With QR or "app-switch"
This authenticator expects users either scan a QR code or "app-switch". If executed on a mobile device Freja application is opened automatically.
Configuration
Based on the Freja e-ID documentation found here:
Freja eID Relying Party Developers' Documentation
Common Authenticator configuration can be found here.
internal_http_destination
ID of the internal http client used to talk with backend.
N/A
mode
Four modes are possible: "prod_personal"
, "test_personal"
, "prod_org"
& "test_org"
. Depending on the mode, the URL used to talk to Freja backen differs.
"prod_personal"
attributesToReturn
Array of attributes to return to the server after completed authentication. See allowed values in Freja documentation.
N/A
minRegistrationLevel
Required registration level. Allowed values are "BASIC"
, "EXTENDED"
or "PLUS"
"PLUS"
relyingPartyId
Value of the relying party ID to be used
N/A
custom_identifier
When logging events, the custom_identifier lets you tag the event.
N/A
webroot_dir
See common authenticator configuration
web/authenticator/freja/freja_qr_or_appswitch
Property base_path should not contain the full path when used in conjunction with the Selector, instead, the full URI will be handled by the selector. The full path will be base_path + / + id.
Logging
Apart from system logging, event logging is done when starting, completing, and failing a transaction.
Event ids are:
WEB_100005("Freja authentication started")
IDENTIFIER (user trace id)
SOURCE_ADDRESS (ip address of device starting transaction)
CUSTOMER_IDENTIFIER (if configured)
WEB_100006("Freja authentication completed")
IDENTIFIER (user trace id)
SOURCE_ADDRESS (ip address of the device used)
CUSTOMER_IDENTIFIER (if configured)
WEB_100008("Freja authentication canceled or expired")
IDENTIFIER (user trace id)
SOURCE_ADDRESS (ip address of the device used)
CUSTOMER_IDENTIFIER (if configured)
Data exposed to global state
After a user completes a transaction, the authenticator is marked as done. Data from the authentication response is then put into the global state, replacing existing values:
details
givenName
surName
ssn
co
mail
organisationIdIdentifier
integratorSpecificUserId
relyingPartyUserId
registrationLevel
loaLevel
uniquePersonalIdentifier
Note that it is not guaranteed that all parameters hold value. The result varies depending on the configuration
API
When communicating with the backend this describes the
General requirements
Backend communications are made using AJAX and the HTTP PUT method. Every request need a Content-Type with the value of application/json
.
Getting state
Body must conform to the example below.
{
"type": "state"
}
Starting an authentication
To start authentication send AJAX request containing the user's identifier, 12 digits.
{
"type": "start",
"data": {
"identifier": "<user_data>"
}
}
Cancel a request
A request can be canceled at any time. This is done by sending a cancel request.
{
"type": "cancel"
}
Response from server
In general, you should expect a server response with http status code 200. Anything else is to be considered an error.
Response body will be in the form of a JSON object. Typically the response looks like:
{
"status": "ABOUT_TO_START",
"frejaSta": "",
"authRef": ""
}
The property "status"
will contain status.
Possible status messages
One of the following status codes is returned based on the current state.
ABOUT_TO_START
PENDING
COMPLETED
FREJA_ERROR
ERROR
Possible frejaStatus messages
One of the following frejaStatus codes is returned based on the current state.
STARTED
DELIVERED_TO_MOBILE
CANCELED
RP_CANCELED
EXPIRED
APPROVED
REJECTED
UNKNOWN
Data in authRef
Once the authentication process has started the identifier generated by the Freja-backed server is sent back to the client in parameter authRef.
