### Onfido Integration Source: https://eid.scrive.com/documentation/api/v1/index Guide for integrating Onfido using the Onfido Web SDK. Requires specifying referrer URL, starting the transaction, using the sdkToken with the SDK, and calling a continuation endpoint. ```APIDOC Onfido Integration: 1. Create a transaction with `referrerUrlPatternForSdk`. 2. Start the transaction and extract `sdkToken` for Onfido SDK. 3. Call 'Continue with Onfido process' endpoint after SDK completion. 4. Poll transaction status and completion data. ``` -------------------------------- ### SmartID Integration Source: https://eid.scrive.com/documentation/api/v1/index Instructions for SmartID integration. Requires creating and starting a transaction, displaying the `verificationCode` for user comparison with the SmartID app. ```APIDOC SmartID Integration: 1. Create a transaction. 2. Start the transaction and extract `verificationCode` to show the user for comparison with the SmartID app. 3. Poll transaction status and completion data. ``` -------------------------------- ### Scrive API v1 Usage - Various Providers API-only Source: https://eid.scrive.com/documentation/api/v1/index Describes the API-only usage for Norwegian BankID, Finnish FTN, German Verimi, Dutch iDIN, Belgian Itsme, Digidentity, and Scrive QES. It involves creating a transaction, starting it to get an authUrl/signUrl, directing the user, and polling for completion data. Embedding is not allowed. ```APIDOC For Norwegian BankID, Finnish FTN, German Verimi, Dutch iDIN, Belgian Itsme, Digidentity, and Scrive QES: 1. Create a transaction. 2. Start the transaction, extracting `authUrl` or `signUrl` from the response. 3. Send the end user to the URL. It can **only** be opened in a pop-up or redirected to; embedded login is not allowed. 4. After user authentication, the user will be redirected to `redirectUrl`. 5. Query transaction completion data once `redirectUrl` is called. ``` -------------------------------- ### Start Transaction Endpoint - POST /transaction/{transaction_id}/start Source: https://eid.scrive.com/documentation/api/v1/index Starts an eID transaction using the specified transaction ID. This endpoint requires a transaction ID as a path parameter and accepts a JSON payload with user identification details. It returns a transaction status and provider information upon success. ```APIDOC Endpoint: POST /transaction/{transaction_id}/start URL: https://eid.scrive.com/api/v1/transaction/{transaction_id}/start Path Parameters: transaction_id (string, uuid, required): The ID of the transaction to start. Header Parameters: User-Agent (string): User agent string. Request Body (application/json;charset=utf-8): endUserIP (string, EndUserIP, optional): IP address of the end user (required for SE BankID API-only). msisdn (string, MSISDN, optional): Valid MSISDN in international format (e.g., +441234567890). personalNumber (string, SEPersonalNumber, optional): Swedish personal number (12 digits, ^\d{12}$). smartIdUserIdentifier (object, SmartIDSemanticsIdentifier, optional): country (string, SmartIDCountry, required): Two-character ISO 3166-1 alpha-2 country code (e.g., EE, LT, LV, KZ). identifier (string, required): User identifier. identityDocumentType (string, SmartIDIdentityDocumentType, required): Type of identity document (Passport, IdCard, PersonalNumber). Responses: 200 OK (application/json;charset=utf-8): id (string, uuid, TransactionID, required): The ID of the transaction. method (string, Method, required): Method used (auth, sign). provider (string, Provider, required): eID provider used (seBankID, fiTupas, noBankID, dkNemID, verimi, nlIDIN, itsme, smsOtp, onfido, freja, swisscom, dkMitID, dkNemIDOrMitID, smartID, digidentity, scriveQES, oneID). Note: dkNemID is not supported anymore. providerInfo (object, ProviderInfo, required): Information from eID provider. digidentityAuth (object, InfoAuthDigidentity, optional): dkMitID (object, InfoDKMitID, optional): fiTupasAuth (object, InfoAuthTupas, optional): fiTupasSign (object, InfoSignTupas, optional): frejaAuth (object, InfoAuthFreja, optional): frejaSign (object, InfoSignFreja, optional): itsmeAuth (object, InfoAuthItsme, optional): itsmeSign (object, InfoSignItsme, optional): nlIDINAuth (object, InfoAuthNLiDIN, optional): noBankIDAuth (object, InfoAuthNOBankID, optional): noBankIDSign (object, InfoSignNOBankID, optional): oneID (object, InfoAuthOneID, optional): onfidoAuth (object, InfoAuthOnfido, optional): scriveQES (object, InfoSignScriveQES, optional): seBankID (object, InfoBankID, optional): smartID (object, InfoSmartID, optional): smsOtpAuth (object, InfoAuthSMSOTP, optional): swisscomSign (object, InfoSignSwisscom, optional): verimiAuth (object, InfoAuthVerimi, optional): verimiSign (object, InfoSignVerimi, optional): providerParameters (object, ProviderParameters, optional): Parameters provided upon transaction creation. auth (object, ProviderParametersAuth, optional): Optional provider parameters for auth transactions. sign (object, ProviderParametersSign, optional): Mandatory provider parameters for sign transactions. redirectUrl (string, RedirectUrl, required): URL to redirect the user after completion. status (string, Status, required): Transaction status (new, started, failed, complete). 400 Bad Request: Callback URL not whitelisted, invalid callback URL, operation not allowed, bad parameters, transaction expired, method unavailable, redirect URL unacceptable, invalid body or User-Agent. 403 Forbidden: Authentication invalid for this transaction. 404 Not Found: Transaction with this ID does not exist or transaction_id not found. 409 Conflict: Incompatible transaction, transaction not in allowed status, or user already has a transaction in progress. 500 Internal Server Error 502 Bad Gateway: Problem in communication with provider. Request Sample: { "endUserIP": "string", "msisdn": "string", "personalNumber": "^\\dddddddddddd$", "smartIdUserIdentifier": { "country": "string", "identifier": "string", "identityDocumentType": "Passport" } } ``` -------------------------------- ### Freja eID Integration Source: https://eid.scrive.com/documentation/api/v1/index Steps for Freja eID integration. Involves creating and starting a transaction, optionally using `userInputInfo` for a custom UI or extracting `authRef` for end-user interaction. ```APIDOC Freja eID Integration: 1. Create a transaction. 2. Start the transaction. If `userInputInfo` is empty, extract `authRef` for custom UI. If `userInputInfo` is always set, no UI is needed. 3. Poll transaction status and completion data. ``` -------------------------------- ### EID Scrive API v1 - Start Transaction Endpoint Source: https://eid.scrive.com/documentation/api/v1/index Initiates a new transaction within the EID Scrive system. This POST request requires authorization via Bearer token and is used to start a transaction created by the same company. ```APIDOC POST /transaction/{transaction_id}/start Starts a transaction created by the same company. Authorizations: _BearerAuth_ ``` -------------------------------- ### SMS OTP Integration Source: https://eid.scrive.com/documentation/api/v1/index Steps to integrate SMS OTP for one-time password verification. This involves creating and starting a transaction, collecting user input, and validating the OTP. ```APIDOC SMS OTP Integration: 1. Create a transaction. 2. Start the transaction (msisdn can be provided at creation or start, but not changed on start). 3. Collect end-user OTP input and validate via SMS-OTP check endpoint. 4. Query transaction data after OTP confirmation or when attempts are exhausted. ``` -------------------------------- ### Start Swisscom SRS Identification Source: https://eid.scrive.com/documentation/api/v1/index Initiates an identification process with Swisscom SRS, requiring user details and an issuer method. Provides the target URL for the identification process and details common error responses. ```APIDOC POST /transaction/{transaction_id}/swisscom/identify https://eid.scrive.com/api/v1/transaction/{transaction_id}/swisscom/identify Path Parameters: transaction_id: string (uuid) Request Body schema: application/json;charset=utf-8 { "country": string, "dob": string, "firstName": string, "issuerMethod": string (SwisscomSRSIssuerMethod), Enum: "IdentityTmVideo", "BankKlarna", "NectRoboIdent", "lastName": string } Response Schema: application/json;charset=utf-8 { "targetURL": string } Error Codes: 400: Callback URL not whitelisted, Invalid callback URL, Operation not allowed for provider, Bad parameters, Transaction expired, Method unavailable, Redirect URL invalid, Invalid body. 403: Invalid authentication. 404: Transaction ID not found. 409: Transaction status issue, User has transaction in progress. 500: Internal Server Error. 