You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Okke Harsta edited this page Nov 24, 2025
·
2 revisions
The following diagram is the flow for a mobile API call to /mobile/api/sp endpoints
sequenceDiagram
participant EduIDApp as Mobile App (RP)
participant EduIDBackend as eduID Server (RS)
participant OIDC as OIDC-NG (OpenID Provider)
Note over EduIDApp: Mobile App has retrieved an access_token after redirect to OIDC-NG
EduIDApp->>EduIDBackend: /me endpoint
EduIDBackend-->>OIDC: Introspect endpoint
Note over OIDC: /attribute-manipulation when entityID and institutionGUID differ
OIDC-->>EduIDBackend: /attribute-manipulation
EduIDBackend-->>EduIDBackend: Create eduID value XYZ for RS myconext.rs (no coin:institution_guid)
EduIDBackend-->>OIDC: Results for attribute-manipulation with new eduID (for myconext.rs)
OIDC-->>EduIDBackend: Introspect result with eduID: XYZ
EduIDBackend->>EduIDBackend: Look up user with eduID XYZ
EduIDBackend-->>EduIDApp: Return user information