...
The BankID OpenID Connect platform requires access to Cookies in the browser. In most scenarios this is not a problem, and the service will work as intended without any extra attention to this. But on some rare occasions some user action is required for the cookies to be available. The «Cookie Activation Service» (CAS) will detect these situations and resolve them in the best possible way.
...
- The user has enabled cookie blocking in the browser. The user will then meet a dialogue from xID that will guide him to allow the usage of cookies in his browser settings.
- The browser is Safari and OIDC is embedded in an iframe and this is the first time the user tries to use xID from this specific browser. This particular use case will trigger Safari to prevent cookies. The cookie activation service will handle this by presenting an initial dialogue from xID to the user, asking if he wants to accept that xID can save cookies in his browser. When the user accepts, the cookies will be created for xID.
Important: In most cases the service will work fine in Safari, even if embedded in an iframe. This might only be an issue the first time a user visits the service. Cookies are blocked by Intelligent Tracking Prevention in Safari. Some users are affected by this. The situation is handled by presenting an extra dialogue to enable access to the cookies.
Note: The cookie activation dialogue will never show up if the login request from the merchant is of type «unsolicited». In that case, if CAS detects an issue with cookies, an error code will be returned instead.
Please see the flow chart below for the cookie activation service.
Only in Norwegian.
a. For iframe mode
| View file | ||||
|---|---|---|---|---|
|
b. For redirect and window mode
| View file | ||||
|---|---|---|---|---|
|