The easiest way to add BankID into your projects.
Contact Qrona AB to receive your PRIVATE TOKEN for authorization and you are ready to use Qrona API for BankID Integration.
Yes, it's that easy :)
Contact QronaRecommended for QR Code and mobile apps.
Initiates an authentication order. Use the collect method to query the status of the order. If the request is successful the response includes orderRef, autoStartToken (used to start BankID security program/app).
Example request
Note: If the personalNumber is excluded, Animated QR Code must be rendered based on qrCode value returned by collect method or the BankID app must be started with the autoStartToken returned in the response. For more information, please read the Launching section of BankID Relying Party Guidelines
POST /auth HTTP/1.1
Content-Type: application/json
Authorization: Bearer your_private_token_provided_by_qrona
Host: bankid.qrona.se
{
"personalNumber": "190000000000",
"endUserIp": "194.168.2.25"
}
Example response
HTTP/1.1 200 OK
Content-Type: application/json
{
"orderRef": "131daac9-16c6-4618-beb0-365768f37288",
"autoStartToken": "7c40b5c9-fa74-49cf-b98c-bfe651f9a7c6"
}
Collects the result of an auth order using the orderRef as reference. You should keep on calling collect every two seconds as long as status indicates pending. You must abort if status indicates failed. The user identity is returned when complete.
Example request
POST /collect HTTP/1.1
Content-Type: application/json
Authorization: Bearer your_private_token_provided_by_qrona
Host: bankid.qrona.se
{
"orderRef": "131daac9-16c6-4618-beb0-365768f37288"
}
Example response from collect for a pending order
Note: If the personalNumber is excluded in auth method, QR Code must be re-rendered on each response based on qrCode value.
HTTP/1.1 200 OK
Content-Type: application/json
{
"orderRef": "131daac9-16c6-4618-beb0-365768f37288",
"qrCode": "bankid.67df3917-fa0d-44e5-b327-edcc928297f8.0.dc69358e712458a66a7525beef148ae8526b1c71610eff2c16cdffb4cdac9bf8"
"status": "pending",
"hintCode": "userSign"
}
Example response from collect for a complete order
HTTP/1.1 200 OK
Content-Type: application/json
{
"orderRef": "131daac9-16c6-4618-beb0-365768f37288",
"status": "complete",
"completionData":{
"user":{
"personalNumber": "190000000000",
"name": "Sven Svensson",
"givenName": "Sven",
"surname": "Svensson",
"age": 25,
"sex": "Male",
"initials": "SS"
},
"device":{
"ipAddress": "194.168.2.25"
}
}
}
Starts an auth order and waits for user authentication by BankID security program/app. The user identity is returned when complete.
Example request
POST /auth-and-collect HTTP/1.1
Content-Type: application/json
Authorization: Bearer your_private_token_provided_by_qrona
Host: bankid.qrona.se
{
"personalNumber": "190000000000",
"endUserIp": "194.168.2.25"
}
Example response
HTTP/1.1 200 OK
Content-Type: application/json
{
"orderRef": "131daac9-16c6-4618-beb0-365768f37288",
"status": "complete",
"completionData":{
"user":{
"personalNumber": "190000000000",
"name": "Sven Svensson",
"givenName": "Sven",
"surname": "Svensson",
"age": 25,
"sex": "Male",
"initials": "SS"
},
"device":{
"ipAddress": "194.168.2.25"
}
}
}
Cancels an ongoing auth order. This is typically used if the user cancels the order in your service or app.
Example request
POST /cancel HTTP/1.1
Content-Type: application/json
Authorization: Bearer your_private_token_provided_by_qrona
Host: bankid.qrona.se
{
"orderRef": "131daac9-16c6-4618-beb0-365768f37288"
}
Example response
HTTP/1.1 200 OK
Content-Type: application/json
{}