Errors
The Verification of digital ID card from BankID provides error information to the RP through responses on the /rp/v1/verify endpoint.
The API conveys error information using HTTP status codes and JSON response bodies with
errorCode and an optional description field.
Error codes
Please note that 400 Bad Request error responses having errorCode invalidParameters may provide additional information in the JSON response body description field.
Examples:
{"errorCode":"invalidParameters","description":"Invalid json body"}
{"errorCode":"invalidParameters","description":"Invalid QR code"}
{"errorCode":"verificationFailed","description":"ID card verification not passed"}
HTTP status | Error code | Description |
---|---|---|
400 |
invalidParameters |
A call to /rp/v1/verify could not be processed by the BankID service due to malformed or invalid request data. Will return with HTTP 400 Bad Request status. Possible reasons:
|
400 |
verificationFailed |
A call to /rp/v1/verify was processed, but resulted in a non-valid validation of the presented ID card. Possible reasons:
|
401, 403 |
unauthorized |
RP does not have access to the service. |
404 |
notFound |
An erroneous URL path was used. |
405 |
methodNotAllowed |
Only HTTP method POST is allowed. |
408 |
requestTimeout |
The BankID service did not receive a complete request message before its read timeout occurred |
415 |
unsupportedMediaType |
Adding a "charset" parameter after application/json is not allowed since the MIME type "application/json" has neither optional nor required parameters. |
429 |
tooManyRequests |
A call to /rp/v1/verify returns with HTTP 429 Too Many Requests status if the RP has called the APIs an excessive number of times. The response contains the following HTTP headers according to IETF draft-polli-ratelimit-headers-00 section 3:
SeeRate-limiting under Technical details in section Introduction for more details. |
500 |
internalError |
A call to /rp/v1/verify could not be processed by the BankID service for unexpected internal reasons. |
503 |
The BankID service is temporarily unable to service the request |
400
invalidParameters
A call to /rp/v1/verify could not be processed by the BankID service due to malformed or invalid request data. Will return with HTTP 400 Bad Request status.
Possible reasons:
Invalid JSON in request body
Request body too large
The passed qrCode has expired or is in other way invalid. QR codes expires within some seconds, and must be consumed within a period of time.
400
verificationFailed
A call to /rp/v1/verify was processed, but resulted in a non-valid validation of the presented ID card.
Possible reasons:
The QR code did not correlate to a known ID card
The ID card was closed before the validation request could be completed
The ID card was revoked or expired
401, 403
unauthorized
RP does not have access to the service.
404
notFound
An erroneous URL path was used.
405
methodNotAllowed
Only HTTP method POST is allowed.
408
requestTimeout
The BankID service did not receive a complete request message before its read timeout occurred
415
unsupportedMediaType
Adding a "charset" parameter after application/json is not allowed since the MIME type "application/json" has neither optional nor required parameters.
429
tooManyRequests
A call to /rp/v1/verify returns with HTTP 429 Too Many Requests status if the RP has called the APIs an excessive number of times. The response contains the following HTTP headers according to IETF draft-polli-ratelimit-headers-00 section 3:
RateLimit-Limit
RateLimit-Remaining
RateLimit-Reset
SeeRate-limiting under Technical details in section Introduction for more details.
500
internalError
A call to /rp/v1/verify could not be processed by the BankID service for unexpected internal reasons.
503
The BankID service is temporarily unable to service the request