Introduction
IDkollen provides a JSON/REST API for authenticating and signing with BankID.
The API is only accessible with SSL and a unique key provided by IDkollen. The key is private and should not be shared with a third party. The API should only be called from a server application, not directly from the client.
When signing up you will receive API keys for IDKollens staging and live environment.
| Environment | URL | Callback IP | BankID environment |
|---|---|---|---|
| Live | https://api.idkollen.se/v2/ | 13.53.114.219 13.48.243.11 | Live |
| Staging | https://stgapi.idkollen.se/v2/ | 13.53.56.116 13.53.92.159 | Test |
Usage flow
- The user initiates an authentication via the partner's interface.
- The partner calls IDkollen's API with the secret key to get to initiate an authentication.
- IDkollen sends response to partner with information about the initiated authentication.
- The partner uses the information to launch BankID on the users device.
- The user identifies him- or herself with BankID.
- The partner fetches the result or gets it via their callback endpoint.
Staging environment (test)
Please note that the Staging environment only works with Test BankID: https://www.bankid.com/en/utvecklare/test/skaffa-testbankid/test-bankid-get
Callback URL
For security reasons it is not possible to supply the callbackUrl in the Authentication request. This must be whitelisted by IDkollen in your accounts preferences. Please provide your callbackUrl by emailing us at support@idkollen.se.
QR Codes and autoStartToken
The V3 API supplies autoStartToken, qrStartToken and qrStartSecret with every request without needing to send "enableQR": true, like in V2.
Secret key
To initiate requests to the API a secret key is needed. To request a secret key, contact support@idkollen.se.
Authentication
All API endpoints are authenticated using Basic Auth, where the "username" is the account ID and the "password" is the secret key.
Authorization: Basic ${ base64(accountId + ':' + secretKey) }
More information
For more information about error messages and how the BankID API works in general, please refer to the BankID Relying Party Guidelines.
If you have any questions, please contact us at support@idkollen.se