Skip to main content

Authentication REST API

The Signicat Authentication REST API enables you to authenticate your end-users in an easy and secure way. With the Authentication REST API, you can offer a variety of authentication flows from your backend systems. Using such a REST API, can often result in a less complex integration compared to OIDC or SAML 2.0.

The main advantages of using this API compared to OIDC or SAML 2.0 are:

  • You do not need to implement complex protocols, since this is just a very simple REST API.
  • You can support complex flows such as headless flow.

The biggest disadvantages are:

  • You always need a backend system to do the API calls securely.
  • You may have to write more custom code compared to using a pre-made library or SDK for OIDC or SAML.

Available flows

The Authentication REST API currently supports the redirect and headless flow (see below). We plan to implement more flows in the future.

Redirect flow

The redirect flow allows you to pass a URL to your end-users which they will open in a browser. It is called a redirect flow since your end-users are redirected several times during the authentication session. At the end of this redirect chain, they will arrive at what you have defined as the "success callbackUrl" for that specific session. This should be an endpoint at your backend system. Your backend will then get the authentication session from our endpoint, which includes the information about the authenticated person (subject).

Sequence diagram example

Sequence diagram example

Headless flow

The headless flow allows you to provide your own user interface within your app or website. Requests are sent from your backend server to Signicat's Authentication REST API.

Headless flow is currently only available for Swedish BankID. For more information about how to set this up, see Headless flow.

API reference

In our Authentication REST API reference, you can find information about the available endpoints and properties, as well as sample requests and responses.

Tutorial video

Configure the Authentication REST API

This tutorial video show you how to configure the Authentication REST API for the Signicat eID Hub, in the Signicat Dashboard.