| Warning |
|---|
The BankID OIDC provider previously supported iframe mode, but this has been deprecated. Read more here: https://tools.ietf.org/html/draft-ietf-oauth-v2-23#section-10.13 Iframe mode has been blocked in CURRENT from 03.12.20. Iframe mode will be blocked in PRODUCTION in December 2020January 2021, at earliest 1404.1201.20. |
The BankID OIDC Provider supports web-based OIDC Client applications using browser re-direction to govern user-experience.
This includes support for app-based OIDC Client applications using web-views. The OIDC Client is in either case in control on how and where each of the involved dialoges is integrated with the OIDC Client application. The two supported user-experience alternatives are as follows:
...
- Our testing tools allows you take a further look into these integration modes.
- The JS Connector may simplify the frontend integration with the OIDC Provider when using window mode. Note that iframe/inline should not be used.
Using BankID OIDC in native applications
Web-views should not be used when using BankID OIDC in a native application. Instead, the user should be redirected using an external user-agent.
- Android: Use Custom Tabs (https://developer.chrome.com/multidevice/android/customtabs) or fallback to open external browser on user's device
- iOS: Use SFSafariViewController, SFAuthenticationSession, ASWebAuthenticationSession (support vary based on iOS version)
| Note |
|---|
| A secure backend server is still needed to initiate the request, store the client credentials, receive callback from BankID OIDC, session management and token exchange. It is possible to initiate the request from the application/user-agent directly, but you probably want to build the request URL in your backend to store and generate variables like state and nonce. See getting started with OIDC for details. |
How to migrate from iframe
...