Preparing for RapID

Preparing your web server

Set up

Your web server needs to support mutual authentication so it can identify clients in the same secure manner that clients can confidently identify 'https://' sites.

Details on configuring IIS, Apache, Azure and NGINX for mutual authentication are provided in our reference guide.

The trusted issuer certificate allows you to replace username/password logon with secure certificate logon. It verifies that the credentials used when an app authenticates are trusted by your web server.

Your service authentication certificate can either be placed in a secure file location or a keystore on your web server. This allows communication from your web service to the RapID service to also be by mutual TLS. This means you can be confident that only your service is allowed to request credentials.

If your web server isn't listed, and you need support setting up mutual authentication, please contact