Testing the APIs
Getting started with Electronic ID
For api-testing, we recommend Telerik Fiddler, where you can easily set the HTTP headers and parameters.
In Fiddler’s Composer tab, you can go to the Compose-Raw tab and paste the text below and tap the Execute button (or use the Scratchpad tab where your text is automatically saved)
POST https://test.zignsec.com/v2/eid/sbid-another HTTP/1.1 User-Agent: Fiddler Host: test.zignsec.com Content-Length: 27 Content-Type: application/x-www-form-urlencoded Authorization: Your access token PersonalNumber=196709060070&target=http%3A%2F%2Flocalhost
Note that you must exchange the Authorization token above (12345678- etc), with your merchant-token received in an email. Also note that you during testing should remove the target link from the above call. A default welcome page that displays “Welcome, First Name Last Name.” will appear instead.
After having marked the command text and clicked Execute you will see the network traffic on the left side in Fiddler. When the new call at the bottom of the list is finished it will show Result = 200. Then you can double-click that line to see the HTTP response details on the right side, default format is JSON. Select instead to see in Raw format so that the REDIRECT_URL becomes clickable. Click on the REDIRECT_URL, which will start the authentication workflow in a new browser tab. During production it will is probably look best to run this workflow in an HTML IFRAME in the browser.
What is shown in the browser during login is ZignSec’s standard form templates, for example the spinning wait wheel and the text “Start your BankID app”, the company name “ZignSec” name and the ZignSec logo at the top of the page. But all this appearance can, in production, be adapted to your corporate standard.
Observe that the above Swedish code example uses the api-url test.zignsec.com which is BankID’s test environment with fake BankID certificates. This means that you must also install a test version of swedish BankID app (either for file or for mobile), to be able to complete the authentication process.