Document toolboxDocument toolbox

Integrating the Web-client in single-page web applications

In a single-page web application, either all necessary code – HTML, JavaScript and CSS – is retrieved with a single page load, or the appropriate resources are dynamically loaded and added to the page as necessary, usually in response to user actions. (http://en.wikipedia.org/wiki/Single-page_application)

When integrating the BankID Web-client in such applications, the merchant should take the following considerations into account:

Only inject the BankID Helper script once

In order to start a BankID transaction, the Merchant first needs to configure and initialize BankID Server instance. For more information on how to do this, please refer to [BIDG].

The BankID Web-client Helper is a JavaScript that allows the merchant to choose in which html element to embed the client, and the size of this element (and thereby the Web-client's size). The link to the helper object is the helperURI received from initSession().

The helperURI returned from initSession() should be injected into a <script> tag in the merchant document, thus making the Helper JavaScript available to the merchant application.

In a single-page application, it is important to inject this script in the initial BankID transaction only. For subsequest BankID transactions, the script can be re-used to trigger new instances of the BankID Web-client. Note that initSession() must be invoked for every transaction, see 6.2.

Each BankID transaction must be unique

The merchant needs to call initSession() to initiate each BankID transaction, in order to retrieve a new, unique clientID. This ID is supplied as the CID parameter in the bankidhelper.init() function. For more information, please refer to [BIDG]. 

Terminate Web-client using callback rather than nextURL

When integrating the Web-client with a single-page application, the client should be terminated using the callback function. This provides the merchant application with sufficient information to determine what the next step should be, without reloading the merchant document. The merchant application probably wishes to poll its own system to determine if the BankID process was successful and complete, and then proceed with the business logic of the application.