502: Communication problem with provider. ``` -------------------------------- ### EID Scrive API v1 - Transaction Response Sample Source: https://eid.scrive.com/documentation/api/v1/index This JSON structure represents a successful response when starting a transaction via the EID Scrive API v1. It details user information, transaction identifiers, the authentication method used, and provider-specific parameters and completion data. ```JSON { "endUserInfo": { "ip": "string", "userAgent": "string" }, "id": "00000000-0000-0000-0000-000000000000", "method": "auth", "provider": "seBankID", "providerInfo": { "digidentityAuth": { "authUrl": "string", "completionData": { "birthdate": "2016-07-22", "country": "string", "email": "string", "emailVerified": true, "familyName": "string", "gender": "string", "givenName": "string", "locality": "string", "middleName": "string", "phoneNumber": "string", "phoneNumberVerified": true, "postalCode": "string", "region": "string", "streetAddress": "string", "userId": "string" }, "errorData": { "error": "string", "errorDescription": "string" } } }, "providerParameters": { "auth": { "digidentity": { "requestedInfo": [ "Profile" ] }, "dkMitID": { "action": "LogOn", "cpr": "^\\dddddddddd$", "employeeLogin": true, "language": "Da", "level": "Low", "referenceText": "-", "requestCPR": false }, "fiTupas": { "forceBank": "nordea", "uiLocale": "nb-NO" }, "freja": { "enforcePlusRegistrationLevel": true, "useOrgIdService": true, "userInputInfo": "string", "userOutputInfo": [ "EmailAddress" ] }, "itsme": { "forceAdvancedSecurity": false, "uiLocale": "Fr", "userInfoClaims": [ "Profile", "Phone" ] }, "nlIDIN": { "description": "Identificatie", "presetBank": "AbnAmro", "requestAddress": false, "requestAgeCheck": false, "requestBirthdate": true, "requestEmail": false, "requestGender": false, "requestName": true, "requestTelephone": false, "uiLanguage": "en" }, "noBankID": { "allowSubstantialLevel": false, "personalNumber": "^\\ddddddddddd$", "phoneNumber": "^(\+47)?\\dddddddd$", "requestNNIN": false, "uiLocale": "nb", "useCibaFlow": "callCenter" }, "oneID": { "product": "id_check", "scopes": [ "openid" ], "verificationMethods": [ "OpenBanking" ] }, "onfido": { "additionalReportInfo": "addressInfo", "address": { "country": "string", "postcode": "string", "state": "string", "street": "string", "town": "string" }, "allowedDocumentCountries": [ "string" ], "allowedDocumentTypes": [ "NationalIdentityCard" ], "countryOfResidence": "string", "dateOfBirth": "2016-07-22", "email": "string", "firstName": "string", "forceCrossDevice": true, "forceMobileDocumentCapture": true, "lastName": "string", "referrerUrlPatternForSdk": "string", "report": "document", "uiLocale": "en-US" }, "seBankID": { "callInitiator": "User", "maxRiskLevel": "Low", "personalNumber": "^\\dddddddddddd$", "requireAutoStartToken": true, "requireMRTD": true, "requirePinCode": true, "returnRisk": true, "userNonVisibleData": "string", "userVisibleData": "string", "userVisibleDataFormat": "SimpleMarkdownV1" }, "smartID": { "certificateLevel": "Advanced", "displayText": "^$", "userSemanticsIdentifier": { "country": "string", "identifier": "string", "identityDocumentType": "Passport" } }, "smsOtp": { "maxNumberOfAttempts": 5, "messageText": "Your one-time code is ", "msisdn": "string", "originator": "string" } } }, "redirectUrl": "string", "status": "new" } ``` -------------------------------- ### Scrive API v1 Usage - Swedish BankID API-only Source: https://eid.scrive.com/documentation/api/v1/index Details the API-only usage for Swedish BankID, including creating a transaction, starting it with endUserIP, extracting autoStartToken for custom UI, and polling for status. It notes limitations on concurrent transactions per personal number. ```APIDOC 1. Create a transaction. 2. Start the transaction, setting the `endUserIP` parameter to the end user's IP address. 3. Extract `autoStartToken` from the response and use it to start your custom UI. (Refer to BankID documentation for `redirect` parameter). 