On mobile device
Use for mobile devices. Either scan QR code or on the same device using app switch. No user input is expected.
Configuration
Based on the BankID documentation found here:
https://www.bankid.com/utvecklare/guider/teknisk-integrationsguide
Authenticator type: BidOnMobileDevice
Common Authenticator configuration can be found here.
internal_http_destination
ID of the internal http client used to talk with BankID backend.
"default"
mode
Three modes are possible: "production"
, "test"
& "custom"
. Depending on the mode
, the URL used to talk to BankID differs.
"production"
custom_url
Defines a custom BankID backend URL. Only works if mode
is set to "custom"
.
N/A
custom_identifier
When logging events, the custom_identifier lets you tag the event.
N/A
requirement
Specifications on client requirements based on BankID relying-party documentation.
N/A
poll_frequency
How often should client poll for status updates (in seconds).
2
allowed_polling_for_minutes
How many minutes is client allowed to keep polling.
2
Property base_path should not contain the full path when used in conjunction with the Selector, instead, the full URI will be handled by the selector. The full path will be base_path + / + id.
Logging
Apart from system logging, event logging is done when starting, completing, and failing a BankID transaction.
Event ids are:
WEB_100001, BankID authentication started
IDENTIFIER (user trace id)
SOURCE_ADDRESS (ip address of device starting transaction)
CUSTOMER_IDENTIFIER (if configured)
WEB_100002, BankID authentication completed
IDENTIFIER (user trace id)
SOURCE_ADDRESS (ip address of the BankID device used)
SOURCE_USER_NAME (personal number)
CUSTOMER_IDENTIFIER (if configured)
WEB_100003, BankID authentication failed
IDENTIFIER (user trace id)
SOURCE_ADDRESS (ip address of the BankID device used)
MESSAGE (information)
WEB_100004, BankID authentication canceled or expired
IDENTIFIER (user trace id)
SOURCE_ADDRESS (ip address of the BankID device used)
Data exposed to global state
After a user completes a transaction, the authenticator is marked as done. Data from the BankID authentication response is then put into the global state:
givenName
surname
name
personalNumber
ipAddress
ocsp
signature
Note that it is not guaranteed that all parameters hold value.
API
When communicating with the backend this describes the
General requirements
Backend communications are made using AJAX and the HTTP PUT method. Every request need a Content-Type with the value of application/json
.
Getting state
Body must conform to the example below.
Starting an authentication
To start authentication send AJAX request.
Cancel a request
A request can be canceled at any time. This is done by sending a cancel request.
Response from server
In general, you should expect a server response with http status code 200. Anything else is to be considered an error.
Response body will be in the form of a JSON object. Typically the response looks like:
The property "bidstatus"
will contain status. Depending on state additional data may be included in the answer as shown above.
Possible status messages
One of the following status codes is returned based on the current state.
ABOUT_TO_START
PENDING
COMPLETE
BID_ERROR
ERROR
OUTSTANDINGTRANSACTION,
NOCLIENT
STARTED
USERSIGN
EXPIREDTRANSACTION
STARTFAILED
CANCELLED
USERCANCEL
CERTIFICATEERR
Translation keys
Default translations provided:
English, assets/locales/en.json
Swedish, assets/locales/sv.json
Exposed metric
Gauges
ffidAuthnHttp_pending.name.<authenticator_id>_collect - indicates how many collect requests hans been sent out and is awaiting response
ffidAuthnHttp_pending.name.<authenticator_id>_start - indicates how many start requests hans been sent out and is awaiting response
Meters
ffidAuthnHttp_failure.name.<authenticator_id>_collect - indicates number of failed status collects.
ffidAuthnHttp_failure.name.<authenticator_id>_start - indicates number of failed bank id start.
ffidAuthnHttp_success.name.<authenticator_id>_start - indicates number of successful bank id starts
ffidAuthnHttp_success.name.<authenticator_id>_collect - indicates number of successful bank id
collects
Timers
ffidAuthnHttp_request.name.<authenticator_id>_collect - Tracks the time of a collect round trip.
ffidAuthnHttp_request.name.<authenticator_id>_start - Tracks the time of a collect round trip.