diff --git a/gatsby-node.ts b/gatsby-node.ts index 1041da9d..662b4412 100644 --- a/gatsby-node.ts +++ b/gatsby-node.ts @@ -139,7 +139,13 @@ export const createPages: GatsbyNode['createPages'] = ({ actions }) => { }); createRedirect({ fromPath: '/eid-specifics/order-no-vipps', - toPath: '/verify/e-ids/norwegian-vipps/#ordering-norwegian-vipps-login', + toPath: '/verify/e-ids/vipps-mobilepay/#ordering-vipps-mobilepay', + isPermanent: true, + force: true, + }); + createRedirect({ + fromPath: '/verify/e-ids/norwegian-vipps', + toPath: '/verify/e-ids/vipps-mobilepay', isPermanent: true, force: true, }); diff --git a/src/pages/verify/e-ids/images/no-vipps.png b/src/pages/verify/e-ids/images/no-vipps.png deleted file mode 100644 index 2048610f..00000000 Binary files a/src/pages/verify/e-ids/images/no-vipps.png and /dev/null differ diff --git a/src/pages/verify/e-ids/images/vipps-mobilepay.png b/src/pages/verify/e-ids/images/vipps-mobilepay.png new file mode 100644 index 00000000..4953d230 Binary files /dev/null and b/src/pages/verify/e-ids/images/vipps-mobilepay.png differ diff --git a/src/pages/verify/e-ids/norwegian-vipps.mdx b/src/pages/verify/e-ids/norwegian-vipps.mdx deleted file mode 100644 index 4c41c3b9..00000000 --- a/src/pages/verify/e-ids/norwegian-vipps.mdx +++ /dev/null @@ -1,79 +0,0 @@ ---- -product: verify -category: eIDs -sort: 2 -title: Norwegian Vipps -subtitle: Learn more about Norwegian Vipps token contents, how to create test users and how to gain access to production. ---- - -import NorwegianVippsJwtSnippet from '../../../snippets/jwt-payloads/norwegian-vipps'; - -## JWT/Token example - - - -## Test users - -In order to test Vipps Login you need to install the Vipps app in a special test version on your device. Follow the Vipps [guide with instructions](https://developer.vippsmobilepay.com/docs/test-environment/#test-apps) on how to set up test apps. - -In order to test you also need a test phone number. Write to [orders@idura.eu](mailto:orders@idura.eu) and put something like "Vipps Login test number" in the subject line. - -## Available data / scopes - -Username is always made available. - -For applications configured to use a `static` `scope` strategy, address, email, phone and birthdate are always made available. -You can also configure your tenant so it requests SSN as well. - -For applications configured to use a `dynamic` `scope` strategy, the following `scope` tokens can be supplied: `address`, `email`, `phone`, `birthdate` and `ssn` (`scope=openid phone email...`). - -### Example (partial) authorize request with scopes - -```text -https://YOUR_SUBDOMAIN.idura.broker/oauth2/authorize?scope=openid phone ssn&... -``` - -Alternatively, you can send them in the `login_hint` - -```text -https://YOUR_SUBDOMAIN.idura.broker/oauth2/authorize?...&login_hint=scope:phone scope:ssn&... -``` - -which can be a useful if you are working with technology that does not let you control the `scope` value. - -## Ordering Norwegian Vipps Login - -To start accepting real users to log in with the Norwegian Vipps app, you must first request a set of secret keys - so-called _client credentials_ from Vipps AS. - - - -**Prerequisites for ordering** - -In order to apply for the Vipps Login client credentials for a company you must meet the basic requirements: - -- Your company must be registered in the central Norwegian business registry, _Brønnøysundregistrene_ -- The person that will sign the contract must be in possession of a Norwegian BankID -- You must have completed step 4 in the [Getting ready for production](/verify/guides/production) guide. You will need the production domain when registering with Vipps. - - - -### Ordering the client credentials - -Before you can order the credentials from Vipps, you will need to have created a production domain in Idura Verify as described in the [Getting ready for production guide](/verify/guides/production). - -Once you have set up the production domain, go to the [Identity sources](https://dashboard.idura.app/providers/NO_VIPPS) section and take note of the URL displayed. It must be supplied when ordering the client credentials. - -![NO Vipps setup](./images/no-vipps.png) - -To order the actual credentials please go to the Vipps order page located at [https://vippsmobilepay.com/en-NO/online/login](https://vippsmobilepay.com/en-NO/online/login) and follow the onboarding guide. - -Note that the