4. Poll transaction status and completion data. Limitations: - SE BankID allows only one ongoing transaction per personal number. - Transactions must be canceled or allowed to expire (3 minutes) before starting a new one for the same personal number. ``` -------------------------------- ### Scrive API v1 Get Transaction Endpoint Source: https://eid.scrive.com/documentation/api/v1/index Details the GET endpoint for retrieving transaction information by its ID. Includes the URL structure and the expected transaction ID parameter. ```APIDOC get/transaction/{transaction_id} https://eid.scrive.com/api/v1/transaction/{transaction_id} ``` -------------------------------- ### Scrive API v1 Usage - General Frontend Source: https://eid.scrive.com/documentation/api/v1/index Describes the recommended usage of the Scrive frontend, which simplifies the flow and handles redirections for all providers. It can be opened in a pop-up or redirected to, with options for custom branding. Embedding in iframes is restricted for security reasons. ```APIDOC Usage of Scrive frontend is recommended for a simpler flow and consistent handling of redirections across providers. Frontend can be opened in a pop-up window or redirected to. Customization options include adding a custom logo, title, and background color. Embedding the frontend in an iframe is not allowed due to security reasons: - Verification of the URL in the browser's address bar. - Third-party cookies reliability across browsers and platforms. - Security vulnerabilities related to malicious external scripts and browser plugins. Redirection flow is recommended over pop-up windows due to potential issues with pop-up blockers on various platforms. ``` -------------------------------- ### Cancel Transaction Source: https://eid.scrive.com/documentation/api/v1/index Cancels a transaction created by the same company. Only transactions with status 'new' can be cancelled before they start. Certain providers like seBankID and Freja allow cancellation after starting. Failed or completed transactions cannot be cancelled. ```APIDOC POST /transaction/{transaction_id}/cancel https://eid.scrive.com/api/v1/transaction/{transaction_id}/cancel ## Authorizations: _BearerAuth_ ## Path Parameters: transaction_id (required, string ): The ID of the transaction to cancel. ## Responses: **200 OK** - Response Schema: application/json;charset=utf-8 - endUserInfo (object, optional): Information about the end user if `returnEndUserInfo` was set to `true`. - ip (required, string): End user IP address. - userAgent (string, optional): End user `User-Agent` HTTP header. - id (required, string ): Transaction ID. - method (required, string): Transaction method (e.g., "auth", "sign"). - provider (required, string): eID provider used (e.g., "seBankID", "freja"). - providerInfo (object, optional): Information from the eID provider. - providerParameters (object, optional): Parameters provided during transaction creation. - redirectUrl (required, string): The URL to redirect the user to after completion. - status (required, string): The current status of the transaction (e.g., "new", "started"). **400 Bad Request** - Callback URL is not whitelisted. - Invalid callback URL. - Operation not allowed for this provider. - Bad parameters. - Transaction has already expired. - Method isn't available for the provider. - Redirect URL cannot be accepted. **403 Forbidden** - The provided authentication is not valid for this transaction. **404 Not Found** - Transaction with this ID does not exist. - `transaction_id` not found. **409 Conflict** - Incompatible transaction type. - Transaction is not in an allowed status for this operation. - User already has a transaction in progress with the provider. **500 Internal Server Error** - An internal error occurred on the server. **502 Bad Gateway** - Problem communicating with the provider. ``` -------------------------------- ### Scrive API v1 Usage - eID Hub Frontend Flow Source: https://eid.scrive.com/documentation/api/v1/index Outlines the steps for using the eID Hub frontend, including creating a transaction, directing the end user to the access URL, and querying transaction completion data. It specifies that the accessUrl is a single-use URL and the redirectUrl should be stateless. ```APIDOC 1. Create a transaction. 2. Send the end user to `accessUrl` (single-use URL). This can be opened in a pop-up or redirected to. Embedding in an iframe is not allowed. 3. At the end of the authentication, the end user will be redirected to `redirectUrl`. 