...
| Innehållsförteckning | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
General info
För att ansluta till tjänsten via API:et GRP eller måste Kunden ha ett så kallat ServiceID(policy), vilket fås av CGI. ServiceID:et kan ses som ett lösenord till tjänsten och det är unikt för varje kund.
Kundens ServiceID till produktion bör hållas konfidentiellt och hemligt. Kunden kan efter överenskommelse erhålla olika ServiceID om man från olika system vill använda sig av olika säkerhetsregler eller regler kring vilka certifikat som skall godkännas.
Several providers of electronic ID:s (Finansiell ID-Teknik, Freja eID, Secmaker) have similar API:s that customers can use to request authentication and signing operations. The GRP service wraps all these API:s into one, making the implementation of the different electronic ID:s much simpler for service providers. Consumers of the GRP API are called Relying Parties (RP:s).
Access info
| Panel | ||||||
|---|---|---|---|---|---|---|
| ||||||
You will need a header called |
...
serviceId | Yes | Relying parties identify themselves for the GRP API using the parameter "serviceId". This is a value assigned by the GRP service operator when signing up. | policy |
provider | Yes | The relying party selects eID provider using the argument "provider". Examples are "bankid", "freja" and "nias" | provider |
displayName | Yes | Name of the certificate to be used by the IdP | rpDisplayName |
requestType | No | Which type of request, "AUTH" for authentication and "SIGN" for signing. Defaults to AUTH if not specified. | |
transactionId | Yes | A client provided random string unique for the specific authentication or sign request. UUID format is recommended. The same value is returned in the response and this is used for tracing and logging purposes. | transactionId |
endUserInfo | Yes | IP-address of the end-user connected to the RP. | endUserInfo.IP_ADDR |
orgIdIssuer | No | Only used for Freja Organisation ID. Can be set to "ANY" to allow organisation IDs set by other Relying Parties. | |
callInitiator | Conditional | Indicate if the user or RP initiated the phone call. Possible values are "USER" and "RP". NB: This must be present if flowType is set to "PHONE", as this is a required parameter for a BankID phone auth/sign request. Otherwise it can be left out or with an empty value. | |
flowType | No | Specify what type of flow the request is for. Currently only supports one value "PHONE", used for BankID phone auth/sign. Defaults to regular BankID auth/sign if not specified. sign if not specified. NB: If this parameter is active and set to "PHONE", then it's required to also use the parameter "callInitiator". |
Example
|
...
| Kodblock |
|---|
{
"refId": "2ba2p9xvg",
"autoStartToken": "770f7e00-e00e-4d62-a7b7-24503849a6e8",
"qrStartToken": "19633055-9c49-40a8-b567-75495f80dc0f",
"qrStartSecret": "8cccc89c-04bd-46b9-baa6-5d23e822231c",
"transactionId": "9a397519-0f9e-47b3-ab9e-e5b725d1883b"
}
|
Collect
After initializing the authentication or sign operations, the collect method should be polled for a result. The recommended time is 2 seconds and it should not be called more often than once every second as it will result in a “TIME_BLOCKED”.
GET request to https://eid-connect.test.funktionstjanster.se/grp/v3/collect
Used to get status and result from a authentication or signing.
...