Authentication
The /auth API is used to authenticate a user with BankID.
POST https://api.idkollen.se/v2/{api-key}/auth
{
"ipAddress": "8.8.8.8",
"callbackUrl": "https://partner.url/idkollen/response",
"refID": "12398698",
"allowFingerprint": true,
"enableQR": true,
"secretKey": "123456",
"intent": "Intention text",
"orgNumber": "559000-0948"
}
| Parameter | Required | Description |
|---|---|---|
| ipAddress | Yes | The IP-address of the end user, or as close to the end user as possible. |
| callbackUrl | No | The URL to where IDkollen will send the callback on successful or failed requests. Not required when using /collect to check status. The callbackUrl can also be set on account level for increased security. |
| allowFingerprint | No | Allow user to authenticate with fingerprint or face recognition in BankID app. (Default value: true) |
| refID | No | Reference ID which will be returned in the callback or collect. |
| secretKey | Yes | Secret key to be used for increased security. Provided by IDkollen. |
| enableQR | No | Set to true returns qrStartToken and qrStartSecret for animated QR-codes. |
| intent | No | Text to be displayed in the users BankID app during authentication, for purposes of adding an intention for requesting the authentication. Max 1500 characters after base64. Formatting options can be found here: https://www.bankid.com/en/utvecklare/guider/formatera-text/syntax-specialtecken-atergivning |
| orgNumber | No | Organizational number, 11 digits. Used to perform checks for company signatory. To enable this feature, contact IDkollen. |
IDkollen will respond with HTTP status 201 for successful request, or 4xx/5xx on errors. For more information about errors, please see the Errors section.
HTTP/2.0 201 Created
{
"orderRef": "3e128b66-58c3-42a9-96fa-88fefeb113ab",
"autoStartToken": "6684fdd6-8935-4e12-8f71-95ac453d1fe0",
"qrStartToken": "bf9d9019-e01a-4fd1-a708-1e79e13346f1",
"qrStartSecret": "077c2389-b530-49b7-a2ee-dc38af98cffb"
}
| Property | Description |
|---|---|
| orderRef | BankID reference number, can be used to collect response. |
| autoStartToken | A token used to launch the BankID app on the same device. See https://www.bankid.com/utvecklare/guider/teknisk-integrationsguide/programstart |
| qrStartToken | A token used, in combination with the qrStartSecret, to generate an animated QR code to authenticate using BankID on another device. See https://www.bankid.com/utvecklare/guider/teknisk-integrationsguide/qrkoder |
| qrStartSecret | Used to animate the QR code. |