# Setup of Swedish BankID

Contents

Initial preparations
Add BankID in the Dashboard
Select protocol and configure
Define intention text
- Add intention text in the Dashboard
- Add intention text using prefilling
Theming

Integration with BankID is done similarly to Signicat's other ID methods. This page describes the specifics for setting up BankID. For more general information on how to integrate with Signicat's protocols, see the Quick start guide.

# Initial preparations

The setup descriptions below assume you have completed the following initial preparations:

Sign up to the Signicat Dashboard (opens new window).
In the Signicat Dashboard, set up an organisation, an account and a domain.

Sandbox account

We recommend that you test our services with your sandbox account before implementing them in production.

# Add BankID in the Dashboard

Sign an agreement

You do not need any agreement to add BankID with a sandbox account. However, before you can start integrating in production, you need to configure BankID access with an onboarding manager. To get help with this, follow the steps in Sign agreements and order certificate or contact us (opens new window).

To add BankID to the list of supported ID methods:

In the Signicat Dashboard, go to eID Hub > ID Methods (opens new window).
Click Add new.
Choose Swedish BankID in the list and click Save.

You can now continue with selecting a protocol and configuring the ID method.

# Select protocol and configure

This section describes how you select and set up different BankID integrations. You can choose between the following protocols:

OIDC
SAML 2.0
Authentication REST API: This API provides either a redirect or a headless flow. See the general documentation for a concept description of the available flows.

Which protocol?

Choice of protocol depends on what you prefer and what you want to achieve. The Signicat Authentication REST API (opens new window) gives you a lot of flexibility and enables options such as headless flow in addition to redirect. Between the other two, we recommend using OIDC, since SAML 2.0 is much more complex to implement on your side and usually requires a federation agent already in place. OIDC is industry standard and you do not need to manage user sessions on your own (like with the Authentication REST API).

You can find more information about the different types in the general section, Authentication protocols.

# Define intention text

You may add an intention text on the IDENTIFICATION screen of the BankID app to underline the purpose of the authentication for the end-user.

Your intention text will always be prefixed with "My intent", as shown in the following example, where the intention text is set to Log into my online banking account:

Front matching click-to-zoom

You may also add security related information (see a screen example in the next section).

Do not use the text space for marketing or sales

Swedish BankID does not allow using this text space for other than intention of the identification and security-related information.

You can define the intention text in two ways:

Via configuration in the Dashboard.
By prefilling parameters.

# Add intention text in the Dashboard

Open the Swedish BankID configuration (opens new window) page in the Dashboard.
Add your intention text in the Intention text input field.

Note:

If the intention text is long and needs a scrollbar, the end-user must scroll to the bottom before they can proceed.

Optionally, you may add formatting to the text in simple markdown format (simpleMarkdownV1). This allows you to add headings, bullets and more (for details, see Swedish BankID's guide (opens new window)). Here is an example text in markdown format:

Log into my online banking account

### Security note
Remember, we will never contact you directly by telephone, email or SMS to verify your identity and will never ask you to provide your passwords or codes.

If anyone contacts you directly about this, please contact us by telephone or mail:
+ 111 11 111
+ bank@bank.se

This would look as follows:

If the intention text contains formatting, choose simpleMarkdownV1 from the Intention text format drop-down menu.

# Add intention text using prefilling

You may also add intention text per transaction by using prefilling of the two additional parameters, sbid_intention_text and sbid_intention_text_format.

Notes about prefilling

You cannot mix prefilled and configured (in the Dashboard) values. Prefilling will override the intention text you have defined in the Dashboard (see the above section).
The additional parameters must be trusted. The Authentication REST API makes this easy, since it always provides trusted parameters. For OIDC, you must use signed authorisation requests (see the general eID Hub documentation on how to do this).

To add the intention text in your integration code:

Create your intention text. You may format the intention text using simple markdown format (see the above example).
Encode the text into UTF-8 Base64 format. The maximum length of the the Base64 encoded string is 1500 characters.
Include the Base64 encoded intention text into your request. For protocol specific setup and examples, see the separate Authentication REST API and OIDC sections.
You can verify that the text looks as expected by testing a transaction in the sandbox environment.

# Theming

You can set your own theme with logo and colours in the Dashboard. For more details, see Account theming.

← Sign agreement and order certificate OIDC →