The component is initialised with the action RegisterServer; this action registers the configuration settings (see the site properties in the demo project)
This component has the following functionalities:
Webblock: BankList
Displays iDIN bank dropdown list and notifies the selected Bank. The dropdown list is built with the iDIN-directory-service API.
Action: GetLoginURL
On the page that you use to Identify or login, select the Bank to be used to Identify yourself, by using the BankList webblock; afer selecting the TransactionType (Login / Identification or Age Check) and the Bank get the URL to continue to Identification page by calling te GetLoginURL action and goto the URL generated by this action.
.
The GetLoginURL also will generate a state that is used for for continuing our application after succesfull identification.
In a production environment the Signicat iDIN service must be configured to redirect to the Signicat_IS module; so the default entry will goto the Continue page with. Signicat will provide the state and code parameter.
The preperation of the Continue page gets the transaction by the state parameter; and will redirects back to the application the Identification flow is started, by using the RedirectModule and RedirectEntry givin by the GetLoginURL; this URL will be called with the state parameter.
In the application the UserInfo can be retrieved by using the state.
UserInfo dataset
When using the TransactionType Identification a full set of user data will be retrieved including a BIN (BankIdentificationNumber); this set must be used to identify your User during onboarding, so this User can be linked to the retrieved BIN. After succesfull match with your User, the User can Login with its BIN by using the TransactionType Login.
This component only contains the communication with the API, to use this in your own application you still need to build actions for Matching iDIN user data with your own userdata, and a functionality to Login with a BIN.
In the Signicat demo environment (eu01.preprod.signicat.com) it is not possible to choose a Bank from the webblock banklist (and use LoginHint) and only the redirect_URL https://labs.signicat.com/redirect can be used.
DEMO flow example
Because of limitation of the demo environment some extra steps must be performed, to demo a full flow - take the next steps:
Select Transaction type and bank in the startscreen of the demo and proceed.
In a production environement the authentication screen for the selected bank will appear and the user can authenticate and confirms that userdata is shared with you.
In the demo environment you have a extra demo bankscreen selection appears (because the EnableLoginHint is set to False) select a bank and continue
Signicat demo service simulates a bank login and redirects to the Example redirect labs.signicat.com/redirect
in a production or non-demo environment the site property redirect_URL should be set to <your-environment>/Signicat_IS/Continue.aspx, in this demo flow we will continue by changing the url....
The Continue page of the Signicat_IS module gets the url to continue to your application (by the state parameter) and redirects to it. In your application you can use the action GetUserInfoByState to get the iDIN dataset for this transaction, like it is done in the SignicatService_Demo/Continue page.
GetUserInfoByState returns the UserInfo including the Consumer BIN (BankIdentificationNumber):
And that's all... Happy LowCoding!
More info and Licencing
For a full low level example of the Signcicat iDIN API:
https://developer.signicat.com/documentation/authentication/protocols/openid-connect/full-flow-example/
Login with iDIN on YouTube: https://youtu.be/eQMQ1Ws4Eko
Licencing https://www.rabobank.nl/bedrijven/betalen/rabo-ebusiness/