Configuration of User Visible Data per application

User visible data is a text displayed to the user during authentication with BankID, with the purpose of providing context for the authentication and to enable users to detect identification errors and averting fraud attempts.

Usage in SSO

In order to customize the userVisibleData parameter for the Swedish BankID Authentication, please update the BANK_ID_TEXT internationalization message. Instructions on the process can be found here: https://ubisecuredev.atlassian.net/wiki/spaces/IDS20241/pages/9165277613 .

The length of the text must be no longer than 1125 characters (including application name - see “Customization” paragraph)

Customization

The BANK_ID_TEXT message can have the application display name injected. To do so, insert the placeholder {0} at the desired location. For example:

BANK_ID_TEXT = You are trying to authenticate to {0}. Please confirm the operation.

If your configured application display name is My application then the user will see:

You are trying to authenticate to My application. Please confirm the operation.

Application display name

Display name can be provided in one of the following ways (listed in the order of preference):

from ftn_spname request parameter if the AllowFtnSpname is enabled (see https://ubisecuredev.atlassian.net/wiki/spaces/IDS20241/pages/9165280948 for details)
from metadata:
- client_name field for OAuth2/OIDC
- DisplayName field for SAML
hostname from request parameter:
- redirect_uri for OAuth2/OIDC
- assertionConsumerUrl for SAML

BankID documentation

BankID /auth endpoint documentation