As part of a project, eID login plug-ins were developed in mid-2021 for the secure and user-friendly integration of the eID function into common web applications. Three web applications were selected in advance through a market analysis, taking into account market penetration, application diversity and technical suitability. These are Nextcloud, WordPress and TYPO3. For these web applications, eID login plug-ins are available via the respective application directory for direct and easy installation. In addition, the source code of these plug-ins has been published via GitHub repositories for transparent viewing and free use.

Background

As an additional function, the eID function offers configurable recognition via the service and card-specific identifier (‘pseudonym’) of the ID card. This enables strong authentication vis-à-vis web applications. German identity cards and electronic residence permits, as well as EU eID cards, have eID functions that are suitable for this purpose. Securing a login with an ID card as a second factor represents a significant security improvement compared to the usual username/password procedure.

To use the eID function, an eID service is requried by the service provider to integrate the service into the underlying eID infrastructure. To ensure that an eID login can be used promptly and without major challenges, the SkIDentity eID service will be provided by the contractor free of charge as part of the project.

eID-Login for Nextcloud

Nextcloud is free software that offers a modular cloud solution for companies and private individuals. Companies can operate Nextcloud on their own servers and infrastructure in order to achieve data sovereignty. The software can be enhanced with all manner of additional functions via a central app store. The eID login app for Nextcloud offers every registered user the option to log in to a Nextcloud instance with the two-factor ID card and PIN instead of username/password.

Go to the Nextcloud App Store

eID-Login for WordPress

WordPress is a free and widely used content management system that is primarily designed for creating and managing blog articles. Using plug-ins, every WordPress instance can be extended by various functions. The eID login plug-in for WordPress follows the same approach as Nextcloud. It offers every registered user the option to log into a WordPress instance with the two-factor ID card and PIN instead of username/password.

Go to the WordPress Plug-in directory

eID-Login for TYPO3

TYPO3 is a free content management system for websites. It consists of a backend for managing and maintaining a website and a frontend that represents the website itself. Additional functions can usually be integrated using plug-ins, which allows the eID login functionality to be made available to all users.

Go to the TYPO3 Extension Repository

Maintenance and support

On behalf of the BSI, ecsec GmbH has developed the eID login plug-ins for the three supported web applications and operates a support website. rThis includes a list of FAQs which answers the most common questions and provides contact options

The source codes for the eID login plug-ins were published under open source licence via associated Github repositories.

The project is currently working on a generic best-practice guide. In addition to the programming experience of the manufacturer, feedback from users will be incorporated into this document. This guide is intended to facilitate the integration of the eID function into other open and freely hostable web applications.