BankIDAuthenticateValve

Trigger BankID authentication. Used in the context of the HTTP API.

On successful execution, a new item will be added and the bankID transaction id value will be added to the property transactionID as well as autoStartToken, qrStartToken and qrStartSecret.  The qrStartSecret must not be sent to the client, it is meant to be a secret shared only between the BankID Service and the RP service.

Properties

Name Description Default value Mandatory Supports property expansion
bankid_keystore ID of the stored p12 keystore Yes No
mode Switch to communicate with bankid test or production environment. Set to test to target bankid test environment. production No No
version Sets the version of the bankid api to interact with v5.1 No No
pnr Personalnumber of the person No Yes
user_visible_data A text that is displayed to the user during authentication with BankID No Yes
user_visible_data_format If present, and set to “simpleMarkdownV1”, this parameter indicates that userVisibleData holds formatting characters No Yes
user_non_visible_data Data that is not displayed to the user No Yes
requirement Includes one or more requirements on how the auth or sign order must be performed, see below for more information. Format json No No
client_ip_request_param Request parameter containing client IP adress. remoteAddress No No

Example Configuration 

{
    "name": "BankIDAuthenticateValve",
    "config": {
        "bankid_keystore": "11111-22222-33333-44444",
        "mode": "test",
        "version": "v6.0", 
        "user_visible_data": {{request.userVisibleData}},
        "user_visible_data_format": "simpleMarkdownV1",
        "requirement": "{\"certificatePolicies\":[\"1.2.752.78.1.5\"],\"pinCode\":true}",
        "client_ip_request_param": "{{request.X-Forwarded-For}}"
        }
}

Requirements

- Keystore (p12 format) file used to authenticate to BankID service stored on PhenixID Authentication Server.

- BankID client (for testing).