SAML2Hypr

Authenticate using Hypr mobile app.

The Hypr authenticator allows for one scenario:

  • Starting Hypr on the same device or other device by entering a userID.

On successful authentication, this parameter will be added to the request sent to the connected pipe:

  • username  - The userID

Patch instructions

SAML2Hypr binaries and template files must for now (version 4.0) be added manually to the PAS installation. Please download binaries and instructions to install the patch here.

 

 

Properties

Name Description Default value Mandatory
idpID The internal identifier of the idp used N/A Yes
pipeID ID of the pipe to be executed on successful authentication N/A Yes
samlAuthMethod The value to be set in the AuthnContextClassRef of the SAML assertion urn:oasis:names:tc:SAML:2.0:ac:classes:XMLDSig No
access_token Access token value to be able to authorize PAS against the Hypr endpoint. N/A Yes
hyprURL The root URL of the Hypr tenant backend. N/A Yes
loginTemplate Template used for rendering the user facing UI hypr.template No
templateVariables Parameters to control the GUI rendering. N/A Yes
appId The appID for the Hypr tenant. N/A Yes

Example Configuration

	{
		"id": "5826d912-737e-4c5c-bb52-7c3da1d142d1",
		"alias": "hypr",
		"name": "SAML2Hypr",
		"displayName": "Hypr",
		"configuration": {
			"pipeID": "0f80ec8d-9de9-49a9-b9ca-0f256bf2a96c",
			"idpID": "87a7a32e-eeaa-4dc3-80f4-8c91c89f6404",
			"access_token": "xxxxxyyyy-zzzzzwwwwww-faaderd",
			"hyprURL": "https://zyx-pov.gethypr.com/",
			"appId": "app_phenixid_test",
			"loginTemplate": "hypr.template",
			"translation": [
				"hypr.messages.title_starting",
				"hypr.messages.title_current_device",
				"hypr.messages.title_mobile_device",
				"hypr.messages.title_qrcode",
				"hypr.messages.text_starting",
				"hypr.messages.text_current_device",
				"hypr.messages.text_mobile_device",
				"hypr.messages.text_qrcode",
				"hypr.messages.input_personal_number",
				"hypr.messages.button_submit",
				"hypr.messages.button_start_over",
				"hypr.messages.button_start_manually",
				"hypr.messages.info_bankid_link_creation_app",
				"hypr.messages.info_bankid_url_link_redirection_success_app",
				"hypr.messages.info_open_app",
				"hypr.messages.info_rediection_app",
				"hypr.messages.info_verified_app",
				"hypr.messages.info_qrcode_scanned_app",
				"hypr.messages.error_bad_personal_number",
				"hypr.messages.error_cancellation",
				"hypr.messages.error_request",
				"hypr.messages.changeLanguage"
			],
			"templateVariables": {
				"methods": [
					{
						"title": "hypr.messages.option_label_od",
						"image": "/authenticate/res/images/icons/phenixid.png",
						"data-toggle-action": "OD"
					}
				]
			}
		},
		"created": "2021-01-20 18:16:31.46"
	}

Requirements

  • Hypr tenant URL value
  • Hypr access_token value
  • Hypr appID value
  • PAS must be able to communicate with the Hypr URL
  • Hypr app activated for test user