BankID

This guide scenario will create an authenticator that uses BankID for user authentication. It can be paired with a lookup against another user store to make sure only users from that user store are granted access.

Name and Description

Input the name and description of your authenticator scenario

Alias

Here you enter an alias for your authenticator, which is a more user friendly version of the authenticator's ID (which is a random, auto generated UUID string). 

User store

Here you may configure which user store the authentication should be performed against.

BankID has its own user store so that anyone with a valid BankID can authenticate against it. If you want to use your own user store, but still use BankID as authentication, you may add a user store connection and create a search filter that will match the user returned from the BankID authentication with one in your own user store.

You may select an existing user store, or configure a new one. For instructions on configuring a new one, see the guide scenario for "Connections - LDAP" or "Connections - JDBC".

Search settings - only relevant if you use your own user store

Depending on whether your connection is LDAP or JDBC, your next step will look different. For LDAP, you enter your search filter such that the username that the user will enter on the web correlates with your userid-attribute in the directory. You also select the search base for the users by clicking "choose" and selecting the correct category for your users.

For JDBC you simply adjust the SQL query so that it will select the correct user. {{request.userPersonalNumber}} will resolve to the personal number returned by BankID. Adjust your search filter so that it matches the attribute in your user store.

Mode

Select whether you want to use BankID in Test or Production mode. For the authenticator to work, this must match which keystore you select in the next step.

Keystore

Select which keystore you want to use. This keystore has to contain your BankID relying party certificate. You will need to contact BankID to get such a certificate yourself. It also needs to reflect the mode you select (test or production). You may create a new keystore in this step if you have not created one already.

The result

Upon finishing the guide scenario, you will be met with an edit page where you can adjust additional settings. You can also see the "execution flow" tab where you can adjust the pipes and valves created in the scenario.