Go directly to contents.
Suomi.fi e-Authorizations

Testing instructions for interface queries

Next:

  • First, familiarise yourself with the interface descriptions and other technical material
  • The deployment team will provide you with identifiers for the Test Material Service, which is used to test interface queries.

Testing rule engine settings

The Test Material Service is used to test interface queries:

Read the descriptions of the rule engines: 

Acting on behalf of a company

Test the integration of the interface service and ensure that the authorisation query returns to the e-service the roles and authorisations required for acting on behalf of a company in your e-service.

We recommend that at least the managing director and the signatory be allowed to act on behalf the company, as they can in any case authorise themselves to do this. In other words, these roles should be allowed to act on behalf of a company based on a basic register, to avoid making them authorise themselves when there is no need. Rules 015.002.1.1 and 016.002.1.2 allow this, and in this case, the TJ and NIMKO roles must be taken into account in the response to the authorisation query.

Rule engine rule: 015.002.1.1 The person must have a specified operative role in the company
Rule selection and data returned by rule: ELI, IS, J, PJ, S, TIL, TJ, YHM

Tested by selecting a person who has the role in question in the company in the Test Material Service. Check whether the role is returned in the response to the authorisation query.

An example of a response message using the Web API connection and the TJ role:

[{"name":"Rova Oy","identifier":"7019376-8","complete":true,"roles":["TJ"]}]

An example of a response message using the Data Exchange Layer connection and the TJ role:

<organization>
    <organizationIdentifier>7019376-8</organizationIdentifier>
    <name>Rova Oy</name>
    <roles>
        <role>TJ</role>
    </roles>
</organization>

Other roles are relayed in the response to the authorisation query in the same way, i.e., the abbreviation of the role is relayed in the response message if the role has been selected in the rule engine settings.

Rule engine rule: 016.002.1.2 The person must have authority to sign at a certain access level

  • Rule selection: authorised, procuration holder
  • Data returned by the rule: NIMKO

Test by selecting a person from the Test Material Service who has the right to sign in behalf of the company. Check whether the response to the authorisation query returns the NIMKO role.

NOTE! This role should be always used to enable acting on behalf of the company, as the person authorised to sign on behalf of the company is always able to authorise themselves anyway.

An example of a response message using the Web API connection:

[{"name":"Rova Oy","identifier":"7019376-8","complete":true,"roles":["NIMKO"]}]

An example of a response message using the Data Exchange Layer connection:

<organization>
  <organizationIdentifier>7019376-8</organizationIdentifier>
  <name>Rova Oy</name>
    <roles>
        <role>NIMKO</role>
    </roles>
</organization>

Rule engine rule: 019.003.1.2 The person has a mandate in the authorisation register

  • Rule selection: <mandate theme>
  • Data returned by the rule: <technical identifier (URI) for the mandate theme>

NOTE! Only mandate theme selected with the rule engine will be returned in the authorisation query. Authorisation codes for the rule engine can be requested from the deployment team.

An example of a response message using the Web API connection:

[{"name":"Rova Oy","identifier":"7019376-8","complete":true,"roles":
["http://valtuusrekisteri.suomi.fi/palkkatietojen_ilmoittaminen"]}]

An example of a response message using the Data Exchange Layer connection:

<organization>
  <organizationIdentifier>7019376-8</organizationIdentifier>
  <name>Rova Oy</name>
    <roles>
        <role>http://valtuusrekisteri.suomi.fi/palkkatietojen_ilmoittaminen</role>
    </roles>
</organization>

Acting on behalf of another person

When acting on behalf of another person, the response to the authorisation query always returns a yes/no type answer or the technical identifier (URI) of the mandate theme selected under rule 019.003.1.1. Otherwise, the rules are rules that prevent transactions.

  • The Authorization query returns ALLOWED / DISALLOWED.
  • The AuthorizationList query returns the ALL role if you are allowed to act on behalf of a dependent minor or the technical identifier of the mandate code if you are authorised to act on behalf of an adult.
Updated: 22/11/2024

Are you satisfied with the content on this page?