BankID Support

Version: 1.0 modified on 28.11.2022

The goal of this document is to help Service Providers with getting support from BankID. In order to solve problems with BankID services as quickly and smoothly as possible, we need the right information to identify the problem. The speed of processing and the quality of help is directly dependent on the data provided by the ticket submitter. You can find support in the Helpdesk tab after logging into BankID Developer Portal.

To enter the ticket correctly, you need to fill out the form with the following items:

  • Associated app - if you have more than one application, you need to specify which application is affected by the problem
  • Associated Organization - it may help us track down the problem faster if we know
  • Ticket title - e.g. "user cannot authenticate" or "endpoint /profile does not respond to IdP XYZ"
  • Ticket description - here you need to describe the problem in detail, it is important to supply identifiers that come from responses from BankID, not from your internal systems. We recommend identifiers such as traceId, txn, sub.
  • TraceID - BankID inserts a traceId into each http header, we recommend logging this parameter, it will help us to identify a specific API call as quickly as possible. If you have a traceId longer than 128 bits (16 characters), it does not come from BankID and it's useless to us.
  • Request - if you have an incorrect request, state it here
  • Response - if you have an incorrect response, state it here
  • The date the problem occured
  • Exact time
  • Attachments - for example, if you have any additional files, e.g. uploaded *.har file, additional logs, etc.. you can put them in the ticket, just please use 7zip or zip

Example of response http header when calling /auth endpoint with traceId included:

HTTP/1.1 200
Date: Mon, 28 Nov 2022 16:01:36 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
Access-Control-Expose-Headers: traceId
traceId: 4819cea128c50a8c

If the same error occurs in several cases of the same issue or problem, do not make duplicate requests, but rather write the data for individual cases in the body of the ticket, or insert it as an attachment

User sub - clearly identifies the user - we are unable to trace the user based on personal data, e.g. first and last name.

BankID tries to return a meaningful callback for most errors and it is up to the Service Provider to ensure adequate error handling on its side. List of the most common error codes from the /auth endpoint:

  • access_denied - the user either did not authenticate (e.g. forgot password, nickname, etc.) or did not confirm the transfer of personal data (changed his mind at the last moment)
  • eid_doesnt_exist - the bank identity service for the given bank and the given end user is not active, it can be for several reasons: it does not meet the conditions for issuing a means of electronic identification, it has deliberately turned off the service or it has not gone to a branch to physically identified
  • insufficient_scope - the user does not meet the conditions for the provision of the service, e.g. he is unauthorized or lacks essential data in the IdP for the provision of the service
  • server_error - an error occurred on the server side, either on the IdP or BankID side

If you do not receive a callback, it is an error in the bank's mobile app or internet banking, or a wrong setting on the user's side, so attach a screenshot of the application or the mobile app, verification may fail, for example, due to the lack of security method settings on the part of the user (two-factor authentication turned off in the internet banking settings).