Bank ID login with GrandID API - Sweden

Question

We are implementing a new web application using Angular and Java for a Sweden client. There users have to login to the application using their Bank ID. For reference, client gave us the following GrandID API Doc.

https://docs.grandid.com/bankid#bankid-examples-bankid-for-apps

Also they gave us an ApiKey and a BankID Nogui - Testcert.

But I have no Idea about the process we have to follow. There are very less documents in the internet also regarding this subject. Any Idea is highly appreciated.

Please find my proposed flow diagram below (not complete)

Answer 1

The docs has introduced how to get info by CURL method. This should be easy for those familiar with JAVA.

Answer 2

While this is old I might share some light.

1: When using BankID, ans GrandId specifically for authentication you first start the login process with a call to FederatedLogin.

You can do this either with a personal identification number or without. It will affect how the user can do the login in the BankId Application which is something the user will have installed on a computer or phone.

2: After that you can redirect the user to an URL that triggers the start of the bankid program in case the user has bankid installed on the same device.

If its on another device you just continue to the next step.

3: Using the sessionid you got from the first call you call grandid once every minute or 30 seconds until you either get an authenticated response which will contain the users name and personal identification number along with a digital certificate.

Or you get a cancel indicating the user aborted the login

Or you get a timeout indicating the user never completed or canceled the login.

And that should be it.