BankIDSignValve
Note
Trigger BankID signing. Used for local signing.
On successful execution, a new item will be added and the bankID transaction id value will be added to the property transactionID. The properties qrStartToken and qrStartSecret from bankID api will be added to the item. The qrStartSecret must not be sent to the client, it is meant to be a secret shared only between the BankID api and the relying party.
Properties
| Name | Description | Default value | Mandatory | Supports property expansion |
|---|---|---|---|---|
| bankid_keystore | ID of the keystore to use setting up client authentication | Yes | No | |
| mode | Switch to communicate with bankid test or production environment. Set to test to target bankid test environment. | production | No | No |
| version | Sets the version of the bankID API to access | v5.1 | No | No |
| pnr | Personnummer, removed in v6.0 of the BankID api | no | Yes | |
| user_visible_data | Data to be signed that will be displayed in the bankid client. | Yes | Yes | |
| user_non_visible_data | Data to be signed that will not be displayed in the bankid client. | No | Yes | |
| requirement | Includes one or more requirements on how the auth or sign order must be performed, see below for more information. Format json | No | No | |
| client_ip_request_param | Parameter containing the client ip. | remoteAddress | No | Yes |
| certificatePolicy | Comma separated string of bankid certificate policies | No | No | |
| returnUrl | BankID returnUrl parameter. Will be used to redirect the user after finished authentication. Will override any other return url set by the initiating client. | No | Yes | |
| web | BankID web parameter. See BankID documentation for more info. | No | Yes | |
| app | BankID app parameter. See BankID documentation for more info. | No | Yes |
Example Configuration
{
"name" : "BankIDSignValve",
"config" : {
"bankid_keystore":"1111-2222-3333-4444",
"pnr" : "{{request.pnr}}",
"user_visible_data" : "{{request.userVisibleData}}",
"user_non_visible_data" : "{{request.userNonVisibleData}}",
"client_ip_request_param": "{{request.X-Forwarded-For}}",
"requirement": "{\"certificatePolicies\":[\"1.2.752.78.1.5\"],\"pinCode\":true}"
}
}
Requirements
PhenixID Signing Service installed.
Keystore (p12 format) file used to authenticate to BankID service stored on PhenixID Authentication Server.
BankID client (for testing).