What settings are necessary in restrictive network environments to use xIDENTITY smoothly?

Content

Problems can occur during the identification and registration process for xIDENTITY via NECT due to restrictive settings in the company network for on-prem instances. This article lists possible error messages and how to resolve them.

XiTip 
This article contains information that is relevant for network administrators.

1. Possible Errors

1.1. In the NECT-App 

• When trying to load the QR code, only a black screen is displayed in the app.

• The identification process in the NECT app can be completed, but no OK message is displayed after completion.

1.2. In the browser 

• The passport scan and facial recognition can be run in the app, but the browser remains on the QR code page.

• In general, there seems to be no feedback about the start of the identification process. The window always remains the same.

• After completion in the NECT app, the browser does not redirect to the A-Trust part of the registration.

2. Solution

The solution for all the errors listed above is to activate the firewall rules from the NECT developer manual. Specifically, this involves the following section.

Extract from the NECT developer manual

3.4. Firewall rules

In order to be able to use the functions of the NECT REST API, the following outgoing and incoming (webhook/callback functionality) OSI Layer 3 firewall rules must be implemented by the service provider:OUTBOUND

DST 83.246.99.240/29 85.158.4.64/28 185.54.111.138

185.54.111.1389

185.54.111.140

DPORT 443

PROTO TCP

Please note: In addition, domain resolution (DNS resolution) and access to the domain slfid.nect.rest via https:443 must be enabled.

If you still have problems after activating the rules, please contact our support team.