{"id":13719126,"url":"https://github.com/anyfin/bankid","last_synced_at":"2025-05-07T11:31:05.542Z","repository":{"id":14652874,"uuid":"76806776","full_name":"anyfin/bankid","owner":"anyfin","description":"npm module to simplify integration with the Swedish Bank ID service for user authentication and signing processes.","archived":false,"fork":false,"pushed_at":"2025-03-25T07:22:12.000Z","size":244,"stargazers_count":69,"open_issues_count":1,"forks_count":26,"subscribers_count":23,"default_branch":"master","last_synced_at":"2025-04-12T06:37:30.591Z","etag":null,"topics":["bankid","javascript","sweden"],"latest_commit_sha":null,"homepage":"https://www.npmjs.com/package/bankid","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/anyfin.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-12-18T21:08:05.000Z","updated_at":"2025-04-10T10:00:30.000Z","dependencies_parsed_at":"2024-02-27T10:49:42.352Z","dependency_job_id":"586aad10-c1d4-4806-b688-e748b2ef4abc","html_url":"https://github.com/anyfin/bankid","commit_stats":{"total_commits":77,"total_committers":19,"mean_commits":4.052631578947368,"dds":0.6623376623376623,"last_synced_commit":"c4a7c14006e6ab9f83e22bc0e4470f3eab45b7b1"},"previous_names":[],"tags_count":14,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/anyfin%2Fbankid","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/anyfin%2Fbankid/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/anyfin%2Fbankid/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/anyfin%2Fbankid/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/anyfin","download_url":"https://codeload.github.com/anyfin/bankid/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252868711,"owners_count":21816914,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bankid","javascript","sweden"],"created_at":"2024-08-03T01:00:42.906Z","updated_at":"2025-05-07T11:31:05.217Z","avatar_url":"https://github.com/anyfin.png","language":"TypeScript","funding_links":[],"categories":["Authentication"],"sub_categories":[],"readme":"# bankid\n\nA npm module to simplify integration with the Swedish [Bank ID](https://www.bankid.com/en/) service for user authentication and signing processes.\n\n## Installation\n\n```sh\n# If you prefer npm\nnpm install --save bankid\n# If you prefer yarn\nyarn install bankid\n```\n\n## Usage V6\n\n```javascript\nimport { BankIdClientV6 } from \"bankid\";\n\nconst client = new BankIdClientV6({\n  production: false,\n});\n\nconst { autoStartToken, orderRef } = await client.authenticate({\n  endUserIp: \"127.0.0.1\",\n});\n\n// Generate deep link from autoStarttoken and try to open BankID app\n// See ./examples\n\nclient\n  .awaitPendingCollect(orderRef)\n  .then(res =\u003e {\n    console.log(res.completionData)\n  })\n\n```\nActing on a session is done trough opening the app or trough scanning a QR Code, both examples are documented in detail [in the examples directory](./examples)\n\n## Usage V5\n\n```javascript\nimport { BankIdClient } from \"bankid\";\n\nconst client = new BankIdClient();\nconst pno = \"YYYYMMDDXXXX\";\n\nclient\n  .authenticateAndCollect({\n    personalNumber: pno,\n    endUserIp: \"127.0.0.1\",\n    userVisibleData: \"Authentication request for my service\",\n  })\n  .then(res =\u003e console.log(res.completionData))\n  .catch(console.error);\n```\n\nAs outlined in the [relying party guidelines](https://www.bankid.com/assets/bankid/rp/bankid-relying-party-guidelines-v3.5.pdf),\nthere are four main methods (arguments marked with `*` are required)\n\n- `authenticate({endUserIp*, personalNumber, requirement, userVisibleData, userVisibleDataFormat, userNonVisibleData})`\n- `sign({endUserIp*, personalNumber, requirement, userVisibleData*, userVisibleDataFormat, userNonVisibleData})`\n- `collect({orderRef*})`\n- `cancel({orderRef*})`\n\nNote that `userVisibleData` will be base64-encoded before sent to the BankID API.\n\nAdditionally, `bankid` provides convenience methods to combine auth / sign with periodic collection of the status until the process either failed or succeeded (as shown in the example code above):\n\n- `authenticateAndCollect(...)