Use authentication methods in Digital Access for signing over SAML

This article is valid for Smart ID 20.06.1 and later.

Smart ID Digital Access component supports sending signing messages over SAML. If the SAML request contains a sign message, Digital Access forwards it to the signing interface of the app or client for authentication, so that it can be shown to the user when they are asked to sign.

To be used for signing, the SAML request must contain a SignMessage element. Once this is present, supporting authentication methods will use signing instead of authentication. Authentication methods without a dedicated signing option will still use authentication but display the signing message within the browser. 

Supported authentication methods

• Swedish BankID
• Nexus Personal Mobile
• Nexus Personal Desktop

Use other authentication methods for signing

Even if an authentication method does not support a certain signing functionality, it can still be used to authenticate a signature. For the supported authentication methods mentioned above, there is a certain signing interface that shows the signing message directly in the software (app or desktop application used). For other methods this signing message can be shown to the user within the browser.

To do this:

1. Change the branding of the following file:
   access-point/custom-files/wwwroot/wa/authmech/base/GenericForm.html

   1. Add the following HTML code wherever the message should be displayed:

      Display signing message

      XML

      <div>[$#authorizationData]</div>

Related information

• Authentication methods in Digital Access
• Smart ID Digital Access component
• SAML
• Set up Digital Access as identity provider to Nexus GO Signing
• Set up SAML authentication context in Digital Access