Component: BankID

 Show all Hide all

Enables user interaction via Mobile BankID.

Component mode: Sign

Allows users to sign documents using Mobile BankID.

Supported modes: Sign | Identify

Configuration

BankID requires a client certificate to be installed on the server. The serial number of that certificate must be entered in the system setting BankIdClientCertificateSerialNumber.
The server must also trust an SSL issuer certificate.
See extended documentation for detailed installation instructions, how to get the certificates, and pricing information.

Testing

The component will use BankID's test server when DeployLevel is set to "Development system".

SQL

SQL Call: Init (mandatory)

Supports custom errors: No
May modify database: Yes

Parameters:

@Action mandatory string
Set to 'Init' for this call.
@UserId mandatory int
The id of the current user.

Resultset: Information

Repeat mode: repeated exactly once
Row count: exactly one row

Columns:

PersonalNumber mandatory string
Must contain exactly 12 digits and no other characters.

SoftadminApi.User has support for storing personal numbers via the procedure SoftadminApi.User_UpdatePersonalNumber. The PersonalNumber column of SoftadminApi.User can then be used to retrieve the personal number.
TextToSign mandatory string
Text to sign, shown in the user's BankID app.
HiddenDataToSign optional binary
Additional data that will be signed but which is not shown to the user.

It might be tempting to include the entire document to sign (e.g. a PDF file) here, but it will require additional disk space. The data will be included in the signature (stored in SoftadminApi.ADMINBankIdSignature), which means that disk usage will increase proportionally to the size of the data.
Message optional string
A message shown in the browser.

Resultset: Data to hash (optional)

Calculates hashes for the specified files and appends the information to TextToSign.

Use this if file hashes should be shown to the user.
Repeat mode: repeated zero or one time
Row count: zero or more rows

Columns:

Filename mandatory string
The name of the file
DataToHash mandatory binary
File data

SQL Call: Sign (mandatory)

The result of the signing.
Supports custom errors: No
May modify database: Yes

Parameters:

@Action mandatory string
Set to 'Sign' for this call.
@BankIdSignatureId mandatory int
Id of the stored signature (found in SoftadminApi.BankIdSignature) if the user successfully signed the data.
Not set when @IsError = 1.
@ErrorMessage mandatory string
Error message.
Set when @IsError = 1.
@IsError mandatory bit
Set to 1 if an error occurred. Not set otherwise.
@UserId mandatory int
The id of the current user.

Resultset: Forwarding

Repeat mode:
Row count:

Columns:

admin_cidstepsback optional int
Number of steps in the page history to jump back after execution (the default being one step back).
admin_forward optional string
Displays a user friendly message and then forwards to the next menu item.
admin_forwardmenugroupid optional int
Id of the menu group to show after execution (instead of former menu item).
admin_forwardmenuitemid optional int
Id of the menu item to execute after execution (instead of former menu item).

SQL Call: Validate parameters

Allows you to validate the parameters supplied by the user before any other SQL is run in the component. This call is only made if the component has visible parameters, the SQL is a stored procedure, and 'Validate parameters' is checked.
Supports custom errors: No
May modify database: No

Parameters:

@force optional bit
@validateparams mandatory bit
This parameter is set to 1 by Softadmin® when this call is made.

Custom access control and logging

SQL Call: Custom access control and logging

Use this call to restrict which entries a user is allowed to view and edit, and to log which entries a user views.

Access to a menu item is normally controlled through functions and roles alone but some entities need more fine grained control. For example, a user may have access to the View Member menu item for normal members but not for members with a protected identity.

The menu items a user visits are always logged (in ADMINLogMenuItem) but for sensitive data you may need to log exactly what entries are viewed. Do the logging in this call as the common ways of viewing data (grid and InfoSQL) are not allowed to modify the database.

If you bind a scalar function instead of a stored procedure to this call then its name must end with '_GrantAccess'.
Supports custom errors: No
May modify database: Yes

Resultset: Access permissions

Return whether the user is allowed to visit the menu item with the current parameters.
Repeat mode: repeated exactly once
Row count: exactly one row

Columns:

GrantAccess mandatory bit
1 if the user is allowed to view the menu item, 0 if the user should not be allowed to view the menu item.

If 0 then an error will be logged as the user should not have been able to reach the menu item with the given parameters in the first place.

URL

Querystring parameters

menuitemheading optional text
String that replaces the menu item name when the menu item is loaded. It does not replace the name before that (like for example in the navigator). It is ignored if the menu item is displayed as a part in a multipart in which case the name can be set from the multipart procedure.