The OIDC Provider from BankID supports codification of amr values as part of the login_hint request parameter to the Authorize endpoint. Hence, pre-selection of the xID IPD can be governed by suppling proper values as shown in the following table. The OIDC Client may alternatively use the xID Connector to select the xID IDP and govern its behaviour.
login_hint | Description |
|---|---|
| XIDxID is pre-selected, with | Default. Corresponds to XID:onclick |
| XID:onclick | The merchant presents a XID-button to the end-user. Initiating XID in this way is the result of an intent from the end-user and results in step-up to BankID whenever required. XID always returns sucess, unless the end–user aborts any BankID-stepup in progress. |
| XID:nostepupnoclick | The merchant automatically initiate XID on page visit/load without any prior click on an XID-button from the end-user. Since initiating XID in this way is not an intent from the end-user, xID is pre-selected, but without anystep-up to BankID . In this case an authentication failure is returned to the OIDC Client if xID cannot rekognize the browser/device in questionnever happens. XID returns sucess only if the end-user device is recognized by XID. |
| XID:noclick:directconsentnoaccept | FOR FUTURE IMPLEMENTATION.xID is pre-selected and any accept dialog for the OIDC Client in question is ommited if the Client is also requesting scopes that demand concent handling |