Global

An opaque value used by the client to maintain state between the request and callback. It's also recommended to prevent CSRF https://tools.ietf.org/html/rfc6749#section-10.12

Authentication Context Class Reference Values. If omitted, the user will be asked to authenticate using username+password. For 2FA (Two-Factor Authentication) possible values are sms, otp (one time password), password (will force password confirmation, even if user is already logged in), eid. Those values might be mixed as space-separated string. To make sure that user has authenticated with 2FA you need to verify AMR (Authentication Methods References) claim in ID token. Might also be used to ensure additional acr (sms, otp) for already logged in users. Supported value is also 'otp-email' means one time password using email.

The OAuth scopes for the tokens. This is a list of scopes, separated by space. If the list of scopes contains openid, the generated tokens includes the id token which can be useful for getting information about the user. Omitting scope is allowed, while invalid_scope is returned when the client asks for a scope you aren’t allowed to request. https://tools.ietf.org/html/rfc6749#section-3.3

Redirect uri that will receive the code. Must exactly match a redirectUri from your client in self-service

Should we try to open a popup window?

user email or UUID hint

Pulse tag

Teaser slug. Teaser with given slug will be displayed in place of default teaser

Specifies the allowable elapsed time in seconds since the last time the End-User was actively authenticated. If last authentication time is more than maxAge seconds in the past, re-authentication will be required. See the OpenID Connect spec section 3.1.2.1 for more information

Optional parameter to overwrite client locale setting. New flows supports nb_NO, fi_FI, sv_SE, en_US

display username and password on one screen

String that specifies whether the Authorization Server prompts the End-User for reauthentication or confirm account screen. Supported values: select_account or login

An opaque value used by the client to maintain state between the request and callback. It's also recommended to prevent CSRF https://tools.ietf.org/html/rfc6749#section-10.12

Authentication Context Class Reference Values. If omitted, the user will be asked to authenticate using username+password. For 2FA (Two-Factor Authentication) possible values are sms, otp (one time password) and password (will force password confirmation, even if user is already logged in). Those values might be mixed as space-separated string. To make sure that user has authenticated with 2FA you need to verify AMR (Authentication Methods References) claim in ID token. Might also be used to ensure additional acr (sms, otp) for already logged in users. Supported value is also 'otp-email' means one time password using email.

The OAuth scopes for the tokens. This is a list of scopes, separated by space. If the list of scopes contains openid, the generated tokens includes the id token which can be useful for getting information about the user. Omitting scope is allowed, while invalid_scope is returned when the client asks for a scope you aren’t allowed to request. https://tools.ietf.org/html/rfc6749#section-3.3

Redirect uri that will receive the code. Must exactly match a redirectUri from your client in self-service

Should we try to open a popup window?

user email or UUID hint

Pulse tag

Teaser slug. Teaser with given slug will be displayed in place of default teaser

Specifies the allowable elapsed time in seconds since the last time the End-User was actively authenticated. If last authentication time is more than maxAge seconds in the past, re-authentication will be required. See the OpenID Connect spec section 3.1.2.1 for more information

Optional parameter to overwrite client locale setting. New flows supports nb_NO, fi_FI, sv_SE, en_US

display username and password on one screen

String that specifies whether the Authorization Server prompts the End-User for reauthentication or confirm account screen. Supported values: select_account or login

Is the user connected to the merchant? (it means that the merchant id is in the list of merchants listed of this user in the database)? Example: false

Example: 'notConnected' or 'connected'. Deprecated, use Identity.isConnected()

Example: 'localhost'

Example: '58eca10fdbb9f6df72c3368f'. Obsolete

Example: 37162

Example: 'b3b23aa7-34f2-5d02-a10e-5a3455c6ab2c'

Example: 'eyJjbGllbnRfaWQ...'

Example: 30 * 60 * 1000 (for 30 minutes)

Example: 1506285759

Example: 'NCdzXaz4ZRb7...' The sig parameter is a concatenation of an HMAC SHA-256 signature string, a dot (.) and a base64url encoded JSON object (session). http://techdocs.spid.no/sdks/js/response-signature-and-validation/

(Only for connected users) Example: 'batman'

(Only for connected users) Example: 'Bruce'

(Only for connected users) Example: 'Wayne'

(Only for connected users) Example: 'male', 'female', 'undisclosed'

(Only for connected users) Example: 'http://www.srv.com/some/picture.jpg'

(Only for connected users)

(Only for connected users)

(Only for connected users)

Properties

Properties

Deprecated: User UUID, to be be used as loginHint for Identity#login

Human-readable user identifier

Client name

expected encoding of simplified login widget. Could be utf-8 (default), iso-8859-1 or iso-8859-15