4. Query transaction completion data. `redirectUrl` should be an endpoint that requests completion data. It can return a custom script for closing pop-ups or an actual next-step UI page. ``` -------------------------------- ### Test User Information by Provider Source: https://eid.scrive.com/documentation/api/v1/index Provides specific instructions and credentials for generating or using test users for various eID providers in the eID Hub test environment. This includes links to external documentation and specific test credentials where applicable. ```APIDOC Swedish BankID: - Information on installing the test app and creating test users can be found in the [BankID documentation](https://www.bankid.com/utvecklare/test). - Test identities can be generated on [Fejk](https://fejk.se/). Norwegian BankID: - Test users can be generated via [BankID Norge](https://ra-preprod.bankidnorge.no/#/generate). - All test users have the same One Time Code "otp" and password "qwer1234". Danish MitID: - Test users can be issued on demand. Finnish FTN: - A list of test users can be found [here](https://www.nets.eu/developer/e-ident/eids/Pages/testusers.aspx#bankidfi). - Parameters named `fiTupas` or `Tupas` correspond to FTN. German Verimi: - A test account (without 2FA) can be created on demand. - For 2FA and Verimi UAT app, contact Scrive to facilitate communication. Dutch iDIN: - The iDIN test environment has a single preconfigured test bank (Rabobank). - Selecting Rabobank redirects the user back to eID Hub as if authentication was successful. Belgian Itsme: - Requires a test account and access to the test app; contact Scrive directly. SMS OTP: - In test environments, no SMS is sent. - The OTP is always set to `123456`. Onfido: - Test environments do not perform actual document or facial similarity checks. - Almost any sample image can be used for testing. Freja eID: - Refer to [Testing instructions](https://frejaeid.com/testing/Freja%20eID%20Relying%20Party%20Documentation%20-%20Testing%20instructions.html) for enabling testing mode in the Freja eID app. Swisscom AIS: - Currently not possible to have test users. - Future capabilities might include a "test mode" for real accounts, not "test users". SmartID: - Use existing [accounts for automated testing](https://github.com/SK-EID/smart-id-documentation/wiki/Environment-technical-parameters#test-accounts-for-automated-testing). - Issue a personal testing account via [SmartID documentation](https://github.com/SK-EID/smart-id-documentation/wiki/Smart-ID-demo#getting-started). Digidentity: - Requires a test account and access to the test app; contact Scrive directly. ``` -------------------------------- ### Scrive QES Integration Update Source: https://eid.scrive.com/documentation/api/v1/index This snippet notes the addition of Scrive QES as a sign provider. ```APIDOC Scrive QES Update: - Added Scrive QES as a sign provider. ``` -------------------------------- ### EID Scrive API v1 Get Transaction Endpoint Source: https://eid.scrive.com/documentation/api/v1/index Retrieves an existing transaction created by the same company. Requires Bearer token authorization. ```APIDOC GET /transaction/{transaction_id} Retrieves an existing transaction created by the same company. Authorizations: _BearerAuth_ Path Parameters: transaction_id (required, string ): The ID of the transaction to retrieve. Responses: **200** Description: Transaction retrieved successfully. Content: application/json: Schema: type: object properties: accessUrl: { type: string, description: URL to access the transaction } id: { type: string, format: uuid, description: Unique identifier for the transaction } ``` -------------------------------- ### Scrive API v1 Usage - Freja eID Frontend Source: https://eid.scrive.com/documentation/api/v1/index Explains the flow for Freja eID on mobile when no user-identifying info is preset, involving redirection to the Freja app and then back to eID Hub in a new browser tab. Emphasizes the stateless requirement for redirectUrl. ```APIDOC When using Freja on mobile without preset user-identifying info: 1. The end user is redirected to their Freja app. 2. The user is redirected back to eID Hub in a new browser tab. Therefore, `redirectUrl` should be stateless. ``` -------------------------------- ### Scrive API v1 Usage - Danish MitID API-only Source: https://eid.scrive.com/documentation/api/v1/index States that API-only usage is not possible for Danish MitID because the UI client must be hosted by the broker on a mitid.dk subdomain. ```APIDOC API-only usage is not possible for Danish MitID. The MitID UI client must be hosted by the broker on a `mitid.dk` subdomain. ``` -------------------------------- ### Scrive API: Get Onfido Check Data Source: https://eid.scrive.com/documentation/api/v1/index Retrieves the Onfido check data for a given transaction. This includes applicant details, check status, and associated report IDs. The response schema defines the structure of the returned JSON object, including potential error codes. ```APIDOC GET /transaction/{transaction_id}/onfido/check https://eid.scrive.com/api/v1/transaction/{transaction_id}/onfido/check Response Schema (application/json;charset=utf-8): OnfidoCheck: applicantId (string, required): The applicant ID, usable for custom workflows with your Onfido account. applicantProvidesData (boolean, required) createdAt (string, required): Format (UTCTime) formUri (string) href (string, required) id (string, required) reportIds (Array of strings) result (string) sandbox (boolean, required) tags (Array of strings) pdf (string, optional): The PDF data encoded in base 64 (OnfidoBase64EncodedPDF) Error Responses: 400: Callback URL not whitelisted, Invalid callback URL, Operation not allowed for provider, Bad parameters, Transaction expired, Method unavailable, Redirect URL invalid. 403: Invalid authentication. 404: Transaction not found. 409: Transaction status invalid, User has transaction in progress. 500: Internal Server Error. 502: Communication problem with provider. ``` -------------------------------- ### eID Scrive API v1 Transaction Creation Source: https://eid.scrive.com/documentation/api/v1/index Documentation for creating a new transaction via the eID Scrive API v1. Includes details on the request endpoint, response schema, and potential error codes. ```APIDOC Response Schema: accessUrl: string (url) - A single-use URL that leads to eID Hub frontend for end-user interaction. Optional, as frontend flow can be implemented independently. Redirects to `redirectUrl` upon completion. id: string (uuid) - Unique identifier for the transaction. Error Codes: 400 - Callback URL not whitelisted OR Invalid callback URL OR Operation not allowed for this provider OR Bad parameters OR Transaction expired OR Method unavailable for provider OR Invalid Redirect URL OR Invalid `body` 403 - Authorization header required OR Provider not supported (DKNemID) OR Authentication data mismatch for provider/method combination 409 - Transaction not in allowed status OR User has existing transaction in progress 500 - Internal Server Error 502 - Communication problem with provider Endpoint: POST https://eid.scrive.com/api/v1/transaction/new ``` -------------------------------- ### API Versioning Policy Source: https://eid.scrive.com/documentation/api/v1/index Details the API versioning strategy based on Semantic Versioning (2.0.0). Explains what constitutes MAJOR, MINOR, and PATCH version bumps. ```APIDOC Versioning: - API versioned according to Semantic Versioning (2.0.0). - Major versions in separate paths (e.g., `/v1/`). - Backwards compatible changes (new endpoints, added response properties, added optional parameters, new enum values, URI/ID format changes) result in MINOR or PATCH bumps. - Occasional non-compliant changes may be MINOR versions if impact is minimal and benefits outweigh costs, with customer communication. ``` -------------------------------- ### EID Scrive API v1 Request Payload Source: https://eid.scrive.com/documentation/api/v1/index This JSON payload demonstrates the structure for initiating a transaction with the EID Scrive API v1. It includes fields for callback URL, authentication method, provider, provider-specific parameters, redirect URL, and return user info. ```json { "callbackUrl": "string", "method": "auth", "provider": "seBankID", "providerParameters": { "auth": { "digidentity": { "requestedInfo": [ "Profile" ] }, "dkMitID": { "action": "LogOn", "cpr": "^\\\\d{10}$", "employeeLogin": true, "language": "Da", "level": "Low", "referenceText": "-", "requestCPR": false }, "fiTupas": { "forceBank": "nordea", "uiLocale": "nb-NO" }, "freja": { "enforcePlusRegistrationLevel": true, "useOrgIdService": true, "userInputInfo": "string", "userOutputInfo": [ "EmailAddress" ] }, "itsme": { "forceAdvancedSecurity": false, "uiLocale": "Fr", "userInfoClaims": [ "Profile", "Phone" ] }, "nlIDIN": { "description": "Identificatie", "presetBank": "AbnAmro", "requestAddress": false, "requestAgeCheck": false, "requestBirthdate": true, "requestEmail": false, "requestGender": false, "requestName": true, "requestTelephone": false, "uiLanguage": "en" }, "noBankID": { "allowSubstantialLevel": false, "personalNumber": "^\\\\d{11}$", "phoneNumber": "^(\\+47)?