With QR or "app-switch"

This authenticator expects users either scan a QR code or "app-switch". If executed on a mobile device Freja application is opened automatically.

Configuration

Based on the Freja e-ID documentation found here:

https://org.frejaeid.com/en/developers-section/

Authenticator type: FrejaWithQRCode

Common Authenticator configuration can be found here.

Name
Description
Default value
Mandatory

internal_http_destination

ID of the internal http client used to talk with backend.

N/A

mode

Four modes are possible: "prod_personal", "test_personal" , "prod_org" & "test_org". Depending on the mode, the URL used to talk to Freja backen differs.

"prod_personal"

attributesToReturn

Array of attributes to return to the server after completed authentication. See allowed values in Freja documentation.

N/A

minRegistrationLevel

Required registration level. Allowed values are "BASIC", "EXTENDED" or "PLUS"

"PLUS"

relyingPartyId

Value of the relying party ID to be used

N/A

custom_identifier

When logging events, the custom_identifier lets you tag the event.

N/A

Property base_path should not contain the full path when used in conjunction with the Selector, instead, the full URI will be handled by the selector. The full path will be base_path + / + id.

Logging

Apart from system logging, event logging is done when starting, completing, and failing a transaction.

Event ids are:

  • WEB_100005("Freja authentication started")

    • IDENTIFIER (user trace id)

    • SOURCE_ADDRESS (ip address of device starting transaction)

    • CUSTOMER_IDENTIFIER (if configured)

  • WEB_100006("Freja authentication completed")

    • IDENTIFIER (user trace id)

    • SOURCE_ADDRESS (ip address of the device used)

    • CUSTOMER_IDENTIFIER (if configured)

  • WEB_100008("Freja authentication canceled or expired")

    • IDENTIFIER (user trace id)

    • SOURCE_ADDRESS (ip address of the device used)

    • CUSTOMER_IDENTIFIER (if configured)

Data exposed to global state

After a user completes a transaction, the authenticator is marked as done. Data from the authentication response is then put into the global state, replacing existing values:

  • details

  • givenName

  • surName

  • ssn

  • co

  • mail

  • organisationIdIdentifier

  • integratorSpecificUserId

  • relyingPartyUserId

  • registrationLevel

Note that it is not guaranteed that all parameters hold value. The result varies depending on the configuration

API

When communicating with the backend this describes the

General requirements

Backend communications are made using AJAX and the HTTP PUT method. Every request need a Content-Type with the value of application/json.

Getting state

Body must conform to the example below.

{
    "type": "state"
}

Starting an authentication

To start authentication send AJAX request containing the user's identifier, 12 digits.

{
    "type": "start",
    "data": {
        "identifier": "<user_data>"
    }
}

Cancel a request

A request can be canceled at any time. This is done by sending a cancel request.

{
    "type": "cancel"
}

Response from server

In general, you should expect a server response with http status code 200. Anything else is to be considered an error.

Response body will be in the form of a JSON object. Typically the response looks like:

{
    "status": "ABOUT_TO_START",
    "frejaSta": "",
    "authRef": ""
}

The property "status" will contain status.

Possible status messages

One of the following status codes is returned based on the current state.

  • ABOUT_TO_START

  • PENDING

  • COMPLETED

  • FREJA_ERROR

  • ERROR

Possible frejaStatus messages

One of the following frejaStatus codes is returned based on the current state.

  • STARTED

  • DELIVERED_TO_MOBILE

  • CANCELED

  • RP_CANCELED

  • EXPIRED

  • APPROVED

  • REJECTED

  • UNKNOWN

Data in authRef

Once the authentication process has started the identifier generated by the Freja-backed server is sent back to the client in parameter authRef.

