Criipto

Enable the different, and often proprietary, e-ID services of the EU as first-order connections in Auth0.

In a time of identity-based fraud and fake news, knowing the real identity of your users is often a strong wish if not a formal requirement. This means integrating the various so-called e-ID solutions provided by banks and/or governments most notably within the EU.

Integrating these into Auth0 becomes straight forward with Criipto. We have done all the work of bringing these, more or less proprietary, e-ID services into Auth0 as connections for you to enable for your applications.

Criipto supports a growing list of e-ID services including the Finnish Trust Network, Swedish BankID, Norwegian BankID, Norwegian Vipps Login, Danish NemID, and Dutch DigiD. Coming soon are Danish MitID, Belgian itsme, and German Verimi.

Below is an outline of the steps to get ready to accept Swedish BankID logins but the steps are similar for any type of e-ID.

Note that while the technical complexity is minimal, to use an e-ID in production you will have to go through a formal process to register with the appropriate authorities. More on this process can be found once you sign into the Criipto Verify service, and with the help of Criipto.

This guide shows how to set up Auth0 with a click of a button in Criipto Verify. You may also simply set up an OIDC connection in Auth0 to point to Criipto. We then recommend using the back-channel flow as the more secure option.

1. Create an account with Criipto Verify

Go to criipto.com and click the sign-up button at the top.

Once registered you will be asked to create your tenant using your Company Name and a unique identifier.

2. Create an Application to point to Auth0

In Criipto Verify go to the APPLICATIONS tab and create a new application by clicking the with Auth0 button.

Give it a meaningful name, select the domain, and select the SE BankID.

Click Save to open the next dialog

3. Name the connection (prefix) as it will appear in Auth0

If you do not run off the public Auth0 service, enter the DNS name of the login tenant. Otherwise just leave the Auth0 tenant field as is.

Next, enter a name to be used as the prefix for the connections created in Auth0.

Click Proceed.

4. Create new connections in Auth0

If you are not already logged in to Auth0 in this session, you will be prompted to do so in the popup window.

Once logged in you must grant Criipto Verify consent to create connections and read the applications.

If you have more than one Auth0 tenant, remember to select the right one in the dialog.

Click Accept button to allow Criipto Verify to set up the connections.

5. Verify the connections

Go to Connections > Enterprise> ADFS in the Auth0 dashboard to see the connections for Swedish BankID created from the previous steps.

One connection has been created for each kind of authentication supported by Swedish BankID: Native BankID application or mobile app. Both applications must be installed prior to BankID authentication.

Remember to enable at least one application before clicking the Try button. For more on test users see the documentation on Criipto Verify.

6. Create your test users

With the above setup you will be ready to start testing. But first you must create one or more test users here as described in the documentation.

7. Enable production use

To start accepting real BankID logins from real legal persons, you must first enter into a formal agreement with a Swedish Bank. Criipto will manage this process as described in the documentation.

Once this agreement is in place you will be ready to go live.