bears some resemblance to the form used to order Vipps for payment so please consider the notes below when filling out the form: - -- The field labelled _"Navn på salgssted slik det vil vises for kunden i Vipps-appen"_ is to be filled out with the name that should appear in the Vipps app when a user logs in. -- In the section labelled _"Organisasjonens kontaktinformasjon"_, please enter the name and details of the person that will receive the secret keys. This person will also be granted access to the [Vipps administration portal](https://portal.vipps.no/login). - -### Next steps - -After you request client credentials by filling out the online agreement, your application is processed by Vipps. If you are approved, the designated contact person will receive the credentials. - -Once you have received the client credentials, they must be entered into the Idura Verify management UI, as indicated in the above image, to configure your NO Vipps Login integration. diff --git a/src/pages/verify/e-ids/vipps-mobilepay.mdx b/src/pages/verify/e-ids/vipps-mobilepay.mdx new file mode 100644 index 00000000..9ea0df0c --- /dev/null +++ b/src/pages/verify/e-ids/vipps-mobilepay.mdx @@ -0,0 +1,77 @@ +--- +product: verify +category: eIDs +sort: 2 +title: Vipps MobilePay +subtitle: Learn more about Vipps MobilePay token contents, how to create test users and how to gain access to production. +--- + +import VippsMobilepayJwtSnippet from '../../../snippets/jwt-payloads/vipps-mobilepay'; + +## JWT/Token example + + + +## Test users + +To test Vipps MobilePay, you need to install the Vipps app in a test version on your device. Follow the Vipps [guide with instructions](https://developer.vippsmobilepay.com/docs/test-environment/#test-apps) on how to set up test apps. + + + Creating a test user with Vipps MobilePay requires a test phone number and NIN/SSN. To request + both, please send an email to [orders@idura.eu](mailto:orders@idura.eu) and include "Vipps + MobilePay test credentials" in the subject line. + + +## Available data / scopes + +Username is always made available. + +For applications configured to use a `static` `scope` strategy, address, email, phone and birthdate are always made available. +You can also configure your tenant so it requests SSN as well. + +For applications configured to use a `dynamic` `scope` strategy, the following `scope` tokens can be supplied: `address`, `email`, `phone`, `birthdate` and `ssn` (`scope=openid phone email...`). + +### Example (partial) authorize request with scopes + +```text +https://YOUR_SUBDOMAIN.idura.broker/oauth2/authorize?scope=openid phone ssn&... +``` + +Alternatively, you can send them in the `login_hint` + +```text +https://YOUR_SUBDOMAIN.idura.broker/oauth2/authorize?...&login_hint=scope:phone scope:ssn&... +``` + +which can be a useful if you are working with technology that does not let you control the `scope` value. + +## Ordering Vipps MobilePay + +To start accepting real user logins, you must **register with Vipps MobilePay as a merchant** and receive a set of secret keys (_client credentials_). + +### Prerequisites for merchant registration + +You must meet the following requirements to be registered as a merchant. + +- Your company must be registered in your national business registry (Brønnøysundregistrene in Norway, Virk in Denmark, PRH in Finland). +- You must have a bank account in the country of registration associated with your company's organization number. +- The person signing the merchant agreement must possess a valid local eID (BankID in Norway/Sweden, MitID in Denmark, FTN in Finland). +- Before you can order the client credentials from Vipps, you will need to have created a production domain in Idura Verify as described in the [Getting ready for production guide](/verify/guides/production). + Once you have set up the production domain, go to the [Identity sources](https://dashboard.idura.app/providers/NO_VIPPS) section and take note of the URL displayed. It must be supplied during merchant registration. + +![Vipps MobilePay setup](./images/vipps-mobilepay.png) + +### Signing a merchant agreement + +You can register as a merchant by signing an agreement at [https://vippsmobilepay.com/en-NO/online/login](https://vippsmobilepay.com/en-NO/online/login). + +Please consider the notes below when filling out the registration form: + +- The field labelled _"Navn på salgssted slik det vil