Hermod architecture
This article describes the architecture of Hermod component of Smart ID Messaging and how it interacts with an application server (AS), for example Smart ID Identity Manager. The database must be configured before you start installing Hermod. TLS should be configured in the Hermod configuration file.
The application server connects to Hermod with the API key for the specific client,
clientId: myclient
, and initiates a command.The command is then processed by a device and a response is sent back to the
publicUrl
as configured in Hermod. The device uses the plugout message/command protocol to communicate with Hermod. All clients use API keys to identify themselves with Hermod. You must have a database configured to enable Hermod deployment.When the command has been processed by the device or when it has expired, the returned response is validated by Hermod and a callback is sent to the configured
callbackURL
for the originatingclientId
.
For parameter examples, see the Hermod configuration example below.
Hermod configuration
The configuration file example below refers to application.yml and shows how to configure clientId, public URL and TLS. For more information, see Install Hermod.
Example: Hermod configuration
server:ssl:
# When you enable security below you must put a real certificate in the certificates directory
enabled: false
key-store: /path/to/certificates/hermod-host-bundle.p12
key-store-password: "PASSWORD"
key-store-type: PKCS12
.....
publicUrl: https://hermod.mycompany.com/ms
...
- clientId: myclient
key: 59c2a0a1999d42dbbe7f16ef1072736a031c5f4739c04025a641ae1751849857
callbackUrl: https://my-application-server/https/api/rest/v3.0/personalmessaging