Login with BankID

Already created users (in the user database) can sign in using BankID.

Prerequisites

Pointsharp IdP

The identity provider must be able to find an existing user by searching a configured attribute.

End users need a BankID and the app

To use the BankID identification and signature features, end users must install the BankID app on a mobile device or a PC. They also need to order a BankID from their bank.

You need an agreement and a certificate

You use the BankID identification or signature services through the API. The API can only be accessed if you have a valid certificate. You order the certificate from the bank you have your agreement about the BankID service with.

APIs

https://developers.bankid.com/api-references/

QR code generation

Animated QR codes are used with BankID when the user is running the service (webpage or app) on one device, for example, a computer, but use BankID on another device, for example, their mobile.

The flow is:

  1. Your service generates a QR code.

  2. Your service presents the QR code to the user.

  3. The user scans the QR code using their BankID app. If successful, the BankID app will proceed with the order.

For generation, use the pattern 'bankid.qrStartToken.time.qrAuthCode' as link in the QR code, where:

  • bankid is a fixed prefix.

  • qrStartToken is from the auth or sign response.

  • time is the number of seconds since the order was created.

  • qrAuthCode is computed as HMACSHA256(qrStartSecret, time), where time is the number of seconds since the response from auth or sign was returned, and qrStartSecret is from the auth or sign response.

The qrStartSecret shouldn’t be sent to your frontend. It’s a secret to be shared by BankID service and your backend only.
The BankID request order at the backend server is 30s (user must scan in the 30s window).

For complete instructions and sample codes, see https://developers.bankid.com/how-to-guides/qr-code

When BankID is stored on the same device as the service provider

When the BankID client is stored on the same device used to visit your app or webpage, the app is started by using autostart.

  1. Go to https://developers.bankid.com/how-to-guides/autostart for instructions on how to start the BankID app when it is stored on the same device used to visit your app or webpage.

  2. The user should be sent back to the app or webpage once they’ve completed their action in the BankID client. Read more on how to create a return URL: https://developers.bankid.com/how-to-guides/return-url