Skip to end of metadata
  • Created by Former user , last modified on 2024-01-25
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

User visible data is a text displayed to the user during authentication with BankID, with the purpose of providing context for the authentication and to enable users to detect identification errors and averting fraud attempts.

Usage in SSO

In order to customize the userVisibleData parameter for the Swedish BankID Authentication, please update the BANK_ID_TEXT internationalization message. Instructions on the process can be found here: https://ubisecuredev.atlassian.net/l/cp/c1B1dWTf.

The length of the text must be no longer than 1125 characters (including application name - see “Customization” paragraph)

Customization

The BANK_ID_TEXT message can have the application display name injected. To do so, insert the placeholder {0} at the desired location. For example:

BANK_ID_TEXT = You are trying to authenticate to {0}. Please confirm the operation.

If your configured application display name is My application then the user will see:

You are trying to authenticate to My application. Please confirm the operation.

Application display name

Display name can be provided in one of the following ways (listed in the order of preference):

  • from ftn_spname request parameter if the AllowFtnSpname is enabled (see https://ubisecuredev.atlassian.net/l/cp/cxk6skXX for details)

  • from metadata:

    • client_name field for OAuth2/OICD

    • DisplayName field for SAML

  • hostname from request parameter:

    • redirect_uri for Oauth2/OICD

    • assertionConsumerUrl for SAML

BankID documentation

BankID /auth endpoint documentation

BankID userVisibleData - example

  • No labels

Ubisecure Privacy Policy & Cookie Statement