Signing
The /sign API is used to sign a document or other information with BankID.
POST https://api.idkollen.se/v2/{api-key}/sign
{
"message": "Text to sign",
"ipAddress": "8.8.8.8",
"callbackUrl": "https://partner.url/idkollen/response",
"refID": "12398698",
"allowFingerprint": true,
"enableQR": true,
"digest": "hash",
"secretKey": "123456",
"orgNumber": "559000-0948"
}
| Parameter | Required | Description |
|---|---|---|
| message | Yes | The text to sign, will be displayed in the BankID app. |
| ipAddress | Yes | The IP-address of the end user, or as close to the end user as possible. |
| callbackUrl | No | The URL to where IDkollen will send the callback on successful or failed requests. Not required when using /collect to check status. |
| allowFingerprint | No | Allow user to authenticate with fingerprint or face recognition in BankID app. (Default value: true) |
| refID | No | Reference ID which will be returned in the callback. |
| secretKey | Yes | Secret key to be used for increased security. Provided by IDkollen on request. |
| enableQR | No | Set to true returns qrStartToken and qrStartSecret for animated QR-codes. |
| digest | No | The hash that gets sent to BankID as "userNonVisibleData" |
| orgNumber | No | Organizational number, 11 digits. Used to perform checks for company signatory. To enable this feature, contact IDkollen. |
IDkollen will respond with HTTP status 201 for successful request, or 4xx/5xx on For more information about errors, please see the Errors section.
HTTP/2.0 201 Created
{
"orderRef": "3e128b66-58c3-42a9-96fa-88fefeb113ab",
"autoStartToken": "6684fdd6-8935-4e12-8f71-95ac453d1fe0",
"qrStartToken": "bf9d9019-e01a-4fd1-a708-1e79e13346f1",
"qrStartSecret": "077c2389-b530-49b7-a2ee-dc38af98cffb"
}
| Property | Description |
|---|---|
| orderRef | BankID reference number, can be used to collect response. |
| autoStartToken | A token used to launch the BankID app on the same device. See https://www.bankid.com/utvecklare/guider/teknisk-integrationsguide/programstart |
| qrStartToken | A token used, in combination with the qrStartSecret, to generate an animated QR code to authenticate using BankID on another device. See https://www.bankid.com/utvecklare/guider/teknisk-integrationsguide/qrkoder |
| qrStartSecret | Used to animate the QR code. |