR data.
Customer knowledge
Mogens has been in contact with Henrik Brix, CIO in Favrskov Kommune and member of several public IT architecture boards including KL/KOMBIT Digitaliseringsrådet.
He reports that the new KOMBIT valg system will use FK Adgangsstyring and Serviceplatformen. As this system is even more crucial to the Danish elections, it’s hard to decide against using these integrations.
According to Henrik KOMBIT has a lot of focus on bring down the downtime as the infrastructure gets more and more important.
NemLog-In (MitID) service
Conversation on E-mail between Dan Nobel and Mogens Kjeldsen (Unlicensed) on how-to use MitID and if a broker was selected.
No preferred broker is selected in the OS2 organization, the current solution is provided by the hosting supplier
A desire to use the NemLog-in service https://nemlog-in.mitid.dk/login.aspx/mitid as used on borger.dk
The service is described here: https://tu.nemlog-in.dk/forside/A more step by step approach (to the test environment) for integration solutions are described here: Integrationstestmiljø - Information til Tjenesteudbydere (nemlog-in.dk)
There is a need to verify if the registering party is a public or private organization, there is a different price model for each.
Dan Nobel believes this is the right way to go and think the only a few minor details that needs to be ironed out before a registration process can be started and subsequently the development work can start.