On another device
This authenticator expects users to input their Swedish personal number, 12 digits only. No "samordningsnummer".
Configuration
Based on the BankID documentation found here:
https://www.bankid.com/utvecklare/guider/teknisk-integrationsguide
Common Authenticator configuration can be found here.
internal_http_destination
ID of the internal http client used to talk with BankID backend.
"default"
mode
Three modes are possible: "production"
, "test"
& "custom"
. Depending on the mode, the URL used to talk to BankID differs.
"production"
custom_url
Defines a custom BankID backend URL. Only works if mode
is set to "custom"
.
N/A
custom_identifier
When logging events, the custom_identifier lets you tag the event.
N/A
requirement
Specifications on client requirements based on BankID relying-party documentation.
N/A
poll_frequency
How often should client poll for status updates. In seconds.
2
allowed_polling_for_minutes
How many minutes is client allowed to keep polling.
2
webroot_dir
See common authenticator configuration
web/authenticator/bankid/osd
Property base_path should not contain the full path when used in conjunction with the Selector, instead, the full URI will be handled by the selector. The full path will be base_path + / + id.
Logging
Apart from system logging, event logging is done when starting, completing, and failing a BankID transaction.
Event ids are:
WEB_100001, BankID authentication started
IDENTIFIER (user trace id)
SOURCE_ADDRESS (ip address of device starting transaction)
SOURCE_USER_NAME (personal number)
CUSTOMER_IDENTIFIER (if configured)
WEB_100002, BankID authentication completed
IDENTIFIER (user trace id)
SOURCE_ADDRESS (ip address of the BankID device used)
CUSTOMER_IDENTIFIER (if configured)
SOURCE_USER_NAME (personal number)
WEB_100003, BankID authentication failed
IDENTIFIER (user trace id)
SOURCE_ADDRESS (ip address of the BankID device used)
MESSAGE (information)
WEB_100004, BankID authentication canceled or expired
IDENTIFIER (user trace id)
SOURCE_ADDRESS (ip address of the BankID device used)
Data exposed to global state
After a user completes a transaction, the authenticator is marked as done. Data from the BankID authentication response is then put into the global state:
givenName
surname
name
personalNumber
ipAddress
ocsp
signature
Note that it is not guaranteed that all parameters hold value.
API
When communicating with the backend this describes the
General requirements
Backend communications are made using AJAX and the HTTP PUT method. Every request need a Content-Type with the value of application/json
.
Getting state
Body must conform to the example below.
{
"type": "state"
}
Starting an authentication
To start authentication send AJAX request containing the user's "personnummer" (12 digits).
{
"type": "start",
"data": {
"pnr": "<user_data>"
}
}
Cancel a request
A request can be canceled at any time. This is done by sending a cancel request.
{
"type": "cancel"
}
Response from server
In general, you should expect a server response with http status code 200. Anything else is to be considered an error.
Response body will be in the form of a JSON object. Typically the response looks like:
{
"bidstatus": "ABOUT_TO_START"
}
The property "bidstatus"
will contain status.
Possible status messages
One of the following status codes is returned based on the current state.
