On mobile device
Use for mobile devices. Either scan QR code or on the same device using app switch. No user input is expected.
Configuration
Based on the BankID documentation found here:
https://www.bankid.com/utvecklare/guider/teknisk-integrationsguide
Common Authenticator configuration can be found here.
internal_http_destination
ID of the internal http client used to talk with BankID backend.
"default"
mode
Three modes are possible: "production"
, "test"
& "custom"
. Depending on the mode
, the URL used to talk to BankID differs.
"production"
custom_url
Defines a custom BankID backend URL. Only works if mode
is set to "custom"
.
N/A
custom_identifier
When logging events, the custom_identifier lets you tag the event.
N/A
requirement
Specifications on client requirements based on BankID relying-party documentation.
N/A
poll_frequency
How often should client poll for status updates (in seconds).
2
allowed_polling_for_minutes
How many minutes is client allowed to keep polling.
2
webroot_dir
See common authenticator configuration
web/authenticator/bankid/omd
Property base_path should not contain the full path when used in conjunction with the Selector, instead, the full URI will be handled by the selector. The full path will be base_path + / + id.
Logging
Apart from system logging, event logging is done when starting, completing, and failing a BankID transaction.
Event ids are:
WEB_100001, BankID authentication started
IDENTIFIER (user trace id)
SOURCE_ADDRESS (ip address of device starting transaction)
CUSTOMER_IDENTIFIER (if configured)
WEB_100002, BankID authentication completed
IDENTIFIER (user trace id)
SOURCE_ADDRESS (ip address of the BankID device used)
SOURCE_USER_NAME (personal number)
CUSTOMER_IDENTIFIER (if configured)
WEB_100003, BankID authentication failed
IDENTIFIER (user trace id)
SOURCE_ADDRESS (ip address of the BankID device used)
MESSAGE (information)
WEB_100004, BankID authentication canceled or expired
IDENTIFIER (user trace id)
SOURCE_ADDRESS (ip address of the BankID device used)
Data exposed to global state
After a user completes a transaction, the authenticator is marked as done. Data from the BankID authentication response is then put into the global state:
givenName
surname
name
personalNumber
ipAddress
ocsp
signature
Note that it is not guaranteed that all parameters hold value.
API
When communicating with the backend this describes the
General requirements
Backend communications are made using AJAX and the HTTP PUT method. Every request need a Content-Type with the value of application/json
.
Getting state
Body must conform to the example below.
{
"type": "state"
}
Starting an authentication
To start authentication send AJAX request.
{
"type": "start",
"data": {
}
}
Cancel a request
A request can be canceled at any time. This is done by sending a cancel request.
{
"type": "cancel"
}
Response from server
In general, you should expect a server response with http status code 200. Anything else is to be considered an error.
Response body will be in the form of a JSON object. Typically the response looks like:
{
"bidstatus": "PENDING",
"qrData": "<data for generating qr>",
"pollFrequency": 2,
"autostartToken": "<token>"
}
The property "bidstatus"
will contain status. Depending on state additional data may be included in the answer as shown above.
Possible status messages
One of the following status codes is returned based on the current state.
