This page is a supplement for those especially interested in the functionality of xID
This document explains in detail how xID appears to the user. As a merchant, you dont have to consider this when implementing xID. Instead it is meant as a supplement to your understanding of the xID experience.
The content on this page:
1. The xID user experience
xID consists of several dialogue boxes to guide the user through the following processes:
- Create xID (only first time)
- Activate xID on new devices
- Confirm xID user on device when detected by the safety net
- Accept the use of xID with merchant
- Change user
To see the different dialogues presented to the user, please go to: https://udd.bankid.no/udd-xid/
Here you will find each of the dialogue boxes with all its elements. You can change the language or size, and see the description of the operations the dialogues perform.
2. Flowchart for xID
The dialogues and flow presented to the user depends on the loginhints you choose and the state of the user. In the following diagram you see the different flows presented to the user to guide him through the process. Additional Information (TINFO) is also presented in the flowchart.
Only in Norwegian.
3. Cookie Activation Service
The BankID OpenID Connect platform requires access to Cookies in the browser. In most scenarios this is not a problem, and the service will work as intended without any extra attention to this. But on some rare occasions some user action is required for the cookies to be available. The «Cookie Activation Service» (CAS) will detect these situations and resolve them in the best possible way.
The cookie activation dialogue may be presented to the user in one of the following cases:
- The user has enabled cookie blocking in the browser. The user will then meet a dialogue from xID that will guide him to allow the usage of cookies in his browser settings.
- The browser is Safari and OIDC is embedded in an iframe and this is the first time the user tries to use xID from this specific browser. This particular use case will trigger Safari to prevent cookies. The cookie activation service will handle this by presenting an initial dialogue from xID to the user, asking if he wants to accept that xID can save cookies in his browser. When the user accepts, the cookies will be created for xID.
Important: In most cases the service will work fine in Safari, even if embedded in an iframe. This might only be an issue the first time a user visits the service. Cookies are blocked by Intelligent Tracking Prevention in Safari. Some users are affected by this. The situation is handled by presenting an extra dialogue to enable access to the cookies.
Note: The cookie activation dialogue will never show up if the login request from the merchant is of type «unsolicited». In that case, if CAS detects an issue with cookies, an error code will be returned instead.
Please see the flow chart below for the cookie activation service.
Only in Norwegian.