On same device

No user input is expected. Authentication is achieved through "app-switching".

Based on the Pointsharp Net iD Access server documentation found here:

Web server interface

Configuration

Authenticator type: NiasOnSameDevice

Common Authenticator configuration can be found here.

Name Description Default value Mandatory

Name	Description	Default value	Mandatory
`internal_http_destination`	ID of the internal http client used to talk with backend.	N/A
`backend_url`	Url to the backend server.	N/A

internal_http_destination

ID of the internal http client used to talk with backend.

N/A

backend_url

Url to the backend server.

N/A

{
	"id": "onsamedevice",
	"type": "NiasOnSameDevice",
	"config": {
		"base_path": "/test/authn",
		"webroot_dir": "web/authenticator/nias/niasomd",
		"backend_url": "https://showroom.secmaker.com/nias/ServiceServer.asmx"
	}
}

Property base_path should not contain the full path when used in conjunction with the Selector, instead, the full URI will be handled by the selector. The full path will be base_path + / + id.

Logging

Apart from system logging, event logging is done when starting, completing, and failing a transaction.

Event ids are:

WEB_100009("NetID Access authentication started"),
- IDENTIFIER (user trace id)
- SOURCE_ADDRESS (ip address of device starting transaction)
- CUSTOMER_IDENTIFIER (if configured)
WEB_100010("NetID Access authentication completed"),
- IDENTIFIER (user trace id)
- SOURCE_ADDRESS (ip address of the device used)
- CUSTOMER_IDENTIFIER (if configured)
WEB_100011("NetID Access authentication failed"),
- IDENTIFIER (user trace id)
- SOURCE_ADDRESS (ip address of the device used)
- CUSTOMER_IDENTIFIER (if configured)
- MESSAGE (Detail from Net Id Access server)
WEB_100012("NetID Access authentication canceled or expired")
- IDENTIFIER (user trace id)
- SOURCE_ADDRESS (ip address of the device used)
- CUSTOMER_IDENTIFIER (if configured)
- MESSAGE (Detail from Net Id Access server)

Data exposed to global state

After a user completes a transaction, the authenticator is marked as done. Data from the authentication response is then put into the global state replacing old values:

givenName
surName
name
personalNumber
certificate
userID
deviceAddress
deviceName
deviceVersion

Note that it is not guaranteed that all parameters hold value. The result varies depending on the configuration.

API

When communicating with the backend this describes the

General requirements

Backend communications are made using AJAX and the HTTP PUT method. Every request need a Content-Type with the value of application/json.

Getting state

Body must conform to the example below.

{
    "type": "state"
}

Starting an authentication

To start authentication send AJAX request containing the user's identifier, 12 digits.

{
    "type": "start",
    "data": {
    }
}

Cancel a request

A request can be canceled at any time. This is done by sending a cancel request.

{
    "type": "cancel"
}

Response from server

In general, you should expect a server response with http status code 200. Anything else is to be considered an error.

Response body will be in the form of a JSON object. Typically the response looks like:

{
    "status": "ABOUT_TO_START",
    "niasStatus": "",
    "authRef": ""
}

The property "status" will contain status.

Possible status messages

One of the following status codes is returned based on the current state.

ABOUT_TO_START
PENDING
COMPLETED
FREJA_ERROR
ERROR

Possible niasStatus messages

One of the following niasStatus codes is returned based on the current state.

INVALID_PARAMETERS
ACCESS_DENIED_RP
SIGN_VALIDATION_FAILED
RETRY
USER_SIGN
COMPLETE
USER_BLOCKED
INTERNAL_ERROR
UNKNOWN_USER
ALREADY_COLLECTED
INVALID_DEVICESW
ALREADY_IN_PROGRESS
USER_CANCEL, CANCELLED,
EXPIRED_TRANSACTION
OUTSTANDING_TRANSACTION
PENDING
UNKNOWN

Data in authRef

Once the authentication process has started the identifier generated by the Nias-backed server is sent back to the client in parameter authRef.

