BankID Authentication Screen
Component Detail
Description
Handles the BankID authentication flow, rendering an embedded WebView or triggering a redirect to the BankID broker. Displays progress and error states and passes the resulting identity token to the auth service on completion.
bankid-auth-screen
Summaries
The BankID Authentication Screen provides legally compliant, bank-grade identity verification — the standard required for accessing regulated services in Norway and Sweden. BankID verification delivers a verified national identity (personnummer) tied to a government-issued credential, enabling the product to serve use cases requiring strong Know Your Customer compliance without building proprietary identity infrastructure. This capability reduces legal and regulatory risk, opens the product to markets and verticals that mandate verified identity, and instills user trust through a recognized and widely used authentication standard. The investment avoids the significant cost and liability of building an equivalent verification pipeline from scratch.
This is the highest-complexity authentication component in the mobile layer, reflecting the intricacy of the BankID broker protocol and the dual-mode rendering requirement — embedded WebView versus external redirect depending on device state and BankID provider configuration. Dependencies include the BankID Auth Service and the Deep Link Handler; the former requires backend credentials and broker configuration prior to mobile integration work beginning, making it a scheduling dependency that must be resolved early. Testing must cover both WebView-embedded and redirect flows, plus broker error codes, session expiry, and certificate pinning if applicable. Coordinate with the QA team to obtain BankID test credentials.
Allocate four to five days for implementation and two days for cross-platform device testing, with contingency for broker environment availability.
This Flutter screen manages the BankID authentication lifecycle across two rendering modes: an embedded `WebView` widget that loads the BankID broker URL inline, and an external redirect path where the OS launches the BankID app or browser. `initBankIdLogin()` determines the appropriate mode based on device capability or configuration flag, then loads the broker URL. The WebView's navigation delegate or the `deep-link-handler` intercepts the callback carrying the BankID assertion token, which is passed to `onBankIdCallback(String token)` for forwarding to `bankid-auth-service`. State transitions — progress spinner, status messages, error with retry — are driven by `showLoadingState()`, `showErrorState()`, and `showSuccessState()`.
Implement careful error mapping from BankID broker error codes to user-readable messages. The component writes to the `user` data model on successful identity assertion. Ensure WebView SSL error handling is strict; do not override certificate errors in production builds.
Responsibilities
- Launch BankID provider flow via WebView or external redirect
- Monitor BankID broker callback for success or error
- Display progress spinner and status messages during verification
- Pass BankID assertion token to service layer on success
Interfaces
build(BuildContext)
initBankIdLogin()
onBankIdCallback(String token)
showLoadingState()
showErrorState(String message)
showSuccessState()
Relationships
Dependencies (2)
Components this component depends on
Used Integrations (1)
External integrations and APIs this component relies on