Cookies are used to collect information about you. Nexus uses this information to give you a better experience of the website (functional) and to count the pages you visit (statistics).
Click OK to give Nexus your consent to use cookies. Read more about Nexus' cookie policy.
For Smart ID Mobile App, you can set up two options for authentication: on the same device or on another device. To offer the end user both options, they must be set up as two separate methods. Using another device for authentication can be set up in two ways:
QR code: The user initiates the authentication from Smart ID Mobile App by scanning the QR code. With this method, the user does not have to enter a username on the authentication page.
Username: The user initiates the authentication by entering its username on the authentication page.
Prerequisites
Before setting up Smart ID Mobile App or Smart ID Desktop App, you need the following:
Log in to Digital Access Admin with an administrator account.
Only for Smart ID Mobile App: There is an SMS or email gateway available for sending notifications.
The access point must be protected by a public certificate, see Add certificates in Digital Access. When deploying a server certificate, its certificate chain up to the root shall also be added in CA certificates.
Smart ID Messaging must be installed on-premises or consumed as a service.
Add Smart ID Mobile App or Smart ID Desktop App as an authentication method
To add Smart ID Mobile App or Smart ID Desktop App as an available authentication method:
In Digital Access Admin, go to Manage System > Authentication Methods.
Click Add Authentication Method...
Select Personal Mobile or Personal Desktop (Smart ID Mobile App or Smart ID Desktop App). Click Next >.
In General Settings, enter a Display Name. The display name is shown to end users when they log in.
If you want Digital Access to validate a response using a CA certificate, check Enable Personal Certificate Authentication. Click the ?-sign for help.
Select the Certificate Authority that issued the certificates used in Smart ID Mobile App or Smart ID Desktop App,.
For Smart ID Desktop App, the selected certificate authority does not work as a filter, so certificates from all certificate authorities will be displayed to the end user in Smart ID Desktop App.
Only for Smart ID Mobile App: if you want to enforce authentication on the same device, check Enable authentication on same device and do the following settings:
In Wait for (seconds), enter a number of seconds for the image to be displayed before being redirected to Smart ID Mobile App.
In Redirect Text, change the text if required.
To offer the end users an option to authenticate on the same device or on another device, you must add two separate authentication methods, one where authentication on same device is enabled (enforced) and one where it is not.
Click Add Authentication Method Server… Select an authentication server.
Click Next >, Next > and Next >.
In Extended Properties add relevant properties for the authentication method.
When using Enable Personal Certificate Authentication with Personal Desktop or Enable Personal Certificate Authentication together with Enable authentication on same device with Smart ID Mobile App, it is mandatory to add both User Attribute and Certificate Attribute properties.
Example
User Attribute: mail Certificate Attribute: subjectaltname-emailaddress
Click Next > and thenFinish Wizard.
Click Publish, that is marked blue, showing that updates have been done.