ABOUT_TO_START
PENDING
COMPLETE
BID_ERROR
ERROR
OUTSTANDINGTRANSACTION,
NOCLIENT
STARTED
USERSIGN
EXPIREDTRANSACTION
STARTFAILED
CANCELLED
USERCANCEL
CERTIFICATEERR
Translation keys
Default translations provided:
English, assets/locales/en.json
{
"bankid.omd.header": "Choose authentication method",
"bankid.omd.change_language": "Change language",
"bankid.omd.open_bankid_app": "Open BankID app",
"bankid.omd.open_bankid_app_on_this_device": "Log in using BankID on this device",
"bankid.omd.show_qr_code": "Show QR code for login",
"bankid.omd.bankid_app_opened": "BankID app opened",
"bankid.omd.verify_authentication": "Verifify identification",
"bankid.omd.authentication_verified": "Identification verified",
"bankid.omd.redirecting": "Redirecting...",
"bankid.omd.start_bankid_app": "Start your BankID app.",
"bankid.omd.cancel": "Cancel",
"bankid.omd.BID_ERROR": "Unknown error. Please try again.",
"bankid.omd.ERROR": "Unknown error. Please try again.",
"bankid.omd.NOCLIENT": "Starting the BankID application failed",
"bankid.omd.EXPIREDTRANSACTION": "The BankID app is not responding. Please check that the program is started and that you have internet access. If you don’t have a valid BankID you can get one from your bank. Try again.",
"bankid.omd.STARTFAILED": "Failed to scan the QR code. The QR code is no longer valid due to a timeout.\n Check that the BankID app is up to date. If you don't have the BankID app, you need to install it and order a BankID from your internet bank. Install the app from your app store or https://install.bankid.com.",
"bankid.omd.CANCELLED": "Action cancelled. Please try again.",
"bankid.omd.USERCANCEL": "Action cancelled. Please try again.",
"bankid.omd.CERTIFICATEERR": "The BankID you are trying to use is revoked or too old. Please use another BankID or order a new one from your internet bank.",
"allow-cookies-body": "To save your language settings on this device you need to approve a language cookie.",
"allow-cookies-button": "Approve language cookie",
"change_language": ""
}
Swedish, assets/locales/sv.json
{
"bankid.omd.header": "Välj inloggningsmetod",
"bankid.omd.open_bankid_app": "Öppna BankID-appen",
"bankid.omd.bankid_app_opened": "BankID-appen öppnad",
"bankid.omd.open_bankid_app_on_this_device": "Logga in med BankID på den här enheten",
"bankid.omd.show_qr_code": "Visa QR-kod för inloggning",
"bankid.omd.verify_authentication": "Verifiera legitimering",
"bankid.omd.authentication_verified": "Legitimeringen verifierad",
"bankid.omd.redirecting": "Omdirigerar...",
"bankid.omd.start_bankid_app": "Starta BankID-appen",
"bankid.omd.cancel": "Avbryt",
"bankid.omd.BID_ERROR": "Okänt fel. Försök igen.",
"bankid.omd.ERROR": "Okänt fel. Försök igen.",
"bankid.omd.NOCLIENT": "Start av BankID applikationen misslyckades",
"bankid.omd.EXPIREDTRANSACTION": "BankID-appen svarar inte. Kontrollera att den är startad och att du har internetanslutning. Om du inte har något giltigt BankID kan du hämta ett hos din Bank. Försök sedan igen",
"bankid.omd.STARTFAILED": "Misslyckades att läsa av QR koden. QR-koden är inte giltig längre pga timeout.\n Kontrollera att BankID-appen är uppdaterad. Om du inte har BankID-appen måste du installera den och hämta ett BankID hos din internetbank. Installera appen från din appbutik eller https://install.bankid.com. Påbörja sedan en ny inloggning.",
"bankid.omd.CANCELLED": "Åtgärden avbruten. Försök igen",
"bankid.omd.USERCANCEL": "Åtgärden avbruten. Försök igen",
"bankid.omd.CERTIFICATEERR": "Det BankID du försöker använda är för gammalt eller spärrat. Använd ett annat BankID eller hämta ett nytt hos din internetbank.",
"allow-cookies-body": "Vill du spara dina språkinställningar på denna enhet behövs ett godkännande av språk-cookie.",
"allow-cookies-button": "Godkänn språk-cookie",
"change_language": ""
}
Exposed metric
Gauges
ffidAuthnHttp_pending.name.<authenticator_id>_collect - indicates how many collect requests hans been sent out and is awaiting response
ffidAuthnHttp_pending.name.<authenticator_id>_start - indicates how many start requests hans been sent out and is awaiting response
Meters
ffidAuthnHttp_failure.name.<authenticator_id>_collect - indicates number of failed status collects.
ffidAuthnHttp_failure.name.<authenticator_id>_start - indicates number of failed bank id start.
ffidAuthnHttp_success.name.<authenticator_id>_start - indicates number of successful bank id starts
ffidAuthnHttp_success.name.<authenticator_id>_collect - indicates number of successful bank id
collects
Timers
ffidAuthnHttp_request.name.<authenticator_id>_collect - Tracks the time of a collect round trip.
ffidAuthnHttp_request.name.<authenticator_id>_start - Tracks the time of a collect round trip.