Translation keys

{
  "nias.omd.start_authentication": "Start authentication",
  "nias.omd.start_nias_app": "Open Net iD app",
  "nias.omd.open_app": "Open Net iD app",
  "nias.omd.app_opened": "Net iD app opened",
  "nias.omd.verify_authentication": "Verifify identification",
  "nias.omd.authentication_verified": "Identification verified",
  "nias.omd.redirecting": "Redirecting...",
  "nias.omd.start_app": "Start your Net iD app.",
  "nias.omd.cancel": "Cancel",
  "nias.omd.UNKNOWN": "Unknown error. Please try again.",
  "nias.omd.CANCELED": "Action cancelled. Please try again.",
  "nias.omd.EXPIRED": "The Net iD app is not responding. Please check that the program is started and that you have internet access.",
  "nias.omd.REJECTED": "Authentication denied",
  "nias.omd.RP_CANCELED": "Action cancelled. Please try again.",
  "nias.omd.INVALID_PARAMETERS": "Invalid parameters. Please try again.",
  "nias.omd.INTERNAL_ERROR": "Internal error. Please try again",
  "nias.omd.CANCELLED": "Action cancelled. Please try again",
  "nias.omd.USER_CANCEL": "Action cancelled",
  "nias.omd.UNKNOWN_USER": "Unknown user",
  "nias.omd.ALREADY_COLLECTED": "Already collected. Please try again.",
  "nias.omd.INVALID_DEVICESW": "Invalid device software. Please update your Net iD app.",
  "nias.omd.ALREADY_IN_PROGRESS": "Already in progress",
  "nias.omd.EXPIRED_TRANSACTION": "The queried transaction has expired.",
  "nias.omd.SIGN_VALIDATION_FAILED": "Sign validation failed",
  "nias.omd.RETRY": "Retry. Please try again.",
  "nias.omd.ACCESS_DENIED_RP": "Access denied",
  "allow-cookies-body": "To save your language settings on this device you need to approve a language cookie.",
  "allow-cookies-button": "Approve language cookie",
  "change_language": ""
}

{
  "nias.omd.start_authentication": "Starta verifiering",
  "nias.omd.start_nias_app": "Öppna Net iD-appen",
  "nias.omd.open_app": "Öppna Net iD-appen",
  "nias.omd.app_opened": "Net iD-appen öppnad",
  "nias.omd.verify_authentication": "Verifiera legitimering",
  "nias.omd.authentication_verified": "Legitimeringen verifierad",
  "nias.omd.redirecting": "Omdirigerar...",
  "nias.omd.start_app": "Starta nias Net iD-appen",
  "nias.omd.cancel": "Avbryt",
  "nias.omd.UNKNOWN": "Okänt fel. Försök igen.",
  "nias.omd.CANCELED": "Åtgärden avbruten. Försök igen",
  "nias.omd.EXPIRED": "Net iD-appen svarar inte. Kontrollera att den är startad och att  du har internetanslutning.",
  "nias.omd.REJECTED": "Legitimeringen nekad",
  "nias.omd.RP_CANCELED": "Åtgärden avbruten. Försök igen",
  "nias.omd.API_ERROR": "Okänt fel. Försök igen.",
  "nias.omd.INVALID_PARAMETERS": "Felaktiga parametrar. Försök igen.",
  "nias.omd.INTERNAL_ERROR": "Internt fel. Försök igen.",
  "nias.omd.CANCELLED": "Åtgärden avbruten",
  "nias.omd.USER_CANCEL": "Åtgärden avbruten",
  "nias.omd.UNKNOWN_USER": "Okänd användare",
  "nias.omd.ALREADY_COLLECTED": "Autentiseringsuppgifterna har redan hämtats",
  "nias.omd.INVALID_DEVICESW": "Felaktig mjukvara. Uppdatera Net iD-appen.",
  "nias.omd.ALREADY_IN_PROGRESS": "Åtgärden pågår redan",
  "nias.omd.EXPIRED_TRANSACTION": "Transaktionen har gått ut",
  "nias.omd.SIGN_VALIDATION_FAILED": "Signaturvalidering misslyckades",
  "nias.omd.RETRY": "Försök igen",
  "nias.omd.ACCESS_DENIED_RP": "Åtkomst nekad",
  "allow-cookies-body": "Vill du spara dina språkinställningar på denna enhet behövs ett godkännande av  språk-cookie.",
  "allow-cookies-button": "Godkänn språk-cookie",
  "change_language": ""
}

PreviousOn another device NextIntegrated windows login, IWA

Last updated 1 year ago