MobileID

MobileID InApp Mobile integration: Registration

25 views November 12, 2020 November 18, 2020 0

MobileID InApp Mobile integration: Registration

1. Initiate operation on merchant server

The goal of this call is to obtain other necessary information to build a proper registration URL.
Note: The nature of the call is out of scope of this document (but this is most commonly HTTP GET).

Account and Artifact Creation

In order to carry out registration, an account with Signicat needs to be created. The merchant uses two SOAP WS calls:

  • One call for account creation
    • It is important that the flag activated is true
    • It is possible to add additional attributes to the account at the time of creation.
  • One call for creation of artifact that has to be passed to Signicat’s registration service when operation is initiated

The following information is passed back in response:

  • The name of the oidc_client_id
  • The name of the Signicat registration method
  • redirect_url (on merchant server) where final results should end
  • external_ref (account name with Signicat)
  • artifact, just created

2. Generate URL

Construct a registration URL as shown in the URL construction guide, based on information received from the merchant server in the previous step.

3. Initiate operation on Signicat’s server

The merchant app executes an HTTP GET request with the URL constructed previously. See the normal response in the URL construction guides.

Note: To be able to perform the subsequent requests, you must keep the cookies you receive and make these available for subsequent requests.

Response error example

{
"completeUrl": "https://id.signicat.com/...",
"status": "ERROR",
"error": {
"code": "urn:signicat:error:idp:ACCESS_DENIED",
"message": "Access denied. Wrong credentials."
},
...
}

If an error occurs during initialization, you will receive a status indicating this, and an error object will be present. Upon error, if you choose to make a GET request towards the completeUrlyou will get

error=access_denied&
error_description=The Resource Owner did not complete the login. urn:signicat:error:idp:ACCESS_DENIED; Access denied. Wrong credentials.

4. Execute operation toward Encap

If the status was “OK”, you can start the Encap activation.
This involves the regular startActivation() /finishActivation() calls towards the Encap Client API.

5. Get result of the process — Finalize operation

Using the completeUrl received in step 1, execute a GET request for the authorization_code.

Carry out the regular OIDC authorization_code sequence of steps to obtain the device information. See the Finalize operation guide for details.

Was this helpful?