With QR or "app-switch"
This authenticator expects users either scan a QR code or "app-switch". Used for both mobile and Windows clients.
Configuration
Common Authenticator configuration can be found here.
internal_http_destination
ID of the internal http client used to talk with SITHS eID backend.
"default"
custom_siths_endpoint
Custom SITHS eID endpoint. This value overrides the mode value.
N/A
mode
Three modes are possible: "production", "qa" or "test".  Depending on the mode, the URL used to talk to SITHS eID differs.  
"production"
custom_identifier
When logging events, the custom_identifier lets you tag the event.
N/A
poll_frequency
How often should client poll for status updates. Default every 2 seconds.
2
allowed_polling_for_minutes
How many minutes is client allowed to keep polling.
2
organizationName
The organization name/identifier to be displayed in the client.
N/A
rfc2253Issuers
Specifies what issuing CA´s that the SITHS service MAY allow.
["CN=SITHS e-id Person ID Mobile CA v1,O=Inera AB,C=SE","CN=SITHS e-id Person ID 3 CA v1,O=Inera AB,C=SE","CN=TEST SITHS e-id Person ID Mobile CA v1,O=Inera AB,C=SE","CN=TEST SITHS e-id Person ID 3 CA v1,O=Inera AB,C=SE"]
checkRevocation
Indicates if the SITHS service SHALL check the revocation status of the end-user certificate and its certificate chain.
true
sithsEidChallenge
Challenge to present to the client in order for it to establish a secure connection.
N/A
authMessage
A message for the client to show to the user during the authentication process
N/A
animated_qr
If the generated QR code should be "animated".
true
Property base_path should not contain the full path when used in conjunction with the Selector, instead, the full URI will be handled by the selector. The full path will be base_path + / + id.
Logging
Apart from system logging, event logging is done when starting, completing, and failing a SITHS eID transaction.
Event ids are:
- WEB_100020, SITHS eID authentication started - IDENTIFIER (user trace id) 
- SOURCE_ADDRESS (ip address of device starting transaction) 
- CUSTOMER_IDENTIFIER (if configured) 
 
- WEB_100021, SITHS eID authentication completed - IDENTIFIER (user trace id) 
- SOURCE_ADDRESS (ip address of the SITHS eID device used) 
- SOURCE_USER_NAME (personal number) 
- CUSTOMER_IDENTIFIER (if configured) 
 
- WEB_100022, SITHS eID authentication failed - IDENTIFIER (user trace id) 
- SOURCE_ADDRESS (ip address of the SITHS eID device used) 
- CUSTOMER_IDENTIFIER (if configured) 
- MESSAGE (information) 
 
- WEB_100023, SITHS eID authentication canceled or expired - IDENTIFIER (user trace id) 
- SOURCE_ADDRESS (ip address of the SITHS eID device used) 
- CUSTOMER_IDENTIFIER (if configured) 
 
