/phone/auth
Initiates an authentication order when the user is talking to the RP over the phone. Use the collect method to query the status of the order.
Example - request phone/auth
POST /rp/v6.0/phone/auth HTTP/1.1
Content-Type: application/json
Host: appapi2.bankid.com
{
"personalNumber": "190000000000",
"callInitiator": "user"
}
Parameters for phone/auth
Name | Required |
---|---|
personalNumber | Required |
The personal number of the user. String. 12 digits. |
|
callInitiator | Required |
Indicate if the user or the RP initiated the phone call.
|
|
requirement | Optional |
Requirements on how the auth order must be performed. See below. |
|
userVisibleData | Optional |
Text displayed to the user during authentication with BankID, with the purpose of providing context for the authentication and to enable users to detect identification errors and averting fraud attempts. The text can be formatted using CR, LF and CRLF for new lines. The text must be encoded as UTF-8 and then base 64 encoded. 1—1 500 characters after base 64 encoding. |
|
userNonVisibleData | Optional |
Data not displayed to the user. String. The value must be base 64-encoded. 1-1 500 characters after base 64-encoding. |
|
userVisibleDataFormat | Optional |
If present, and set to “simpleMarkdownV1”, this parameter indicates that userVisibleData holds formatting characters which potentially make for a more pleasant user experience. For further information of formatting options, see guidelines for formatted text. |
Name
Required
The personal number of the user. String. 12 digits.
Required
Indicate if the user or the RP initiated the phone call.
user: user called the RP
RP: RP called the user
Optional
Requirements on how the auth order must be performed. See below.
Optional
Text displayed to the user during authentication with BankID, with the purpose of providing context for the authentication and to enable users to detect identification errors and averting fraud attempts. The text can be formatted using CR, LF and CRLF for new lines. The text must be encoded as UTF-8 and then base 64 encoded. 1—1 500 characters after base 64 encoding.
Optional
Data not displayed to the user. String. The value must be base 64-encoded. 1-1 500 characters after base 64-encoding.
Optional
If present, and set to “simpleMarkdownV1”, this parameter indicates that userVisibleData holds formatting characters which potentially make for a more pleasant user experience.
For further information of formatting options, see guidelines for formatted text.
Requirements
RP may use the requirement parameter to describe how the signature must be created and verified. A typical use case is to require Mobile BankID or a certain card reader. Requirements can be set for both auth and sign orders. The following table describes requirements, their possible values and defaults.
Name | Value | Default |
---|---|---|
pinCode |
Users are required to sign the transaction with their PIN code, even if they have biometrics activated. |
False, the user is not required to use pin code. |
cardReader |
|
No card reader required. |
certificatePolicies |
The oid in certificate policies in the user certificate. List of String. One wildcard ”” is allowed from position 5 and forward ie. 1.2.752.78. The values for production BankIDs are:
The values for test BankIDs are:
|
If no set certificate policies, the following are default in the: production system
test system
If any certificate policy is set all default policies are dismissed. |
pinCode
Users are required to sign the transaction with their PIN code, even if they have biometrics activated.
False, the user is not required to use pin code.
cardReader
"class1" (default) – The transaction must be performed using a card reader where the PIN code is entered on a computer keyboard, or a card reader of higher class.
"class2" – The transaction must be performed using a card reader where the PIN code is entered on the reader, or a reader of higher class.
"<"no value">" – defaults to "class1". This condition should be combined with a certificatePolicies for a smart card to avoid undefined behaviour.
No card reader required.
certificatePolicies
The oid in certificate policies in the user certificate. List of String. One wildcard ”” is allowed from position 5 and forward ie. 1.2.752.78.
The values for production BankIDs are:
"1.2.752.78.1.1" - BankID on file
"1.2.752.78.1.2" - BankID on smart card
"1.2.752.78.1.5" - Mobile BankID
The values for test BankIDs are:
"1.2.3.4.5" - BankID on file
"1.2.3.4.10" - BankID on smart card
"1.2.3.4.25" - Mobile BankID
“1.2.752.60.1.6” - Test BankID for some BankID Banks.
If no set certificate policies, the following are default in the:
production system
1.2.752.78.1.1
1.2.752.78.1.2
1.2.752.78.1.5
1.2.752.71.1.3
test system
1.2.3.4.5
1.2.3.4.10
1.2.3.4.25
1.2.752.60.1.6
1.2.752.71.1.3
If any certificate policy is set all default policies are dismissed.
Response from phone/auth
Name | Value |
---|---|
orderRef |
Used to collect the status of the order. String. |
orderRef
Used to collect the status of the order. String.
Example response from phone/auth
HTTP/1.1 200 OK
Content-Type: application/json
{
"orderRef":"131daac9-16c6-4618-beb0-365768f37288"
}