`\n- `signAndCollect(...)`\n\nFull example _not_ using the convenience methods:\n\n```javascript\nimport { BankIdClient } from \"bankid\";\n\nconst client = new BankIdClient();\nconst pno = \"YYYYMMDDXXXX\";\nconst message = \"some message displayed to the user to sign\";\n\nclient\n  .sign({\n    endUserIp: \"127.0.0.1\",\n    personalNumber: pno,\n    userVisibleData: message,\n  })\n  .then(res =\u003e {\n    const timer = setInterval(() =\u003e {\n      const done = () =\u003e clearInterval(timer);\n      client\n        .collect({ orderRef: res.orderRef })\n        .then(res =\u003e {\n          if (res.status === \"complete\") {\n            console.log(res.completionData);\n            done();\n          } else if (res.status === \"failed\") {\n            throw new Error(res.hintCode);\n          }\n        })\n        .catch(err =\u003e {\n          console.error(err);\n          done();\n        });\n    }, 1000);\n  })\n  .catch(console.error);\n```\n\n## Configuration\n\nBy default, `bankid` is instantiated with the following configuration pointing to the Bank ID Test Environment:\n\n```javascript\nsettings = {\n  refreshInterval: 1000, // how often to poll status changes for authenticateAndCollect and signAndCollect\n  production: false, // use test environment\n  pfx: \"PATH_TO_TEST_ENV_PFX\", // test environment\n  passphrase: \"TEST_ENV_PASSPHRASE\", // test environment\n  ca: \"CERTIFICATE\", // dynamically set depending on the \"production\" setting unless explicitely provided\n};\n```\n\nFor production, you'll want to pass in your own pfx and passphrase instead:\n\n```javascript\nimport { BankIdClient } from \"bankid\";\n\nconst client = new BankIdClient({\n  production: true,\n  pfx: \"PATH_TO_YOUR_PFX\", // alternatively also accepts buffer\n  passphrase: \"YOUR_PASSPHRASE\",\n});\n```\n\n### PFX path\n\nWhen providing a pfx path, it is expected to be based on the current working directory from where the script is run:\n\n```\n.\n├── certs\n│   └── bankid.pfx\n├── src\n│   └── main.js\n```\n\nFrom the current directory you would run the script with `node src/main.js` and provide the pfx path:\n\n```javascript\nimport { BankIdClient } from \"bankid\";\n\nconst client = new BankIdClient({\n  pfx: \"certs/bankid.pfx\",\n});\n```\n\n### Compatibility\n\nIn Node.js v17+, OpenSSL is upgraded from v1.1.1 to v3, introducing subtle breaking changes for this library that yield this error:\n\n```\nError: unsupported\n    at configSecureContext (node:internal/tls/secure-context:278:15)\n```\n\nThis is due to the legacy algorithms used to generate BankID certificates - and to handle this (until BankID updates their default certificate formats) there are two solutions.\n\n#### Manual certificate modernization (suggested)\n\nFirst, ensure `OpenSSL` v3.x needs to be installed on your machine.\n\nThen, you can run the following commands to get an updated certificate (`new.pfx`):\n\n```sh\nopenssl pkcs12 -in old.pfx -nodes -legacy -out combined.pem\nopenssl pkcs12 -in combined.pem -export -out new.pfx\n```\n\n#### Enable legacy OpenSSL support\n\nIf for any reason you do not want to modify the certificates, you can also enable the legacy OpenSSL provider when running Node.js:\n\n```sh\nnode --openssl-legacy-provider ...\n```\n\n## Deploy/Publish\n\nIn order to deploy new versions, bump the version in `package.json` and create a new GitHub release.\n\nGitHub Actions should automagically release it to npm. ✨\n\n## Ownership\n\nRepo ownership: [Jeff Trinidad - @jefftrinidad29](https://github.com/jefftrinidad29) \\\nLast audit: 2023-04-27 by [@jefftrinidad29](https://github.com/jefftrinidad29)\n\n# Audit Notes\n\n\u003e 27th April 2023 by @jefftrinidad29\n\n- Upgraded all non-critical dependencies\n- yarn audit fix\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fanyfin%2Fbankid","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fanyfin%2Fbankid","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fanyfin%2Fbankid/lists"}