Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Updates throughout the article, including the illustration.

This article describes the architecture of Hermod component of Smart ID Messaging and how it interacts with an application server (AS), for example Smart ID Identity Manager.   The database must be configured before you start installing Hermod. TLS should be configured in the Hermod configuration file.

  1. The application server connects to Hermod with the API key for the specific client, clientId: myclient, and initiates a command.
  2. The command is then processed by a device and a response is sent back to the publicUrl as configured in Hermod. The device uses the plugout message/command protocol to communicate with Hermod. All clients use API keys to identify themselves with Hermod. You must have a database configured to enable Hermod deployment.  
  3. When the command has been processed by the device or when it has expired, the returned response is validated by Hermod and a callback is sent to the configured callbackURL for the originating clientId.

Image Added

For parameter examples, see the Hermod configuration example below. 

Hermod architectureImage Removed

Hermod configuration 

Hermod configuration 

The configuration file example below refers to application.yml and shows how to configure clientId, public URL and TLS. For more information, see Install Hermod (docker) or Install Hermod (WAR file).

Code Block
titleExample: Hermod configuration
publicUrl: https
# When you enable security below you must put a real certificate in the certificates directory
enabled: false
key-store: /path/to/certificates/hermod-host-bundle.p12
key-store-password: "PASSWORD"
key-store-type: PKCS12


- clientId: myclient
  key: 59c2a0a1999d42dbbe7f16ef1072736a031c5f4739c04025a641ae1751849857
  callbackUrl: https://my-application-server/https/api/rest/v3.0/personalmessaging