How to establish U2A communication in the services available via the Service Portal:
Key information
To access the applications available through the Service Portal https://online.kdpw.pl, you need to open an access account and download the KDPW Group Authenticator application to a mobile device. The application is used to authenticate application users in the multi-factor authentication (MFA) mechanism implemented in the Service Portal. The application can be downloaded for free from authorised shops: Google Play (Android), App Store (iOS - Apple), and its use is only permitted on phones with unbroken security of the operating systems of these manufacturers.
By using the same attributes, it is also possible to access the test environments of the services available in the Service Portal: TST https://tst-online.kdpw.pl and EDU https://edu-online.kdpw.pl.
More information about MFA can be found here
For detailed information on how to open an access account and how to download and use the KDPW Group Authenticator application, please refer to the User’s Manual: Access Account.
User’s Manual: Access Account
The rules for obtaining access to applications available in the Service Portal by an authorised person, the rules for opening an access account, and the rules for the authentication process are set out in the Rules of Access to KDPW’s IT Systems.
Rules of Access to KDPW’s IT Systems
By using the same attributes, it is also possible to access the test environments of the services available in the Service Portal: TST https://tst-online.kdpw.pl and EDU https://edu-online.kdpw.pl.
More information about MFA can be found here
For detailed information on how to open an access account and how to download and use the KDPW Group Authenticator application, please refer to the User’s Manual: Access Account.
User’s Manual: Access Account
The rules for obtaining access to applications available in the Service Portal by an authorised person, the rules for opening an access account, and the rules for the authentication process are set out in the Rules of Access to KDPW’s IT Systems.
Rules of Access to KDPW’s IT Systems
Requesting access to the application
To get access to an application in the Service Portal, you need to be authorised to act in a given service on behalf of the entity which is a KDPW service participant. In order to do so, you need to submit a request for access to the application.
A request for access to the application may be submitted by a person authorised to do so. The request is submitted after logging in to the access account, by filling in the form in the Service Portal.
After submitting the request, it is mandatory to provide KDPW with a declaration from the entity confirming the details of the person submitting the request and his/her authorisation to act in the application. Delivery of the declaration to KDPW is not required if access is granted by an administrator authorised by the participant.
Instructions:
A request for access to the application may be submitted by a person authorised to do so. The request is submitted after logging in to the access account, by filling in the form in the Service Portal.
After submitting the request, it is mandatory to provide KDPW with a declaration from the entity confirming the details of the person submitting the request and his/her authorisation to act in the application. Delivery of the declaration to KDPW is not required if access is granted by an administrator authorised by the participant.
Instructions:
- Submitting a request for access to the application - instructions for KDPW direct participants and issuers at KDPW, entities required to appoint a permission administrator link
- Submitting a request for access to the application - instruction for entities which are not KDPW direct participants or issuers at KDPW, entities which are not required to appoint a permission administrator link
Revoking the authorisation of a person granted access to the application
Access to the application may be revoked:
- by a permission administrator or a service administrator authorised by the participant, directly in the Service Portal online.kdpw.pl,
- where there is no administrator, by KDPW on the basis of the entity’s statement concerning the revocation of the authorisation (template below).
IMPORTANT NOTE FOR DIRECT PARTICIPANTS AND ISSUERS
On 21 October 2024, we implemented changes to the way access to KDPW applications is granted in connection with the introduction of the new role of permission administrator.