Npm module to simplify integration with the Swedish Bank ID service for user authentication and signing processes.
npm install --save bankid
const BankId = require("bankid");
const client = new BankId.BankIdClient();
const pno = "YYYYMMDDXXXX";
client
.authenticateAndCollect({
personalNumber: pno,
endUserIp: "127.0.0.1"
})
.then(res => console.log(res.completionData))
.catch(console.error);
As outlined in the relying party guidelines there's four main methods (arguments marked with * are required)
authenticate({endUserIp*, personalNumber, requirement})sign({endUserIp*, personalNumber, requirement, userVisibleData*, userNonVisibleData})collect({orderRef*})cancel({orderRef*})In addition bankid provides convenience methods to combine auth / sign with periodic collection of the status until the process either failed or succeeded (as shown in the example code above)
authenticateAndCollect(...)signAndCollect(...)Full example not using the convenience methods:
const BankId = require("bankid");
const client = new BankId.BankIdClient();
const pno = "YYYYMMDDXXXX";
const message = "some message displayed to the user to sign";
client
.sign({
endUserIp: "127.0.0.1",
personalNumber: pno,
userVisibleData: message
})
.then(res => {
const timer = setInterval(() => {
const done = () => clearInterval(timer);
bankid
.collect(res.orderRef)
.then(res => {
if (res.status === "complete") {
console.log(res.completionData);
done();
} else if (res.status === "failed") {
throw new Error(res.hintCode);
}
})
.catch(err => {
console.error(err);
done();
});
}, 1000);
})
.catch(console.error);
By default bankid is instantiated with the following configuration pointing to the Bank ID Test Environment
settings = {
refreshInterval: 1000, // how often to poll status changes for authenticateAndCollect and signAndCollect
production: false, // use test environment
pfx: "PATH_TO_TEST_ENV_PFX", // test environment
passphrase: "TEST_ENV_PASSPHRASE", // test environment
ca: "CERTIFICATE" // dynamically set depending on the "production" setting unless explicitely provided
};
For production you'll want to pass in your own pfx and passphrase instead:
const BankId = require("bankid");
const client = new BankId.BankIdClient({
production: true,
pfx: "PATH_TO_YOUR_PFX", // alternatively also accepts buffer
passphrase: "YOUR_PASSPHRASE"
});
When providing a pfx path it is expected to be based on the current working directory from where the script is run.
Example:
.
├── certs
│ └── bankid.pfx
├── src
│ └── main.js
From the current directory you would run the script with node src/main.js and provide the pfx path like this
const BankId = require("bankid");
const client = new BankId.BankIdClient({
pfx: "certs/bankid.pfx"
});
FAQs
Npm module to simplify integration with the Swedish Bank ID service
The npm package bankid receives a total of 2,036 weekly downloads. As such, bankid popularity was classified as popular.
We found that bankid demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket is tracking a new trend where malicious actors are now exploiting the popularity of LLM research to spread malware through seemingly useful open source packages.
Security News
Research
Noxia, a new dark web bulletproof host, offers dirt cheap servers for Python, Node.js, Go, and Rust, enabling cybercriminals to distribute malware and execute supply chain attacks.
Company News
Socket safeguards companies from software supply chain attacks by detecting and preventing threats in open source code and empowering developers to secure their applications and critical services against malware and other security risks.