BankID Integration Service - Meander Platform - Likeperson App

Service Layer high complexity backend

Dependencies

Dependents

Entities

Integrations

Description

Backend service that manages the BankID OIDC authorisation code exchange, identity token validation, and user account creation or linking. Extracts the verified national identity (personnummer) from the token and propagates it to membership system fields where applicable.

Feature: BankID Authentication

bankid-integration-service

Responsibilities

Exchange OIDC authorisation code for identity and access tokens with BankID provider
Validate and decode the BankID identity token (JWT verification, nonce check)
Extract personnummer and verified identity claims from token payload
Create a new Meander user account or link BankID identity to existing account
Issue a Meander JWT session token and return it to the mobile client

Interfaces

exchangeCode(code: string, codeVerifier: string): Promise<BankIdTokenSet>

validateIdentityToken(idToken: string): Promise<BankIdClaims>

resolveOrCreateUser(claims: BankIdClaims): Promise<User>

issueSessionToken(userId: string): Promise<string>

handleProviderError(error: OidcError): BankIdErrorType

Relationships

Dependencies (2)

Components this component depends on

infrastructure BankID OIDC Client data Token Store

Dependents (1)

Components that depend on this component

ui BankID Screen

Related Data Entities (2)

Data entities managed by this component

Session 19 fields core User 26 fields core