Skip to main content
Skip table of contents

KS Fiks

This document outlines the necessary steps you must take to prepare for the integration between eADM and the KS Fiks platform. Following these steps will ensure a smooth setup process.

Overview

The integration between eAdm and KS Fiks automates user and role management within the KS Fiks platform. It provisions users by creating, maintaining, and deactivating them based on rules in eAdm. User roles are assigned by managing their membership in specific groups. The integration can either synchronize with existing groups or create new ones as needed.

Pre-configuration

Before Identum can begin the technical configuration, you must provide the following:

Step 1: Grant System Access and Generate API Key

To grant eADM access to create users, you must generate an API key from the KS Fiks administration portal.

  1. Log in to the KS Fiks configuration portal.

  2. Navigate to Brukerstyring (User Management).

  3. Click + Legg til ekstern kilde (+ Add external source).

  4. Select Azure AD.

Note: Although you select Azure AD, this is not a direct integration with Azure. You can use your municipality's Azure AD tenant ID or one provided by Identum; the choice does not impact the integration's function.

  1. After creating the source, the system will display two values (an ID and a key).

Warning: Securely save both values. Send these to your Identum contact in a password-protected file, and send the password separately via SMS.

Step 2: Coordinate Activation of External User Management

After you generate the access key, you will likely see a warning about activating external user management.

Warning: Activating "ekstern brukerstyring" (external user management) will remove all existing permissions for current roles. To avoid service disruption, do not activate this feature immediately. You must coordinate carefully with your Identum consultant to plan the exact timing for activation. We recommend you first download the overview of existing role permissions to use as a reference.

Step 3: Define Roles and Groups

You must determine which roles and groups in KS Fiks will be managed by Identum. The groups a user belongs to will define the roles they are assigned.

  • For existing groups: If you want eADM to manage membership for existing groups, you must provide us with the group names and the rules for membership (e.g., specific individuals or rules based on department/position).

  • For new groups: We must create a group in eADM with an identical name and a corresponding rule set to correctly link to the group in KS Fiks.

You can either perform the group creation in eADM yourself or delegate it to Identum.

Step 4: Create Groups in eAdm (Optional)

If you choose to create the groups in eAdm yourself, use the group wizard and follow these guidelines:

  • Description: Set a logical, human-readable name in the "Description" field. This will be the group's display name in both eAdm and KS Fiks.

  • SourceID and Name: Use a naming convention that clearly identifies the group's purpose and distinguishes it from standard AD groups. Using a consistent prefix is recommended (e.g.,

    Fiks-Tilgang-Folkeregister-Helse_Vaksinering).

  • Parent: You must set the Parent ("Underlagt") field to ksfiks. This is used by the synchronization rules to identify which groups to export.

Step 5: Final Verification and Activation

Once the roles are mapped and the groups are configured in eAdm, notify your Identum consultant.

Before activating the integration, Identum will send you an overview of the users and groups that are ready to be exported. This allows you to verify that the correct data will be transferred before the final activation.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close