With user input

This authenticator expects users to input an identifier. Based on the configuration it can be e-mail, personnummer, phone number, or organizational identifier.

Configuration

Based on the Freja e-ID documentation found here:

Freja eID Relying Party Developers' Documentation

Authenticator type: FrejaWithUserInput

Common Authenticator configuration can be found here.

Name Description Default value Mandatory

Name	Description	Default value
`internal_http_destination`	ID of the internal http client used to talk with backend.	N/A
`mode`	Four modes are possible: `"prod_personal"`, `"test_personal"` , `"prod_org"` & `"test_org"` . Depending on the mode, the URL used to talk to Freja backen differs.	`"prod_personal"`
`userInfoType`	How to identify the user on the front end. Possible values are: `"PHONE"`, `"EMAIL"`, `"SSN"`, `"ORG_ID"`	`"SSN"`
`attributesToReturn`	Array of attributes to return to the server after completed authentication. See allowed values in Freja documentation	N/A
`minRegistrationLevel`	Required registration level. Allowed values are `"BASIC"`, `"EXTENDED"` or `"PLUS"`	`"PLUS"`
`relyingPartyId`	Value of the relying party ID to be used	N/A
`custom_identifier`	When logging events, the custom_identifier lets you tag the event.	N/A

internal_http_destination

ID of the internal http client used to talk with backend.

N/A

mode

Four modes are possible: "prod_personal", "test_personal" , "prod_org" & "test_org" . Depending on the mode, the URL used to talk to Freja backen differs.

"prod_personal"

userInfoType

How to identify the user on the front end. Possible values are: "PHONE", "EMAIL", "SSN", "ORG_ID"

"SSN"

attributesToReturn

Array of attributes to return to the server after completed authentication. See allowed values in Freja documentation

N/A

minRegistrationLevel

Required registration level. Allowed values are "BASIC", "EXTENDED" or "PLUS"

"PLUS"

relyingPartyId

Value of the relying party ID to be used

N/A

custom_identifier

When logging events, the custom_identifier lets you tag the event.

N/A

{
	"id": "frejauserinput",
	"type": "FrejaWithUserInput",
	"config": {
		"base_path": "/test/authn",
		"internal_http_destination": "freja",
		"webroot_dir": "web/authenticator/freja/freja_with_user_input",
		"userInfoType": "SSN",
		"attributesToReturn": [
			"BASIC_USER_INFO", "EMAIL_ADDRESS"
		],
		"minRegistrationLevel": "EXTENDED",
		"mode": "prod_personal"
	}
}

Property base_path should not contain the full path when used in conjunction with the Selector, instead, the full URI will be handled by the selector. The full path will be base_path + / + id.

Logging

Apart from system logging, event logging is done when starting, completing, and failing a transaction.

Event ids are:

WEB_100005("Freja authentication started")
- IDENTIFIER (user trace id)
- SOURCE_ADDRESS (ip address of device starting transaction)
- CUSTOMER_IDENTIFIER (if configured)
WEB_100006("Freja authentication completed")
- IDENTIFIER (user trace id)
- SOURCE_ADDRESS (ip address of the device used)
- CUSTOMER_IDENTIFIER (if configured)
WEB_100008("Freja authentication canceled or expired")
- IDENTIFIER (user trace id)
- SOURCE_ADDRESS (ip address of the device used)
- CUSTOMER_IDENTIFIER (if configured)

Data exposed to global state

After a user completes a transaction, the authenticator is marked as done. Data from the authentication response is then put into the global state replacing existing values:

details
givenName
surName
ssn
co
mail
organisationIdIdentifier
integratorSpecificUserId
relyingPartyUserId
registrationLevel

Note that it is not guaranteed that all parameters hold value. The result varies depending on the configuration

API

When communicating with the backend this describes the

General requirements

Backend communications are made using AJAX and the HTTP PUT method. Every request need a Content-Type with the value of application/json.

Getting state

Body must conform to the example below.

{
    "type": "state"
}

Starting an authentication

To start authentication send AJAX request containing the user's identifier, 12 digits.

{
    "type": "start",
    "data": {
        "identifier": "<user_data>"
    }
}

Cancel a request

A request can be canceled at any time. This is done by sending a cancel request.

