All access to viaEuropa services is authenticated using a viaEuropa ID. Authorised users are allocated one or more IDs, which are in the following format:
xxxxx-xxxxx-xxxxx-xxxxx
The first four characters of a viaEuropa denote the customer type. For example, this could be psga for a PSGA member. Note that PSGA Members is Scotland still use an osma prefix (named after the former One Scotland Mapping Agreement). This has been retained to clearly distinguish, and provide specific services to, PSGA members in Scotland. The fifth character of a viaEuropa ID (and last in the first block of characters) denotes the ID type. “o” denotes a standard ID and “b” denotes a Basic Access Authentication ID. See the sections below for further details.
The second and third block of characters is the name of the customer, in a generally human-readable form, but often abbreviated in some way, following by sequential numbering.
The final block appears to be random characters but are in fact a hash acting as locking characters, which help secure each ID.
Europa Technologies makes the following recommendations when using viaEuropa IDs:
You can allocate a viaEuropa ID to a temporary worker, such as a contractor. When this persons work is complete, simply contact Europa Technologies Support to request that the ID be deleted.
You can request addition viaEuropa IDs at any time by contacting Europa Technologies Support.
An ID with no additional authentication requirements is refered to as a Standard viaEuropa ID. This type of ID is suitable for most applications. If you are unsure whether a Standard Iwhich to use for your particular use case, please contact Europa Technologies Support who will be happy to provide some advice.
You can identify the type of a viaEuropa ID by looking at the fifth/last character of the first block. If this letter is an “o” (e.g. xxxxo-xxxx-xxxx-xxxx), the viaEuropa ID is of a standard type. Basic Access Authentication IDs have the letter "b" in this position.
viaEuropa IDs can be set to use an additional security method known as Basic Access Authentication. This requires a valid username and password to be provided with each service request, otherwise a 401 error (“unauthorized”) will be returned. Consult the designated service manager in your organisation for access credentials. Note that Basic Access Authentication does not encrypt the username and password, so requests made using http, rather than https, run the risk of access credentials being discovered by interception.
It is important not to embed username and passwords in web-based applications that use viaEuropa services where the credentials could be discovered simply by viewing the source code in a web browser. It is possible to set-up a proxy on your own servers, where your application communicates in the clear with your proxy servers, which in turn communicates with viaEuropa services using Basic Access Authentication.
You can identify the type of a viaEuropa ID by looking at the fifth/last character of the first block. If this letter is an “b” (e.g. xxxxb-xxxx-xxxx-xxxx), the viaEuropa ID is of a Basic Access Authentication type. Standard IDs have the letter "o" in this position.
Basic Access Authentication offers little protection by modern standards and can cause technical complications when implemented. If you experience any problems using Basic Access Authentication viaEuropa IDs, it is recommended to switch to standard IDs.
Additional authentication methods, such as time-limited tokens, are currently in development.