Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

User visible data is a text displayed to the user during authentication with BankID, with the purpose of providing context for the authentication and to enable users to detect identification errors and averting fraud attempts.

Usage in SSO

In order to customize the userVisibleData parameter for the Swedish BankID Authentication, please update the BANK_ID_TEXT internationalization message that can be found in the i18n/uas.properties file.

The length of the text must be no longer than 1125 characters (including application name - see “Customization” paragraph)

Customization

The BANK_ID_TEXT message can have the application display name injected. To do so, insert the placeholder {0} at the desired location. For example:

BANK_ID_TEXT = You are trying to authenticate to {0}. Please confirm the operation.

If your configured application display name is My application then the user will see:

You are trying to authenticate to My application. Please confirm the operation.

Application display name

Display name can be provided in one of the following ways (listed in the order of preference):

  • from ftn_spname request parameter if the AllowFtnSpname is enabled (see https://ubisecuredev.atlassian.net/l/cp/cxk6skXX for details)

  • from metadata:

    • client_name field for OAuth2/OICD

    • DisplayName field for SAML

    • if above is not present:

      • hostname

        • redirect_uri field for Oauth2/OICD

        • assertionConsumerUrl field for SAML

BankID documentation

BankID /auth endpoint documentation

BankID userVisibleData - example

  • No labels