The easiest way to add BankID into your projects.
Contact Qrona AB to receive your PRIVATE TOKEN for authorization and you are ready to use Qrona API for BankID Integration.
Yes, it's that easy :)
Contact QronaRecommended for QR code and same device authentication.
Initiates an authentication order. Use the collect method to query the status of the order. If the request is successful the response includes orderRef, autoStartToken (used to start BankID security program/app).
Example request
Note: Animated QR code must be rendered based on qrCode value returned by collect method or the BankID app must be started with the autoStartToken returned in the response.
POST /auth HTTP/1.1
Content-Type: application/json
Authorization: Bearer your_private_token_provided_by_qrona
Host: bankid.qrona.se
{
"endUserIp": "194.168.2.25"
}
Example response
HTTP/1.1 200 OK
Content-Type: application/json
{
"orderRef": "131daac9-16c6-4618-beb0-365768f37288",
"autoStartToken": "7c40b5c9-fa74-49cf-b98c-bfe651f9a7c6"
}
Collects the result of an auth order using the orderRef as reference. You should keep on calling collect every two seconds as long as status indicates pending. You must abort if status indicates failed. The user identity is returned when complete.
Example request
POST /collect HTTP/1.1
Content-Type: application/json
Authorization: Bearer your_private_token_provided_by_qrona
Host: bankid.qrona.se
{
"orderRef": "131daac9-16c6-4618-beb0-365768f37288"
}
Example response from collect for a pending order
Note: If the personalNumber is excluded in auth method, QR code must be re-rendered on each response based on qrCode value.
HTTP/1.1 200 OK
Content-Type: application/json
{
"orderRef": "131daac9-16c6-4618-beb0-365768f37288",
"qrCode": "bankid.67df3917-fa0d-44e5-b327-edcc928297f8.0.dc69358e712458a66a7525beef148ae8526b1c71610eff2c16cdffb4cdac9bf8"
"status": "pending",
"hintCode": "userSign"
}
Example response from collect for a complete order
HTTP/1.1 200 OK
Content-Type: application/json
{
"orderRef": "131daac9-16c6-4618-beb0-365768f37288",
"status": "complete",
"completionData":{
"user":{
"personalNumber": "190000000000",
"name": "Sven Svensson",
"givenName": "Sven",
"surname": "Svensson",
"age": 25,
"sex": "Male",
"initials": "SS"
},
"device":{
"ipAddress": "194.168.2.25"
}
}
}
Initiates an authentication order when the user is talking over the phone. The user identity is returned when the authentication is completed.
Example request
POST /auth-and-collect HTTP/1.1
Content-Type: application/json
Authorization: Bearer your_private_token_provided_by_qrona
Host: bankid.qrona.se
{
"personalNumber": "190000000000",
"callInitiator": "user" | ""
}
Example response
Note: Set callInitiator to "user" if the phone call was initialted by the user, otherwise we will assume that it was started by you.
HTTP/1.1 200 OK
Content-Type: application/json
{
"orderRef": "131daac9-16c6-4618-beb0-365768f37288",
"status": "complete",
"completionData":{
"user":{
"personalNumber": "190000000000",
"name": "Sven Svensson",
"givenName": "Sven",
"surname": "Svensson",
"age": 25,
"sex": "Male",
"initials": "SS"
},
"device":{
"ipAddress": "194.168.2.25"
}
}
}
Cancels an ongoing auth order. This is typically used if the user cancels the order in your service or app.
Example request
POST /cancel HTTP/1.1
Content-Type: application/json
Authorization: Bearer your_private_token_provided_by_qrona
Host: bankid.qrona.se
{
"orderRef": "131daac9-16c6-4618-beb0-365768f37288"
}
Example response
HTTP/1.1 200 OK
Content-Type: application/json
{}