vises for kunden i Vipps-appen"_ is to be filled out with the name that should appear in the Vipps app when a user logs in. +- In the section labelled _"Organisasjonens kontaktinformasjon"_, please enter the name and details of the person who will receive the secret keys. This person will also be granted access to the [Vipps administration portal](https://portal.vipps.no/login). + +### Next steps + +After you request client credentials by filling out the online agreement, your application is processed by Vipps. If you are approved, the designated contact person will receive the credentials. + +Once you have received the client credentials, enter them into the Idura Verify management UI to configure your Vipps MobilePay integration. diff --git a/src/pages/verify/guides/production.mdx b/src/pages/verify/guides/production.mdx index e691a54e..43cc3682 100644 --- a/src/pages/verify/guides/production.mdx +++ b/src/pages/verify/guides/production.mdx @@ -24,7 +24,7 @@ Each eID provider has specific requirements. Use the links below to review the n - [Swedish BankID](/verify/e-ids/swedish-bankid/#ordering-swedish-bankid) - [Norwegian BankID](/verify/e-ids/norwegian-bankid/#ordering-norwegian-bankid) -- [Norwegian Vipps](/verify/e-ids/norwegian-vipps/#ordering-norwegian-vipps-login) +- [Vipps MobilePay](/verify/e-ids/vipps-mobilepay/#ordering-vipps-mobilepay) - [Danish MitID](/verify/e-ids/danish-mitid/#order-mitid-for-production) - [Finnish Trust Network](/verify/e-ids/finnish-trust-network/#ordering-a-production-agreement) diff --git a/src/pages/verify/reference/token-contents.mdx b/src/pages/verify/reference/token-contents.mdx index 9730f5de..e513a843 100644 --- a/src/pages/verify/reference/token-contents.mdx +++ b/src/pages/verify/reference/token-contents.mdx @@ -9,14 +9,14 @@ subtitle: Examples of JWT payloads for selected eIDs. import SwedishBankIdJwtSnippet from '../../../snippets/jwt-payloads/swedish-bankid'; import NorwegianBankIdJwtSnippet from '../../../snippets/jwt-payloads/norwegian-bankid'; import NorwegianBankIdBiometricJwtSnippet from '../../../snippets/jwt-payloads/norwegian-bankid-biometric'; -import NorwegianVippsJwtSnippet from '../../../snippets/jwt-payloads/norwegian-vipps'; +import VippsMobilepayJwtSnippet from '../../../snippets/jwt-payloads/vipps-mobilepay'; import DanishMitIDJwtSnippet from '../../../snippets/jwt-payloads/danish-mitid'; import DanishMitIDAddressJwtSnippet from '../../../snippets/jwt-payloads/danish-mitid-address'; import DanishMitIDCompanySignatoryJwtSnippet from '../../../snippets/jwt-payloads/danish-mitid-erhverv-company-signatory'; import DanishMitIDErhvervJwtSnippet from '../../../snippets/jwt-payloads/danish-mitid-erhverv'; import FtnJwtSnippet from '../../../snippets/jwt-payloads/finnish-trust-network'; -Below you will find the structure and example content of the ID tokens – [JSON Web Tokens](/verify/reference/glossary/#json-web-token-jwt) returned when signing in with each of the supported eID types. +Below you will find the structure and example content of ID tokens – [JSON Web Tokens](/verify/reference/glossary/#json-web-token-jwt) returned when signing in with each of the supported eID types. The examples show only the user-specific fields. The actual issued JWTs also include additional technical OIDC-conformant fields used for validation and session management. @@ -42,9 +42,9 @@ The `socialno` field is the social security number. The `uniqueUserId` identifie The `socialno` field is the social security number. -### Vipps +### Vipps MobilePay - + The `socialno` field is the social security number. diff --git a/src/snippets/jwt-payloads/norwegian-vipps.mdx b/src/snippets/jwt-payloads/vipps-mobilepay.mdx similarity index 100% rename from src/snippets/jwt-payloads/norwegian-vipps.mdx rename to src/snippets/jwt-payloads/vipps-mobilepay.mdx diff --git a/src/utils/auth-methods.ts b/src/utils/auth-methods.ts index 9975747e..23e46832 100644 --- a/src/utils/auth-methods.ts +++ b/src/utils/auth-methods.ts @@ -104,15 +104,15 @@ export const PROVIDERS: Provider[] = [ page: '/verify/e-ids/norwegian-bankid', }, { - title: 'Norwegian Vipps', + title: 'Vipps MobilePay', authMethods: [ { - title: 'Norwegian Vipps', + title: 'Vipps MobilePay', acrValue: 'urn:grn:authn:no:vipps', scopes: noVippsScopes, }, ], - page: '/verify/e-ids/norwegian-vipps', + page: '/verify/e-ids/vipps-mobilepay', }, { title: 'Netherlands',