Signing
The /sign API is used to sign a document or other information with BankID.
The pno can be left out when signing from the device where BankID is installed.
In these cases the autoStartToken parameter must be used when you start the BankID app.
See table below for information about each parameter.
POST https://api.idkollen.se/v2/{api-key}/sign
{
"pno": "191234567890",
"message": "Text to sign",
"ipAddress": "8.8.8.8",
"callbackUrl": "https://partner.url/idkollen/response",
"refID": "12398698",
"digest": "hash"
}
| Parameter | Required | Description |
|---|---|---|
| pno | No | The personal number to authenticate. Can be left out when authenticating from the device where BankID is installed. |
| message | Yes | The text to sign, will be displayed in the BankID app. |
| ipAddress | Yes | The IP-address of the end user, or as close to the end user as possible. |
| callbackUrl | No | The URL to where IDkollen will send the callback on successful or failed requests. Not required when using /collect to check status. |
| allowFingerprint | No | Allow user to authenticate with fingerprint or face recognition in BankID app. (Default value: false) |
| refID | No | Reference ID which will be returned in the callback. |
| secretKey | Yes | Secret key to be used for increased security. Provided by IDkollen on request. |
| enableQR | No | Set to true returns qrStartToken and qrStartSecret for animated QR-codes. |
| digest | No | The hash that gets sent to BankID as "userNonVisibleData" |
IDkollen will respond with HTTP status 201 for successful request, or 4xx/5xx on For more information about errors, please see the Errors section.
HTTP/2.0 201 Created
{
"orderRef": "1668b9da-bff1-4dfc-ad48-60507b5a8d12",
"autoStartToken": "6e8fdb9e-4cc7-42a7-9ce7-59947aeec6e6"
}
| Property | Description |
|---|---|
| orderRef | BankID reference number, can be used to collect response. |
| autoStartToken | If pno is not included in the request, the BankID app must be started using this token. |