Skip to content

Overview

MPass is a government-wide authentication and identity management service in the Republic of Moldova that provides secure Single Sign-On (SSO) and Single Logout (SLO) across public digital services, enabling users to access multiple systems with one set of credentials while offering integrating systems standardized identity data for authorization purposes

Service pricing

User type Access conditions Annual fee per integration
Public institutions Contract-based
Private legal entities Contract-based (per applicable legal framework) 10.800 lei
Natural persons Contract-based (per applicable legal framework) 10.800 lei

Notes:

  • The fee applies to the integration of a single information system
  • Multiple integrations require separate fees for each system

Quick start for integrators

  1. Before being able to interact with MPass, a Service must be registered accordingly in MPass. To perform such a registration, please generate a self-signed or provide any existing certificate file (in .cer file format) to Service owner”;
  2. Identify the set of required attributes (including custom attribute names and values) to be returned by MPass during the design phase of the Service and specify them as part of Service registration.
  3. Review the SSO/SLO flows to understand user and system interactions.
  4. Prepare your SP endpoints (Assertion Consumer Service, Single Logout Service) and generate SP metadata.
  5. Register your SP with MPass and exchange metadata and certificates as required.
  6. Implement the authentication flow using SAML 2.0 bindings supported by MPass.
  7. Validate attributes received from MPass and apply your own authorization logic.
  8. Test end-to-end using the provided examples or your preferred stack.

Glossary

For the complete glossary, please visit the Glossary page.

System capabilities

MPass serves as an intermediary between information systems and diverse authentication methods, unifying access by handling the differences among various identity providers. It securely exposes a single interface for authentication, provides relevant user identity attributes for authorization decisions, and manages the user interaction flow during the authentication process.

Service dependencies

MPass depends on the digital identity providers, so its availability and performance is directly influenced by the availability and performance of the services delivered by the providers.

Protocols and standards

MPass is using SAML v2.0 standard protocol and format for authentications. The following table contains a comprehensive list of references to standard specifications.

SAML v2 Specification Abstract
SAML Core This specification defines the syntax and semantics for XML-encoded assertions about authentication, attributes, and authorization, and for the protocols that convey this information.
Read the official documentation of SAML Core
SAML Bindings This specification defines protocol bindings for the use of SAML assertions and request-response messages in communications protocols and frameworks.
Read the official documentation of SAML Bindings
SAML Profiles This specification defines profiles for the use of SAML assertions and request-response messages in communications protocols and frameworks, as well as profiles for SAML attribute value syntax and naming conventions.
Read the official documentation of SAML Profiles
SAML Authn Context This specification defines a syntax for the definition of authentication context declarations and an initial list of authentication context classes for use with SAML.
Read the official documentation of SAML Authn Context
SAML Metadata This specification defines profiles for the dynamic exchange of SAML metadata among system entities regarding identifiers, binding support and endpoints, certificates and keys, and so forth.
Read the official documentation of SAML Metadata
SAML Security Considerations This non-normative specification describes and analyzes the security and privacy properties of SAML.
Read the official documentation of SAML Security Considerations
SAML 2.0 Errata This document lists approved errata to the SAML V2.0 OASIS Standard.
Read the official documentation of SAML Security Considerations