Translation keys
{
"freja.qr_or_app_switch.personal_identity_number": "Personal identity number",
"freja.qr_or_app_switch.start_authentication": "Start authentication",
"freja.qr_or_app_switch.open_app": "Open Freja app",
"freja.qr_or_app_switch.open_freja_app_on_this_device": "Log in using Freja on this device",
"freja.qr_or_app_switch.show_qr_code": "Show QR code for login",
"freja.qr_or_app_switch.start_freja_app": "Open Freja app",
"freja.qr_or_app_switch.scan_qr_code": "Open Freja app and scan QR code",
"freja.qr_or_app_switch.qr_code_scanned": "QR code scanned",
"freja.qr_or_app_switch.app_opened": "Freja app opened",
"freja.qr_or_app_switch.verify_authentication": "Verifify identification in the Freja app",
"freja.qr_or_app_switch.authentication_verified": "Identification verified",
"freja.qr_or_app_switch.redirecting": "Redirecting...",
"freja.qr_or_app_switch.start_app": "Start your Freja app.",
"freja.qr_or_app_switch.cancel": "Cancel",
"freja.qr_or_app_switch.canceling": "Canceling...",
"freja.qr_or_app_switch.ERROR": "Unknown error. Please try again.",
"freja.qr_or_app_switch.UNKNOWN": "Unknown error. Please try again.",
"freja.qr_or_app_switch.CANCELED": "Action cancelled. Please try again.",
"freja.qr_or_app_switch.EXPIRED": "The Freja eID app is not responding. Please check that the program is started and that you have internet access.",
"freja.qr_or_app_switch.REJECTED": "Authentication denied",
"freja.qr_or_app_switch.RP_CANCELED": "Action cancelled. Please try again.",
"freja.qr_or_app_switch.INTERRUPTED": "Action cancelled. Please try again.",
"freja.qr_or_app_switch.API_ERROR": "Unknown error. Please try again.",
"allow-cookies-body": "To save your language settings on this device you need to approve a language cookie.",
"allow-cookies-button": "Approve language cookie",
"change_language": ""
}
{
"freja.qr_or_app_switch.personal_identity_number": "Personnummer",
"freja.qr_or_app_switch.start_authentication": "Starta verifiering",
"freja.qr_or_app_switch.open_app": "Öppna Freja eID-appen",
"freja.qr_or_app_switch.open_freja_app_on_this_device": "Logga in med Freja på den här enheten",
"freja.qr_or_app_switch.show_qr_code": "Visa QR-kod för inloggning",
"freja.qr_or_app_switch.start_freja_app": "Öppna Freja eID-appen",
"freja.qr_or_app_switch.scan_qr_code": "Öppna Freja eID-appen och skanna QR-koden",
"freja.qr_or_app_switch.qr_code_scanned": "QR-koden har skannats",
"freja.qr_or_app_switch.app_opened": "Freja eID-appen öppnad",
"freja.qr_or_app_switch.verify_authentication": "Bekräfta i Freja eID-appen",
"freja.qr_or_app_switch.authentication_verified": "Bekfräftat identitet",
"freja.qr_or_app_switch.redirecting": "Omdirigerar...",
"freja.qr_or_app_switch.start_app": "Starta Freja eID-appen",
"freja.qr_or_app_switch.cancel": "Avbryt",
"freja.qr_or_app_switch.canceling": "Avbryter...",
"freja.qr_or_app_switch.ERROR": "Okänt fel. Försök igen.",
"freja.qr_or_app_switch.UNKNOWN": "Okänt fel. Försök igen.",
"freja.qr_or_app_switch.CANCELED": "Åtgärden avbruten. Försök igen",
"freja.qr_or_app_switch.EXPIRED": "Freja eID-appen svarar inte. Kontrollera att den är startad och att du har internetanslutning.",
"freja.qr_or_app_switch.REJECTED": "Legitimeringen nekad",
"freja.qr_or_app_switch.RP_CANCELED": "Åtgärden avbruten. Försök igen",
"freja.qr_or_app_switch.INTERRUPTED": "Åtgärden avbruten. Försök igen",
"freja.qr_or_app_switch.API_ERROR": "Okänt fel. Försök igen.",
"allow-cookies-body": "Vill du spara dina språkinställningar på denna enhet behövs ett godkännande av språk-cookie.",
"allow-cookies-button": "Godkänn språk-cookie",
"change_language": ""
}