search

swedenconnect / technical-framework

Technical Specifications for the Swedish eID Framework
27 stars 3 forks source link

Custom message during authentication #195

Closed martin-lindstrom closed 3 months ago

martin-lindstrom commented 1 year ago

The BankID Relying Party API allows for the client (relying party) to specify a text message to be displayed to the user during authentication. Typically, this are messages informing the user not to login when asked by someone else, but it could really be any message improving the user experience. We should consider introducing an extension, similar to the SignMessage extension but without the encryption possibility, to be used during authentication. This would be optional to support by both SP:s and IdP:s, but it would open up for a better user experience in some cases.

magnushoflin commented 1 year ago

Agree, it's a good feature and it would be nice to have it supported it in the technical framework. The only drawback I see is that you, as an RP, might not know which IdPs that support it, making it somewhat tricky to use. But still it's a lot better to have the option there than not. Also, it's very related to signMessage and therefore natural to include.

martin-lindstrom commented 1 year ago

Agree, it's a good feature and it would be nice to have it supported it in the technical framework. The only drawback I see is that you, as an RP, might not know which IdPs that support it, making it somewhat tricky to use.

Yes, but we can solve this by having an entity-category in metadata where an IdP can announce its support of the feature.