Integrations to Serviceplatformen
Background
In the initial plans for OS2valghalla 3.0 it was decided to use integrations to KOMBIT’s Serviceplatformen and Fælleskommunal Adgangsstyring for the following tasks:
Get CPR data using https://digitaliseringskataloget.dk/integration/sf1525
Send Digital Post using https://digitaliseringskataloget.dk/integration/sf1601
Access control and user rights for administrative users using FK Adgangsstyring https://digitaliseringskataloget.dk/l%C3%B8sninger/adgangsstyring-brugere
Bad experiences during the general election in November '22 have shown a need to reconsider these integrations. Would it be more wise to use other integrations or have backup plans in case Serviceplatformen or FK Adgangsstyring is down? Therefore knowledge has been gathered from KOMBIT and experienced users of Serviceplatformen.
Supplier knowledge
On a meeting Jan 10, 2023 with Brian Graversen (Digital Identity), @Anne-Marie Mikkelsen, @Dan Nobel and @Mogens Kjeldsen (Unlicensed) possible integrations were discussed.
Brian has extensive knowledge of Serviceplatformen both as a consultant working for KOMBIT and as a user of Serviceplatformen.
CPR data
Brian has used https://digitaliseringskataloget.dk/integration/sf1520 for other products, finds it quick and even had a useful open source component written in .NET from OS2osfd: middleware/sofd-core-cpr-integration at master · OS2sofd/middleware
It was also discussed getting a full copy of the CPR data from the each relevant municipality using https://digitaliseringskataloget.dk/integration/sf6002 and updating this data once a day or similar. This requires a license between each municipality and Serviceplatformen as a supplier can’t use SF6002 for themselves. Using SF1520 the hosting supplier can get their own license with Serviceplatformen.
In general Brian hasn’t experienced more downtime on SF1520 than other similar systems, but of course he suggests a logic handling possible timeouts on calls to Serviceplatformen.
It is also worth to note that it is free for the municipalities to use an integration to Serviceplatformen, whereas it will cost for each call directly to the CPR registry.
Digital Post
In Brian’s view the only thing gained using https://digitaliseringskataloget.dk/integration/sf1601 instead of a direct integration to Digital Post, is that each municipality won’t have to setup OS2valghalla as a new system in Digital Post. Instead we just need a few “keys” to be able to send on behalf of each municipality.
On a side note each municipality pays for how much data they send through Digital Post but this is handled directly between Digitaliseringsstyrelsen and the municipality and costs the same regardless of which integration is used.
Serviceplatformen adds an extra layer between OS2valghalla and Digital Post and an extra place where errors can happen.
Brian didn’t have a clear suggestion for Digital Post.
There is a SF1601 component in the OS2sofd repository which might be useful.
Access control and user rights
It has been decided that both access control and user rights have to be handled outside OS2valghalla which means FK Adgangsstyring should be fully integrated. We talked about the possibility to use the IdM of each municipality instead of FK adgangsstyring, but Mogens didn’t think this would be the best solution as this requires more work setting up the integration in each municipality.
We ended up agreeing on a back up to FK adgangsstyring as MitID/Nemlogin will already be integrated for the participants. This means we can have the ability to turn on MitID for administrative users if FX Adgangsstyring is down. Using CPR number as the identifier to match the user rights gained from FX Adgangsstyring.
SMS gateway
After the meeting it also came to our attention, that there is a possible useful SMS gateway komponent integrating to Computonic in the OS2sofd repository.
KOMBIT/Serviceplatformen knowledge
CPR data
Mogens had a talk with Kasper Rubin, PO of CPR at KOMBIT on Jan 11, 2023 and a following mail correspondence.
The focus was to clarify if “valgoplysninger” data in https://digitaliseringskataloget.dk/integration/sf6002 are of any use for OS2valghalla 3.0. Kasper has checked with the CPR office to get more background on the data.
Valgoplysninger data:
(1) Udlandsdanskere
(2) Brexit – britisk statsborger.
(3) Udgået
(4) Herboende EU-borgere (ja)
(5) Danskere bosat i et andet EU-land (nej)
(6) Danskere bosat i et andet EU-land (ja/Kbh.)
(7) Nordatlant Afstemning (Kbh.)
(8) Nordatlant EP-valg (Kbh.)
This data is mainly about Danes living abroad and tells nothing about the general right to vote.
Kasper Rubin sends the following suggestion: “Mit bedste bud på en "godkendte vælgere til et givet valg", vil være en liste/udtræk direkte fra CPR, baseret på deres kriterier. Alternetiv skal I selv bygge det op omkring en logik baseret på hvor borgeren bor, hvor længe de har boet der, hvilket nationalitet de har, deres aldre, m.m.”
Getting more information on the “valgoplysninger” data he added: “Så der findes ikke en entydig kode i CPR registreret der viser om man har ret til at stemme eller ej. Det er en kombination, der selvfølgelig skal sammenholdes med den eksisterende lovgivning.”
Uptime experience and licenses
If the purpose of a system is right, it is not more or less difficult to use SF6002 instead of SF1520.
To his knowledge it was rare that the CPR integrations were affected by downtime.
Kasper suggested also looking into Datafordeleren as another possible integration for CPR data.
Terms and conditions for using Serviceplatformen
@Mogens Kjeldsen (Unlicensed) has been in contact with Bjørg Tausen from KOMBIT regarding terms and conditions for using Serviceplatformen as a supplier on behalf of the municipalities.
This is possible as described in https://digitaliseringskataloget.dk/generelle-vilkaar-leverandoer . The hosting supplier will need to request each municipality for access to using the wanted service through a central administration module in Serviceplatformen:
For at kunne give en leverandør adgang til data udstillet via den fælleskommunale infrastruktur, kræves en godkendelse fra den konkrete og relevante myndighed i form af en Serviceaftale.
For det meste, vil det være leverandøren af Anvendersystemet - og ikke den enkelte myndighed, der har det detaljerede overblik over, præcis hvilke data, der er behov for, i det enkelte Anvendersystem. Hver service i den fælleskommunale infrastruktur har et specifikt dataindhold, og det er derfor leverandøren, der skal vurdere, præcis hvilke services der er behov for at anvende.
(..)
Det er derfor leverandøren, der opretter Serviceaftalen i Fælleskommunalt Administrationsmodul og heri angiver, hvilke myndigheder der ønskes data fra, samt hvilke services der ønskes adgang til. Serviceaftalen sendes herefter, via Administrationsmodulet, til den/de pågældende myndigheder, som herefter skal godkende om Anvendersystemet er berettiget adgang til de anmodede services.
This means it is possible to combine more services in one service agreement whereby the municipality should only be required to accept one agreement.
Test against Serviceplatformen
KOMBIT recommends that we find a municipality to work with on the test and to vouch for the project. If this is not possible, KOMBIT has the test municipality Korsbæk. Aarhus Kommune has agreed to becoming test municipality.
Customer knowledge
Henrik Brix
Mogens has been in contact with Henrik Brix, CIO in Favrskov Kommune and member of several public IT architecture boards including KL/KOMBIT Digitaliseringsrådet.
He reports that the new KOMBIT valg system will use FK Adgangsstyring and Serviceplatformen. As this system is even more crucial to the Danish elections, it’s hard to decide against using these integrations.
According to Henrik KOMBIT has a lot of focus on bring down the downtime as the infrastructure gets more and more important.