Checks the status of a authentication request. Typically used with the authentication API module.  Because of this, the data used is expected to come from the request. Not an item. If you want the data to come from an item, use the "propsFromItem" config parameter.

The valve will create an item if none is present.

For more detailed information see


Name Description Default value Mandatory Supports property expansion
keystoreID The id of the keystore in configuration Yes No
mode Decides the target endpoint to send the request to. Allowed values are 'test_personal_auth,production_organisation_auth,production_personal_auth,test_organisation_auth,test_personal_auth'. Only one value is allowed. Yes No
relyingPartyId Defines the relying party ID. Used with partner certificate which is allowed to be used for multiple customers. No Yes
customer Used for event logging to add differentiator if desired. No No
propsFromItem Whether or not to fetch the Freja eID request properties from the flow item instead of the request. false No No

Example Configuration

      "name" : "FrejaEIDAuthStatusValve",
      "config" : {
        "keystoreID" : "93f5e7e1-c3f4-436b-9bbc-0b94d454a352",
        "mode" : "production_personal_auth"


  • The server trusts the Freja e-ID backend TLS certificate.
  • A client certificate & private key (keystore) thsat is issued by Freja e-ID is present in the configuration.

Request parameters

The incoming request must contain the following parameters:

  • authRef - The identifier of an auth request

Example request



Status and authRef is always returned. 

If approved,  ssn, givenName, sn, mail, organisationIdIdentifier is returned. Depending on the initiating request some attributes may be empty.

In addition the entire response is found in attribute fullResponse, Base64 encoded.