Published on 2 April 2026

AGOV Modules

The AGOV ecosystem consists of AGOV modules, peripheral systems, and target systems.

A. End users can log in to all underlying target applications via e-ID and/or the AGOV access app, except when the application requires AGOVaq 500 or 600, in which case the e-ID MUST be presented directly as a login credential at login time via AGOV, the AGOV access app is hidden; in the case of AGOVaq 500, the e-ID ‘flows’ through an AGOV account (existing or one that has just been automatically generated) and the resulting SAML/OIDC token is enriched with data that the e-ID lacks (e.g. email address and postal address). In the AGOVaq 600 case, the e-ID does NOT flow through an AGOV account, but is passed directly to the target application (transformed to SAML or OIDC by AGOV), which means a very reduced traceability and a reduction to the data contained in the e-ID; since the AGOVaq 600 case is not used for either the OGReg or the EPR (these rely on AGOVaq 500), the AGOVaq 600 implementation is delayed until there is an actual requester. In summary: In the cases of AGOVaq 100 to 500, the e-ID is therefore a credential linking to an AGOV account, but not in the AGOVaq 600 case. - B. Furthermore, the e-ID in AGOV acts in parallel to Videoident/Autoident (Intrum) and LID (Post) and Counter (Canton) as a further identity verification method, presumably for persons with Swiss identification documents, and in time as the only one (goal: no ID verification costs. Condition: legality, ergo tbv tbd). This means that someone can use an e-ID to upgrade their AGOV login to AGOVaq 400 and from then on use the AGOV access app (and of course the e-ID directly) to log in at this level. When using the e-ID directly, it is never necessary to upgrade for any AGOVaq.

Below you will find the complete list of AGOV modules as well as their publication status in accordance with EMBAG Art 9:

1. AGOV Identity Provider

This module manages user data records and the connection to users’ authentication factors. The AGOV Identity Provider is the product Nevis, whose source code is not available to us (not owned by the Confederation).

2. AGOV Trustbroker

This module acts as an intermediary between the AGOV Identity Provider and the AGOV target systems. Technically, it is a federation using the federation protocols OIDC and SAML.

Status: Published
Software name: trustbroker.swiss
Location: OSS catalog https://www.opensource.admin.ch

3. AGOV Access App

Currently, the AGOV Access App is based on the product Nevis Access App, whose source code cannot be published (not owned by the Swiss Confederation). During the course of 2026, an in-house development will be built around the core of the Nevis Access App, and its source code will be published.

Status: Will be published by the end of 2026
Softwar ename: AGOV.Access.App
Location: OSS catalog https://www.opensource.admin.ch

4. AGOV Counter

This module enables cantons to enter identity verification results into AGOV, typically as part of ID checks at a service counter.

Status: Will be published by the end of 2026
Software name: AGOV.Counter
Location: OSS catalog https://www.opensource.admin.ch

5. AGOV View

This module enables support organizations to view the status of AGOV user accounts.

Status: Will be published by the end of 2026
Software name: AGOV.View
Location: OSS catalog https://www.opensource.admin.ch

6. AGOV Verifier

This module connects AGOV with the e-ID ecosystem.

Status: Will be published by the end of 2026
Software name: AGOV.Verifier
Location: OSS catalog https://www.opensource.admin.ch

7. AGOV Self-Service Ticket Form

This module allows end users to open a support ticket in self-service. The source code will be published by the end of 2026, excluding the underlying ticket management system “Halo ITSM” (not owned by the Swiss Confederation).

Status: Will be published by the end of 2026
Software name: AGOV.Self.Service.Ticketformular
Location: OSS catalog https://www.opensource.admin.ch

8. AGOV Peripheral Systems

The AGOV peripheral systems CCO, CH e-ID, A Mail, LID, as well as the ID-Proofing-Multi-Adapter are not part of the AGOV project’s source code publication. This is because they either do not fall under the responsibility of the Federal Chancellery (CCS and CH e-ID) or represent services from the private sector (all other systems).

9. AGOV Target Systems

AGOV target systems are so-called relying parties connected to AGOV in order to obtain authentication services, for example cantonal portals for submitting tax returns. These are, of course, not part of the AGOV project’s source code publication.