BankID Integration Service
Component Detail
Service Layer
medium complexity
backend
0
Dependencies
0
Dependents
2
Entities
0
Integrations
Description
Backend service inside the decoupled Authentication Module that brokers the BankID BankAxept exchange and translates the verified identity into a Meander session. Keeps fødselsnummer and other identity attributes out of product schemas.
bankid-integration-service
Sources & reasoning
Matrix row 'BankID / Vipps innlogging' is marked MUST HAVE with Phase column = 2, and §7 Phase 2 explicitly lists 'BankID / Vipps'. Phase 2 in the source phases block is named 'Core Product' (§5 Fase 2 - Kjerneprodukt), so target_release uses that verbatim name.
-
docs/source/likeperson.md · line 26-27Alle fire organisasjoner peker på BankID eller Vipps som foretrukket autentisering ved førstegangs innlogging
-
docs/source/likeperson.md · line 315BankID / Vipps
-
docs/source/Subprocessors.md · line 16BankID BankAxept AS | Autentisering via BankID som alternativ til Vipps. | Planlagt
Responsibilities
- Initiate and validate BankID authentication requests with the gateway
- Exchange the BankID assertion for a verified identity (name, fødselsnummer, phone)
- Map the verified identity to or provision a Meander user account
- Issue session tokens and signal biometric-unlock eligibility to the client
- Log audit events for each successful and failed BankID sign-in
Interfaces
initiateBankIdAuth(deviceContext): BankIdSessionRef
completeBankIdAuth(sessionRef, assertion): VerifiedIdentity
issueSession(identity): AuthToken
Related Data Entities (2)
Data entities managed by this component