Confirm Personnummer Sharing After Vipps Login

• Given Vipps Login succeeds and returns a personnummer, When the response is processed, Then the personnummer confirmation widget is shown before any data is stored
• Given the confirmation widget is shown, When I review the information, Then I can see exactly what data (personnummer) will be stored and which organization it will be linked to
• Given I confirm sharing, When I tap the confirm button, Then the personnummer is stored securely and I am navigated to the role-based home screen
• Given I decline sharing, When I tap decline, Then the personnummer is discarded, authentication still succeeds, and I am navigated to the home screen without the personnummer being stored
• Given the confirmation screen is shown, When I use a screen reader (VoiceOver), Then all text and interactive controls are properly labeled and announced

Explicit consent for personnummer sharing is both a GDPR legal requirement and an ethical obligation when handling Norwegian national identity numbers. Partner organizations currently lack personnummer data for many members, which prevents accurate Bufdir reporting and causes administrative overhead. Solving this through opt-in consent during Vipps Login is a clean, user-respecting solution that simultaneously resolves a compliance gap and improves data quality.

• Personnummer Confirmation Widget ui
• User Identity Repository data
• Secure Storage Adapter infrastructure
• Role-Based Home Screen ui

• Authenticate Using Vipps critical