\\d{8}$", "requestNNIN": false, "uiLocale": "nb", "useCibaFlow": "callCenter" }, "oneID": { "product": "id_check", "scopes": [ "openid" ], "verificationMethods": [ "OpenBanking" ] }, "onfido": { "additionalReportInfo": "addressInfo", "address": { "country": "string", "postcode": "string", "state": "string", "street": "string", "town": "string" }, "allowedDocumentCountries": [ "string" ], "allowedDocumentTypes": [ "NationalIdentityCard" ], "countryOfResidence": "string", "dateOfBirth": "2016-07-22", "email": "string", "firstName": "string", "forceCrossDevice": true, "forceMobileDocumentCapture": true, "lastName": "string", "referrerUrlPatternForSdk": "string", "report": "document", "uiLocale": "en-US" }, "seBankID": { "callInitiator": "User", "maxRiskLevel": "Low", "personalNumber": "^\\\\d{12}$", "requireAutoStartToken": true, "requireMRTD": true, "requirePinCode": true, "returnRisk": true, "userNonVisibleData": "string", "userVisibleData": "string", "userVisibleDataFormat": "SimpleMarkdownV1" }, "smartID": { "certificateLevel": "Advanced", "displayText": "^$", "userSemanticsIdentifier": { "country": "string", "identifier": "string", "identityDocumentType": "Passport" } }, "smsOtp": { "maxNumberOfAttempts": 5, "messageText": "Your one-time code is ", "msisdn": "string", "originator": "string" } } }, "redirectUrl": "string", "returnEndUserInfo": true } ``` -------------------------------- ### Smart-ID Integration Updates Source: https://eid.scrive.com/documentation/api/v1/index This snippet summarizes changes for Smart-ID integration, including new provider status, completion data extraction, and signature compliance. ```APIDOC Smart-ID Updates: - Added SmartID as an auth provider. - Added SmartID as a sign provider. - Extracted additional user information from Smart-ID response to completion data. - Extracted date of birth from Smart-ID certificate to a dedicated field in completion data. - Modified Smart-ID signature flow to make the signature AdES-compliant. ``` -------------------------------- ### Onfido Integration Updates Source: https://eid.scrive.com/documentation/api/v1/index This snippet summarizes changes related to Onfido integration, including new report types, language support, SDK parameter adjustments, and new error codes. ```APIDOC Onfido Updates: - Added support for `documentWithAddressInformation` and `documentWithDrivingLicenceInformation` report types. - Added `dateOfBirth` as a parameter. - Added Italian and Portuguese languages. - Introduced `referrerUrlPatternForSdk` parameter to use Onfido without eID-Hub's frontend. - Added new Onfido error codes due to upgrade to Onfido API v3.3. - Added `forceCrossDevice` and `useLiveDocumentCapture` as separate options. - Added Proof-of-Adress report. - Marked `useLiveDocumentCapture` as deprecated. - Added Motion as an option for facial-similarity check. - Added motion frames to the images endpoint. - Added `countryOfResidence` parameter. - Added an endpoint to fetch an Onfido check. ``` -------------------------------- ### EID Scrive API v1 Response Sample Source: https://eid.scrive.com/documentation/api/v1/index This snippet details a successful response (HTTP 200) for an authentication request within the EID Scrive API v1. It outlines the structure of the JSON response, including identifiers, authentication method, provider details, and provider-specific parameters for various identity solutions like seBankID, dkMitID, fiTupas, freja, itsme, nlIDIN, noBankID, oneID, onfido, smartID, and smsOtp. ```APIDOC OpenAPI Specification for EID Scrive API v1: Response Sample (200 OK): Content type: application/json;charset=utf-8 { "id": "string (UUID)", "method": "string (e.g., auth)", "provider": "string (e.g., seBankID)", "providerInfo": { "digidentityAuth": { "authUrl": "string (URL for authentication)", "completionData": { "birthdate": "string (YYYY-MM-DD)", "country": "string", "email": "string", "emailVerified": "boolean", "familyName": "string", "gender": "string", "givenName": "string", "locality": "string", "middleName": "string", "phoneNumber": "string", "phoneNumberVerified": "boolean", "postalCode": "string", "region": "string", "streetAddress": "string", "userId": "string" }, "errorData": { "error": "string", "errorDescription": "string" } } }, "providerParameters": { "auth": { "digidentity": { "requestedInfo": ["string (e.g., Profile)"] }, "dkMitID": { "action": "string (e.g., LogOn)", "cpr": "string (regex for CPR number)", "employeeLogin": "boolean", "language": "string (e.g., Da)", "level": "string (e.g., Low)", "referenceText": "string", "requestCPR": "boolean" }, "fiTupas": { "forceBank": "string (e.g., nordea)", "uiLocale": "string (e.g., nb-NO)" }, "freja": { "enforcePlusRegistrationLevel": "boolean", "useOrgIdService": "boolean", "userInputInfo": "string", "userOutputInfo": ["string (e.g., EmailAddress)"] }, "itsme": { "forceAdvancedSecurity": "boolean", "uiLocale": "string (e.g., Fr)", "userInfoClaims": ["string (e.g., Profile, Phone)"] }, "nlIDIN": { "description": "string (e.g., Identificatie)", "presetBank": "string (e.g., AbnAmro)", "requestAddress": "boolean", "requestAgeCheck": "boolean", "requestBirthdate": "boolean", "requestEmail": "boolean", "requestGender": "boolean", "requestName": "boolean", "requestTelephone": "boolean", "uiLanguage": "string (e.g., en)" }, "noBankID": { "allowSubstantialLevel": "boolean", "personalNumber": "string (regex for personal number)", "phoneNumber": "string (regex for phone number)", "requestNNIN": "boolean", "uiLocale": "string (e.g., nb)", "useCibaFlow": "string (e.g., callCenter)" }, "oneID": { "product": "string (e.g., id_check)", "scopes": ["string (e.g., openid)"], "verificationMethods": ["string (e.g., OpenBanking)"] }, "onfido": { "additionalReportInfo": "string (e.g., addressInfo)", "address": { "country": "string", "postcode": "string", "state": "string", "street": "string", "town": "string" }, "allowedDocumentCountries": ["string"], "allowedDocumentTypes": ["string (e.g., NationalIdentityCard)"], "countryOfResidence": "string", "dateOfBirth": "string (YYYY-MM-DD)", "email": "string", "firstName": "string", "forceCrossDevice": "boolean", "forceMobileDocumentCapture": "boolean", "lastName": "string", "referrerUrlPatternForSdk": "string", "report": "string (e.g., document)", "uiLocale": "string (e.g., en-US)" }, "seBankID": { "callInitiator": "string (e.g., User)", "maxRiskLevel": "string (e.g., Low)", "personalNumber": "string (regex for personal number)", "requireAutoStartToken": "boolean", "requireMRTD": "boolean", "requirePinCode": "boolean", "returnRisk": "boolean", "userNonVisibleData": "string", "userVisibleData": "string", "userVisibleDataFormat": "string (e.g., SimpleMarkdownV1)" }, "smartID": { "certificateLevel": "string (e.g., Advanced)", "displayText": "string (regex)", "userSemanticsIdentifier": { "country": "string", "identifier": "string", "identityDocumentType": "string (e.g., Passport)" } }, "smsOtp": { "maxNumberOfAttempts": "integer", "messageText": "string", "msisdn": "string", "originator": "string" } } }, "redirectUrl": "string (URL for redirection)", "status": "string (e.g., new)" } ``` -------------------------------- ### Onfido Endpoints Source: https://eid.scrive.com/documentation/api/v1/index Outlines the endpoints for integrating with Onfido for identity verification, including fetching check status, continuing the process, and retrieving images. ```APIDOC getFetch check from Onfido Description: Retrieves the status of an Onfido identity verification check. Parameters: - transactionId: The ID associated with the Onfido check. Returns: - checkStatus: The current status of the Onfido check. postContinue with Onfido process Description: Advances the Onfido verification process. Parameters: - transactionId: The ID of the Onfido process. Returns: - nextStep: Information on the next step in the Onfido flow. getFetch images from Onfido Description: Retrieves images associated with an Onfido verification check. Parameters: - transactionId: The ID of the Onfido check. Returns: - images: A list of image URLs or data. ``` -------------------------------- ### SMS OTP and URL Handling Updates Source: https://eid.scrive.com/documentation/api/v1/index This snippet summarizes changes related to SMS OTP message handling and URL parameter encoding for OIDC-based providers. ```APIDOC SMS OTP and URL Handling Updates: - Improved length-validation for SMS OTP message text. - Disabled support for NemID. - Properly URL-encode parameters in `authUrl` and `signUrl` for OIDC-based providers. - Prohibit URLs in SMS OTP message text. - Enable test mode for SMS OTP. ```