Translation keys

{
  "freja.qr_or_app_switch.personal_identity_number": "Personal identity number",
  "freja.qr_or_app_switch.start_authentication": "Start authentication",
  "freja.qr_or_app_switch.open_app": "Open Freja app",
  "freja.qr_or_app_switch.open_freja_app_on_this_device": "Log in using Freja on this device",
  "freja.qr_or_app_switch.show_qr_code": "Show QR code for login",
  "freja.qr_or_app_switch.start_freja_app": "Open Freja app",
  "freja.qr_or_app_switch.scan_qr_code": "Open Freja app and scan QR code",
  "freja.qr_or_app_switch.qr_code_scanned": "QR code scanned",
  "freja.qr_or_app_switch.app_opened": "Freja app opened",
  "freja.qr_or_app_switch.verify_authentication": "Verifify identification in the Freja app",
  "freja.qr_or_app_switch.authentication_verified": "Identification verified",
  "freja.qr_or_app_switch.redirecting": "Redirecting...",
  "freja.qr_or_app_switch.start_app": "Start your Freja app.",
  "freja.qr_or_app_switch.cancel": "Cancel",
  "freja.qr_or_app_switch.canceling": "Canceling...",
  "freja.qr_or_app_switch.ERROR": "Unknown error. Please try again.",
  "freja.qr_or_app_switch.UNKNOWN": "Unknown error. Please try again.",
  "freja.qr_or_app_switch.CANCELED": "Action cancelled. Please try again.",
  "freja.qr_or_app_switch.EXPIRED": "The Freja eID app is not responding. Please check that the program is started and that you have internet access.",
  "freja.qr_or_app_switch.REJECTED": "Authentication denied",
  "freja.qr_or_app_switch.RP_CANCELED": "Action cancelled. Please try again.",
  "freja.qr_or_app_switch.INTERRUPTED": "Action cancelled. Please try again.",
  "freja.qr_or_app_switch.API_ERROR": "Unknown error. Please try again.",
  "allow-cookies-body": "To save your language settings on this device you need to approve a language cookie.",
  "allow-cookies-button": "Approve language cookie",
  "change_language": ""
}
{
  "freja.qr_or_app_switch.personal_identity_number": "Personnummer",
  "freja.qr_or_app_switch.start_authentication": "Starta verifiering",
  "freja.qr_or_app_switch.open_app": "Öppna Freja eID-appen",
  "freja.qr_or_app_switch.open_freja_app_on_this_device": "Logga in med Freja på den här enheten",
  "freja.qr_or_app_switch.show_qr_code": "Visa QR-kod för inloggning",
  "freja.qr_or_app_switch.start_freja_app": "Öppna Freja eID-appen",
  "freja.qr_or_app_switch.scan_qr_code": "Öppna Freja eID-appen och skanna QR-koden",
  "freja.qr_or_app_switch.qr_code_scanned": "QR-koden har skannats",
  "freja.qr_or_app_switch.app_opened": "Freja eID-appen öppnad",
  "freja.qr_or_app_switch.verify_authentication": "Bekräfta i Freja eID-appen",
  "freja.qr_or_app_switch.authentication_verified": "Bekfräftat identitet",
  "freja.qr_or_app_switch.redirecting": "Omdirigerar...",
  "freja.qr_or_app_switch.start_app": "Starta Freja eID-appen",
  "freja.qr_or_app_switch.cancel": "Avbryt",
  "freja.qr_or_app_switch.canceling": "Avbryter...",
  "freja.qr_or_app_switch.ERROR": "Okänt fel. Försök igen.",
  "freja.qr_or_app_switch.UNKNOWN": "Okänt fel. Försök igen.",
  "freja.qr_or_app_switch.CANCELED": "Åtgärden avbruten. Försök igen",
  "freja.qr_or_app_switch.EXPIRED": "Freja eID-appen svarar inte. Kontrollera att den är startad och att  du har internetanslutning.",
  "freja.qr_or_app_switch.REJECTED": "Legitimeringen nekad",
  "freja.qr_or_app_switch.RP_CANCELED": "Åtgärden avbruten. Försök igen",
  "freja.qr_or_app_switch.INTERRUPTED": "Åtgärden avbruten. Försök igen",
  "freja.qr_or_app_switch.API_ERROR": "Okänt fel. Försök igen.",
  "allow-cookies-body": "Vill du spara dina språkinställningar på denna enhet behövs ett godkännande av  språk-cookie.",
  "allow-cookies-button": "Godkänn språk-cookie",
  "change_language": ""
}