{
    "type": "cancel"
}

Response from server

In general, you should expect a server response with http status code 200. Anything else is to be considered an error.

Response body will be in the form of a JSON object. Typically the response looks like:

{
    "status": "ABOUT_TO_START",
    "frejaStatus": "", (optional)
    "authRef": "", (optional)
}

The property "status" will contain status.

Possible status messages

One of the following status codes is returned based on the current state.

ABOUT_TO_START
PENDING
COMPLETED
FREJA_ERROR
ERROR

Possible frejaStatus messages

One of the following frejaStatus codes is returned based on the current state.

STARTED
DELIVERED_TO_MOBILE
CANCELED
RP_CANCELED
EXPIRED
APPROVED
REJECTED
UNKNOWN

Data in authRef

Once the authentication process has started the identifier generated by the Freja-backed server is sent back to the client in parameter authRef.

Translation keys

{
  "freja.with_user_input.identifier": "Username",
  "freja.with_user_input.start_authentication": "Start authentication",
  "freja.with_user_input.open_app": "Open BankID app",
  "freja.with_user_input.app_opened": "BankID app opened",
  "freja.with_user_input.verify_authentication": "Verifify identification",
  "freja.with_user_input.authentication_verified": "Identification verified",
  "freja.with_user_input.redirecting": "Redirecting...",
  "freja.with_user_input.start_app": "Start your BankID app.",
  "freja.with_user_input.cancel": "Cancel",
  "freja.with_user_input.canceling": "Canceling...",
  "freja.with_user_input.ERROR": "Unknown error. Please try again.",
  "freja.with_user_input.UNKNOWN": "Unknown error. Please try again.",
  "freja.with_user_input.CANCELED": "Action cancelled. Please try again.",
  "freja.with_user_input.EXPIRED": "The Freja eID app is not responding. Please check that the program is started and that you have internet access.",
  "freja.with_user_input.REJECTED": "Authentication denied",
  "freja.with_user_input.RP_CANCELED": "Action cancelled. Please try again.",
  "freja.with_user_input.INTERRUPTED": "Action cancelled. Please try again.",
  "freja.with_user_input.API_ERROR": "Unknown error. Please try again.",
  "allow-cookies-body": "To save your language settings on this device you need to approve a language cookie.",
  "allow-cookies-button": "Approve language cookie",
  "change_language": ""
}

{
  "freja.with_user_input.identifier": "Användarnamn",
  "freja.with_user_input.start_authentication": "Starta verifiering",
  "freja.with_user_input.open_app": "Öppna Freja eID-appen",
  "freja.with_user_input.app_opened": "Freja eID-appen öppnad",
  "freja.with_user_input.verify_authentication": "Verifiera legitimering",
  "freja.with_user_input.authentication_verified": "Legitimeringen verifierad",
  "freja.with_user_input.redirecting": "Omdirigerar...",
  "freja.with_user_input.start_app": "Starta Freja eID-appen",
  "freja.with_user_input.cancel": "Avbryt",
  "freja.with_user_input.canceling": "Avbryter...",
  "freja.with_user_input.ERROR": "Okänt fel. Försök igen.",
  "freja.with_user_input.UNKNOWN": "Okänt fel. Försök igen.",
  "freja.with_user_input.CANCELED": "Åtgärden avbruten. Försök igen",
  "freja.with_user_input.EXPIRED": "Freja eID-appen svarar inte. Kontrollera att den är startad och att  du har internetanslutning.",
  "freja.with_user_input.REJECTED": "Legitimeringen nekad",
  "freja.with_user_input.RP_CANCELED": "Åtgärden avbruten. Försök igen",
  "freja.with_user_input.INTERRUPTED": "Åtgärden avbruten. Försök igen",
  "freja.with_user_input.API_ERROR": "Okänt fel. Försök igen.",
  "allow-cookies-body": "Vill du spara dina språkinställningar på denna enhet behövs ett godkännande av  språk-cookie.",
  "allow-cookies-button": "Godkänn språk-cookie",
  "change_language": ""
}

PreviousFreja e-ID NextWith QR or "app-switch"