Warning | ||
---|---|---|
| ||
The BankID OIDC provider previously supported iframe mode, but this has been deprecated. Read more here: https://tools.ietf.org/html/draft-ietf-oauth-v2-23#section-10.13 |
...
Using BankID OIDC in native applications
Warning | ||
---|---|---|
| ||
Web-views should not be used when integrating BankID in a native application. |
Instead, the user should be redirected using an external user-agent or equivalent:
...
Note |
---|
A secure backend server is still needed to initiate the request, store the client credentials, receive callback from BankID OIDC, session management and token exchange. It is possible to initiate the request from the application/user-agent directly, but you probably want to build the request URL in your backend to store and generate variables like state and nonce. See getting started with OIDC for details. |
How to migrate from iframe
...