Data exposed to global state
After a user completes a transaction, the authenticator is marked as done. Data from the SITHS eID authentication response is then put into the global state (exports). The data can be referenced later (in a pipe for example) by expansion:
{{exports.credentialInformation_issuer}}
- credentialInformation_issuer 
- credentialInformation_subject 
- credentialInformation_expireAt 
- revocationStatus_credentialId 
- revocationStatus_status 
- revocationStatus_ocspResponse 
- revocationStatus_type 
- userCertificate 
- personalNumber 
- cert_subject 
- cert_issuer 
- cert_not_before 
- cert_not_after 
- cert_serial 
- cert_key_usage 
- cert_basic_contraints 
- cert_sign_algorithm 
- cert_ext_key_usage 
- cert_pub_key 
- cert_pub_key_algorithm 
- cert_pub_key_format 
- cert_crl_distribution_points 
- cert_ocsp_locations 
- cert_ocsp_issuers 
Note that it is not guaranteed that all parameters hold value.
API
When communicating with the backend this describes the
General requirements
Backend communications are made using AJAX and the HTTP PUT method. Every request need a Content-Type with the value of application/json.
Getting state
Body must conform to the example below.
{
    "type": "state"
}Starting an authentication
To start authentication send AJAX request.
{
    "type": "start",
    "data": {
    }
}Cancel a request
A request can be canceled at any time. This is done by sending a cancel request.
{
    "type": "cancel"
}Response from server
In general, you should expect a server response with http status code 200. Anything else is to be considered an error.
Response body will be in the form of a JSON object. Typically the response looks like:
{
    "status": "PENDING",
    "sithsStatus": "OUTSTANDING_TRANSACTION",
    "qrData": "<data for generating qr>",
    "pollFrequency": 2,
    "autostartToken": "<token>"
}Possible status messages
One of the following status codes is returned based on the current state. These statuses are of a more general type.
- ABOUT_TO_START 
- PENDING 
- COMPLETE 
- ERROR 
Possible sithsStatus messages
One of the following sithsStatus codes is returned based on the current state. These statuses are of a more granular type.
- OUTSTANDING_TRANSACTION 
- STARTED 
- USER_CANCEL 
- EXPIRED_TRANSACTION 
- INVALID_QR_CODE 
- CERTIFICATE_ERR 
- COMPLETE_FAILED 
Translation keys
Default translations provided:
English, assets/locales/en.json
{
  "siths.qr_or_app_switch.personal_identity_number": "Personal identity number",
  "siths.qr_or_app_switch.start_authentication": "Start authentication",
  "siths.qr_or_app_switch.open_app": "Open SITHS eID app",
  "siths.qr_or_app_switch.open_siths_app_on_this_device": "Log in using SITHS eID on this device",
  "siths.qr_or_app_switch.show_qr_code": "Show QR code for login",
  "siths.qr_or_app_switch.start_siths_app": "Open SITHS eID app",
  "siths.qr_or_app_switch.scan_qr_code": "Open SITHS eID app and scan QR code",
  "siths.qr_or_app_switch.qr_code_scanned": "QR code scanned",
  "siths.qr_or_app_switch.app_opened": "SITHS eID app opened",
  "siths.qr_or_app_switch.verify_authentication": "Verifify identification in the SITHS eID app",
  "siths.qr_or_app_switch.authentication_verified": "Identification verified",
  "siths.qr_or_app_switch.redirecting": "Redirecting...",
  "siths.qr_or_app_switch.start_app": "Start your SITHS eID app.",
  "siths.qr_or_app_switch.cancel": "Cancel",
  "siths.qr_or_app_switch.canceling": "Canceling...",
  "siths.qr_or_app_switch.USER_CANCEL": "Unknown error. Please try again.",
  "siths.qr_or_app_switch.EXPIRED_TRANSACTION": "The SITHS eID app is not responding. Please check that the program is started and that you have internet access. Try again.",
  "siths.qr_or_app_switch.INVALID_QR_CODE": "QR code is invalid. Please try again.",
  "siths.qr_or_app_switch.CERTIFICATE_ERR": "SITHS eID certificate is too old. Verify your SITHS eID",
  "siths.qr_or_app_switch.COMPLETE_FAILED": "Identification failed. Please try again.",
  "siths.qr_or_app_switch.ERROR": "Unknown error. Please try again.",
  "siths.qr_or_app_switch.UNKNOWN": "Unknown error. Please try again.",
  "siths.qr_or_app_switch.FAILED": "Identification failed. Please try again.",
  "siths.qr_or_app_switch.API_ERROR": "Unknown error. Please try again.",
  "allow-cookies-body": "To save your language settings on this device you need to approve a language cookie.",
  "allow-cookies-button": "Approve language cookie",
  "change_language": "",
  "request.timeout": "Request timed out. Please try again."
}
Swedish, assets/locales/sv.json
{
  "siths.qr_or_app_switch.personal_identity_number": "Personnummer",
  "siths.qr_or_app_switch.start_authentication": "Starta verifiering",
  "siths.qr_or_app_switch.open_app": "Öppna SITHS eID-appen",
  "siths.qr_or_app_switch.open_siths_app_on_this_device": "Logga in med SITHS eID på den här enheten",
  "siths.qr_or_app_switch.show_qr_code": "Visa QR-kod för inloggning",
  "siths.qr_or_app_switch.start_siths_app": "Öppna SITHS eID-appen",
  "siths.qr_or_app_switch.scan_qr_code": "Öppna SITHS eID-appen och skanna QR-koden",
  "siths.qr_or_app_switch.qr_code_scanned": "QR-koden har skannats",
  "siths.qr_or_app_switch.app_opened": "SITHS eID-appen öppnad",
  "siths.qr_or_app_switch.verify_authentication": "Bekräfta i SITHS eID-appen",
  "siths.qr_or_app_switch.authentication_verified": "Bekfräftat identitet",
  "siths.qr_or_app_switch.redirecting": "Omdirigerar...",
  "siths.qr_or_app_switch.start_app": "Starta SITHS eID-appen",
  "siths.qr_or_app_switch.cancel": "Avbryt",
  "siths.qr_or_app_switch.canceling": "Avbryter...",
  "siths.qr_or_app_switch.USER_CANCEL": "Åtgärden avbruten. Försök igen",
  "siths.qr_or_app_switch.EXPIRED_TRANSACTION": "SITHS eID-appen svarar inte. Kontrollera att den är startad och att du har internetanslutning. Försök igen",
  "siths.qr_or_app_switch.INVALID_QR_CODE": "QR-koden är ogiltig. Försök igen.",
  "siths.qr_or_app_switch.CERTIFICATE_ERR": "SITHS eID-certifikatet är för gammalt. Verifiera SitSITHShs eID-installationen",
  "siths.qr_or_app_switch.COMPLETE_FAILED": "Identifiering misslyckades. Försök igen.",
  "siths.qr_or_app_switch.ERROR": "Okänt fel. Försök igen.",
  "siths.qr_or_app_switch.UNKNOWN": "Okänt fel. Försök igen.",
  "siths.qr_or_app_switch.FAILED": "Legitimeringen misslyckades. Försök igen",
  "siths.qr_or_app_switch.API_ERROR": "Okänt fel. Försök igen.",
  "allow-cookies-body": "Vill du spara dina språkinställningar på denna enhet behövs ett godkännande av  språk-cookie.",
  "allow-cookies-button": "Godkänn språk-cookie",
  "change_language": "",
  "request.timeout": "Tidsgränsen för förfrågan har överskridits. Försök igen."
}