Table of Contents

BankID

Warning

This authenticator is a legacy authenticator. It is recommended to plan for migrating the authenticator to the new protocol agnostic authenticator architecture. More information about the legacy authenticators can be found here.

Note

Authenticate using BankID. Depending on the method used the user may need to enter the personal number.

BankID authenticator allows for three different scenarios:

  • Starting BankID on the same device.
  • Starting BankID on another device.
  • Starting BankID using a QR code.

Every method needs to be activated through configuration.

The End user IP is resolved automatically depending on how the administrator has configured client IP resolves for the current HTTP connection. Read more here.

Translate userVisibleData by adding keyword "bankid.translated.userVisibleData" to this field and update language files with the keyword and translations.

Properties

Name Description Default value Mandatory
pipeID The pipe executed after a successful BankID authentication N/A Yes
successURL Location where to after a successful BankID authentication N/A No
keyStore ID of the keystore used t ocommunicate with BankID bankend N/A Yes
mode If connecting to BankID test backend set this value to "test". N/A No
loginTemplate Template used for rendering the user facing UI bankid.template No
translation A JSON Array of custom translation keys No
templateVariables Options used for showing/hiding BankID methods (On this device, On Other Device, Scan QR code). No
includeQueryString On a successful authentication, should the data from the original query be added when redirecting the client false No
sessionValues When rendering template, the template can pull data from from the session. For more int see: Use of sessionValues parameter on HTTP authenticator No
userVisibleData Text shown in bankid client when user is authenticating No
allowLanguageChange should the user be able to change the language in the UI true No
icon The default 'icon' in the templte. Not to be confused with favicon res/images/backgrounds/transparent.png No
useRedirectUrl Whether or not redirect url should be provided when launching the bankid application for ios users. true No
useWeb Whether to sent BankID web parameter. Configured referringDomain will be used, together with a cookie based deviceIdentifier and the User-Agent header. Read more on BankID official documentation. false No
referringDomain The BankID referringDomain parameter sent within web. This should be the domain URL of the PAS server. Read more on BankID official documentation. No

Example Configuration

     {
        "id": "bid",
        "alias": "bid",
        "name": "BankID",
        "configuration": {
            "pipeID": "pipeBID",
            "keyStore": "bankidkeystore",
            "password": "qwerty123",
            "mode": "test",
            "successURL": "/selfservice/",
            "enableHoneypot": "true",
            "loginTemplate": "bankid.template",
            "userVisibleData": "bankid.translated.userVisibleData",            "translation": [
                "bankid.messages.title_starting",
                "bankid.messages.title_current_device",
                "bankid.messages.title_mobile_device",
                "bankid.messages.title_qrcode",
                "bankid.messages.text_starting",
                "bankid.messages.text_current_device",
                "bankid.messages.text_mobile_device",
                "bankid.messages.text_qrcode",
                "bankid.messages.input_personal_number",
                "bankid.messages.button_submit",
                "bankid.messages.button_start_over",
                "bankid.messages.button_start_manually",
                "bankid.messages.info_bankid_link_creation_app",
                "bankid.messages.info_bankid_url_link_redirection_success_app",
                "bankid.messages.info_open_app",
                "bankid.messages.info_rediection_app",
                "bankid.messages.info_verified_app",
                "bankid.messages.info_qrcode_scanned_app",
                "bankid.messages.error_bad_personal_number",
                "bankid.messages.error_cancellation",
                "bankid.messages.error_request",
                "bankid.messages.changeLanguage"
            ],
            "templateVariables": {
                "cancel_href": "/bid/authenticate/logout/bid/?nextTarget=/bid/authenticate/bid/",
                "methods": [
                    {
                        "title": "bankid.messages.option_label_od",
                        "image": "/authenticate/res/images/icons/phenixid-bankid.png",
                        "data-toggle-action": "OD"
                    },
                    {
                        "title": "bankid.messages.option_label_sd",
                        "image": "/authenticate/res/images/icons/phenixid-bankid.png",
                        "data-toggle-action": "SD"
                    },
                    {
                        "title": "bankid.messages.option_label_qr",
                        "image": "/authenticate/res/images/icons/phenixid-bankid-qr.png",
                        "data-toggle-action": "QR"
                    }
                ]
            }
        }
    }

Requirements

  • A BankID key store issued by an authorized issuer
  • The user must have activated BankID prior to authenticating
Authentication Deprecated BankID