Swedish BankID - SSO

Introduction

Swedish BankID is a strong personal identification method used in Sweden by individuals to authenticate and to conclude agreements on the Internet. Individuals having Swedish personal identity (personal number) and are registered in Sweden can have Swedish BankID through their bank. Client applications exist for mobile and desktop. For more information, refer to Welcome to BankID.

Ubisecure SSO is capable of acting as a relying party and authenticating Swedish BankID users via an external authentication adapter which is also covered under these pages.

Current Ubisecure SSO supports the following use cases for BankID

  • BankID authentication using other device via Unregistered OpenID Connect CIBA
  • BankID authentication same device flow via authentication method, Unregistered Device Swedish BankID.


Complete list of Swedish BankID use cases can be found in BankID Relying Party guidelines.

Terminology

TermDescription
Relying Party (RP)A party that uses the BankID web service to provide authentication and signing functionality to the end user.
Backchannel authenticationA method of performing authentication transaction hidden from the client facing application.

Technical information

Ubisecure SSO and related components act as a Relying Party to BankID service provider. This concept is strictly specified in BankID Relying Party guidelines. It is highly suggested to read through the guidelines before proceeding to enable the authentication method.

BankID specification version

Ubisecure Swedish BankID is based on version 3.7 of the Relying Party guidelines.

Obtaining test and production certificates

In order to access Swedish BankID environments you have to obtain certificates for the access. A relying party needs two certificates:

  • CA root certificate to trust the BankID service provider servers
  • A client certificate for authenticating to the BankID service provider

Swedish BankID provider provides two environment; production and test. For test, you can get pre-defined certificates from the Relying Party guidelines page. For production you have to obtain the client certificate from the bank you purchase the service from. For more information, please refer to BankID Relying Party guidelines.

Creating test accounts

Swedish BankID Relying Party info provides a document and instructions for obtaining a test BankID. You can find this document on the Relying Party guidelines page mentioned above or use the direct link to How to get a test BankID.

Installing and configuring

Please refer to Installing and configuring Swedish BankID - SSO for more details on how to install, configure and deploy the authentication method.