ABOUT_TO_START
PENDING
COMPLETE
BID_ERROR
ERROR
OUTSTANDINGTRANSACTION,
NOCLIENT
STARTED
USERSIGN
EXPIREDTRANSACTION
STARTFAILED
CANCELLED
USERCANCEL
CERTIFICATEERR
Translation keys
Default translations provided:
English, assets/locales/en.json
{
"bankid.ood.personal_identity_number": "Personal identity number",
"bankid.ood.start_authentication": "Start authentication",
"bankid.ood.open_bankid_app": "Open BankID app",
"bankid.ood.bankid_app_opened": "BankID app opened",
"bankid.ood.open_bankid_app_on_this_device": "Log in using BankID on this device",
"bankid.ood.verify_authentication": "Verifify identification",
"bankid.ood.authentication_verified": "Identification verified",
"bankid.ood.redirecting": "Redirecting...",
"bankid.ood.start_bankid_app": "Start your BankID app.",
"bankid.ood.cancel": "Cancel",
"bankid.ood.BID_ERROR": "Unknown error. Please try again.",
"bankid.ood.ERROR": "Unknown error. Please try again.",
"bankid.ood.NOCLIENT": "Starting the BankID application failed",
"bankid.ood.EXPIREDTRANSACTION": "The BankID app is not responding. Please check that the program is started and that you have internet access. If you don’t have a valid BankID you can get one from your bank. Try again.",
"bankid.ood.STARTFAILED": "The BankID app couldn’t be found on your computer or mobile device. Please install it and order a BankID from your internet bank. Install the app from your app store or https://install.bankid.com.",
"bankid.ood.CANCELLED": "Action cancelled. Please try again.",
"bankid.ood.USERCANCEL": "Action cancelled. Please try again.",
"bankid.ood.CERTIFICATEERR": "The BankID you are trying to use is revoked or too old. Please use another BankID or order a new one from your internet bank.",
"allow-cookies-body": "To save your language settings on this device you need to approve a language cookie.",
"allow-cookies-button": "Approve language cookie",
"change_language": ""
}
Swedish, assets/locales/sv.json
{
"bankid.ood.personal_identity_number": "Personnummer",
"bankid.ood.start_authentication": "Starta verifiering",
"bankid.ood.open_bankid_app": "Öppna BankID-appen",
"bankid.ood.bankid_app_opened": "BankID-appen öppnad",
"bankid.ood.open_bankid_app_on_this_device": "Logga in med BankID på den här enheten",
"bankid.ood.verify_authentication": "Verifiera legitimering",
"bankid.ood.authentication_verified": "Legitimeringen verifierad",
"bankid.ood.redirecting": "Omdirigerar...",
"bankid.ood.start_bankid_app": "Starta BankID-appen",
"bankid.ood.cancel": "Avbryt",
"bankid.ood.BID_ERROR": "Okänt fel. Försök igen.",
"bankid.ood.ERROR": "Okänt fel. Försök igen.",
"bankid.ood.NOCLIENT": "Start av BankID applikationen misslyckades",
"bankid.ood.EXPIREDTRANSACTION": "BankID-appen svarar inte. Kontrollera att den är startad och att du har internetanslutning. Om du inte har något giltigt BankID kan du hämta ett hos din Bank. Försök sedan igen",
"bankid.ood.STARTFAILED": "BankID-appen verkar inte finnas i din dator eller telefon. Installera den och hämta ett BankID hos din internetbank. Installera appen från din appbutik eller https://install.bankid.com.",
"bankid.ood.CANCELLED": "Åtgärden avbruten. Försök igen",
"bankid.ood.USERCANCEL": "Åtgärden avbruten. Försök igen",
"bankid.ood.CERTIFICATEERR": "Det BankID du försöker använda är för gammalt eller spärrat. Använd ett annat BankID eller hämta ett nytt hos din internetbank.",
"allow-cookies-body": "Vill du spara dina språkinställningar på denna enhet behövs ett godkännande av språk-cookie.",
"allow-cookies-button": "Godkänn språk-cookie",
"change_language": ""
}
Exposed metric
Gauges
ffidAuthnHttp_pending.name.<authenticator_id>_collect - indicates how many collect requests hans been sent out and is awaiting response
ffidAuthnHttp_pending.name.<authenticator_id>_start - indicates how many start requests hans been sent out and is awaiting response
Meters
ffidAuthnHttp_failure.name.<authenticator_id>_collect - indicates number of failed status collects.
ffidAuthnHttp_failure.name.<authenticator_id>_start - indicates number of failed bank id start.
ffidAuthnHttp_success.name.<authenticator_id>_start - indicates number of successful bank id starts
ffidAuthnHttp_success.name.<authenticator_id>_collect - indicates number of successful bank id
collects
Timers
ffidAuthnHttp_request.name.<authenticator_id>_collect - Tracks the time of a collect round trip.
ffidAuthnHttp_request.name.<authenticator_id>_start - Tracks the time of a collect round trip.