Purpose

tibber-dsf is a module for looking up data from DSF (Det sentrale folkeregister). DSF is register of residents in Norway. The module expose just a subset of the DSF-services (personer/entydigsoek).

To obtain login credentials and other permissions go to samarbeid.digdir.no

Install

NPM:

$ npm install --save tibber-dsf

Yarn:

$ yarn add tibber-dsf

Obtaining and registering a key

Generating JWT grant

A generator can be downloaded here: https://github.com/felleslosninger/jwt-grant-generator

Then create a JKS store using your company cerfificate (Virksomhetssertifikat, auth cert), you can use KeyStore Explorer for this: https://keystore-explorer.org/downloads.html

Follow instructions in the jwt-grant-generator repo, and create a myclient.properties file.

Example for production:

issuer=<the client id for your self service client>
# Can be found here:
# https://sjolvbetjening.samarbeid.digdir.no/integrations
audience=https://maskinporten.no/
scope=idporten:dcr.read idporten:dcr.write

keystore.type=JKS
keystore.file=<filename for key store file in JKS format you created eralier>
keystore.password=<key store password>
keystore.alias=<alias in JKS store, called Entry Name in KeyStore Explorer>
keystore.alias.password=<password for alias>

token.endpoint=https://maskinporten.no/token

Then run java -jar target/jwt-grant-generator-1.1.0-SNAPSHOT-jar-with-dependencies.jar myclient.properties

Copy the access_token from the output, this can be used to read and write to the allowed keys for the DSF client.

Read current and add new jwks keys

client id is the id for your DFS client (typically a uuid).

GET https://integrasjon.difi.no/clients/<clientid>/jwks

Add the access token from the previous step as a Bearer token.

To update/set new keys do a POST to the same endpoint with the ENTIRE key set, so if you want to add a new one and keep the existing one you will need to send both keys in the body.

{ keys: 
    [
        { key1 (from the GET) },
        { key2 (newly generated public key) }
    ]
}

A newly uploaded key will be valid for 1 year.

You can generate a key using an online tool like this: https://mkjwk.org/ (Or the offline CLI provided at their GitHub account). The public part is what should be prodived to the jwks endpoint above. While the public+private keypair should be kept secret and is what tibber-dsf should be initialized with (either as JSON or a Base64 encoded string).

Usage

import dsf from 'tibber-dsf';

const queryDsf = dsf({ env: 'prod or test ', clientId: 'the clientId assigned to you in Maskinporten', privateKey: 'a jwk containing the private key registered to your client in maskinporten' })

const result = await queryDsf({ lastName: 'Normann', postalCode: "6812", firstName:'Ola', birthDate : '1977-01-13' });

//To read more about what queries are allowed and which combinations of parameters are required, go to: https://skatteetaten.github.io/folkeregisteret-api-dokumentasjon/oppslag/

//success result

//{ 
//  success: true,
//  result: { 
//     born: '1977-01-13',
//     ssn: '13017711111',
//     lastName: 'Normann',
//     firstName: 'Ola',
//     middleName: '',
//     isDeceased: false,
//     gender: male,
//     hasSecretAddress: false,
//     address: { address: 'Some Street 31',
//        postalCode: '6812',
//        city: 'FØRDE',
//        municipalityCode: '1432',
//        municipality: 'FØRDE'
//        }
//    }
//}

//error result

//{
//   success: false,
//   error: "some error message"
//}

Migration from 0.x

Replace user and pwd with clientId and privateKey. System and userRef is also deprectaded.