The Common Identity API helps authenticate private resources or sign documents digitally.
Base URL
https://prod-common-identity-api.azurewebsites.net/
Connect thru .NET SDK (optional)
If you have a .NET application for your business, you can leverage the SDK experience using the nuget command below. SDK will handle the Identity API Authentication part out of the box.
Install-Package LinkMobility.IdentityApi.Client -version 1.0.4 -Source https://www.myget.org/F/linknorway/api/v3/index.json
This feed is not public, hence you would need to configure your nuget.config
page as described here.
Identity API Authentication
In order to authenticate against Identity API you will need Basic Authentication.
The credentials you will need are the same as you have to provide for Next Portal.
Basic authentication is a very simple authentication scheme that is built into the HTTP protocol. The client sends HTTP requests with the Authorization header that contains the Basic
word followed by a space and a base64-encoded username:password
string. For example, a header containing the demo
/ p@55w0rd
credentials would be encoded as:
Authorization: Basic ZGVtbzpwQDU1dzByZA==
Supported workflows
1. Authentication
Workflow Diagram
API Endpoints
1. [POST] /api/authentications (PostAuthenticationAsync)
Creates a new authentication. (Step 2)
If succeeds, returns authenticationId
as a GUID in the location header. (Step 3)
Payload parameter name | Description |
---|---|
| Desired NEXT PartnerId |
| Authentication method to use:
|
| Identity (personal number / social security number) to verify against |
| Your url that user will be redirected back to. (Step 8) AuthenticationId value will be appended as a query string parameter with |
| An optional |
2. [GET] /bankid/{partnerId}/{authenticationId}/authenticate (GetBankIdAuthenticationUrlAsync)
End user should be opening this page upon a new authentication is created and authenticationId
is claimed. (Step 4)
Upon opening this page, end user will be redirected to the corresponding service provider’s authentication page. (Step 5)
Route parameter name | Description |
---|---|
| Location header value claimed after succesful [POST] /api/authentications request |
| Desired NEXT PartnerId |
3. [GET] /api/authentications/{partnerId}/{authenticationId} (GetAuthenticationAsync])
It could be called anytime once an authentication is created. The best case for you business to call this endpoint would be the place where you check whether the user authentication is complete or not. (Step 9)
Route parameter name | Description |
---|---|
| Location header value claimed after succesful [POST] /api/authentications request |
| Desired NEXT PartnerId |
Swagger Documentation
Below you will find a ready-to-use Swagger collection file for those 3 endpoints above.
2. Signing
todo:add api endpoints along with explanations
Callbacks are executed from Identity API servers towards your URLs provided in [POST] /api/authentications request payload.
If the server behind your callbackUrl
has a firewall protection, you should whitelist these outbound IPs below.
23.97.163.47, 23.97.163.156, 23.97.163.227, 23.97.163.3, 40.115.63.9, 40.115.63.88, 13.93.43.47, 40.115.63.31, 40.115.63.94, 20.238.219.90, 20.238.220.168, 20.238.221.115, 20.238.221.130, 20.238.222.82, 20.238.222.87, 13.69.68.26