Page tree
Skip to end of metadata
Go to start of metadata



User authentication with Swedish BankID and Swedish Mobile BankID. A number of other eID methods are to come.


Authentication as a service is an easy way to integrate secure login with two-factor authentication in a website, without any installation and with only limited in-house security competence needed.

News

2018-04-04

Added authentication library for .NET Standard, see Authentication libraries.

See more news...

How does it work?

Overview of Nexus GO Authentication

Definitions

 Environment

An environment in Nexus GO is a customer website, defined by a Validation URL. A customer can have several environments for testing and production.

 Method URL

The method URL is a unique link to Nexus GO per environment and method, for SAML authentication. The method URL is generated by Nexus GO.

Example:

https://access2.n62:8x8u/https/apip.com/https/api/rest/v1.0/saml/authnrequest/d8y5pt75lzaawbakz7ji5fotk3l5zi/j40sb2vjwdx7xji
 Validation URL

The validation URL is where the browser is redirected after authentication. The authentication response from Nexus GO is sent to the validation URL and needs to be validated there. The validation URL is entered in Nexus GO when creating an environment.

Example:

https://yourdomain.com/validate

Authentication step-by-step

  1. The user visits the web application.
  2. The user logs in with the requested method. Nexus GO sends an authentication response.
  3. The user is redirected to the Validation URL, as specified in the environment.
  4. The authentication response is validated.
  5. The user is either logged in or denied. 

How do I start testing?

  1. Sign up and log in to Nexus GO.
  2. Add an authentication method, including an environment with a Validation URL. Several environments and methods can be added, for testing and production environments.
  3. Do a few simple steps to implement the authentication method in your website, using an authentication library, available for Java, .NET, and PHP.
    You are ready to start the free testing! 
    In the testing phase, the authentication requests to end users are from "Nexus GO".
  4. When you are happy with the testing and want to get your own display name in the authentication request, upgrade to a suitable subscription type: Select the method, click Manage subscriptions, and enter your invoice address.
  5. For the same method, click Manage certificates. Enter your display name for the authentication request, for example your company name, and other details. In about 24 hours, the certificate is ready and the service is ready to use in your production environment. 

What authentication methods are available?



Swedish Mobile BankID*

Mobile two-factor authentication using electronic identities (eID) issued by Swedish banks.


Swedish BankID*

Two-factor authentication using electronic identities (eID) on file or smart card, issued by Swedish banks.




*Nexus acts as the relying party for BankID, which means that Nexus takes on all costs and contracts towards the BankID-vending bank.

Swedish BankID

Nexus GO Authentication with Swedish BankID or Swedish Mobile BankID can not be used in the process of issuing another electronic identity. Violating this rule is considered such a significant breach of contract, that it gives Nexus the right to terminate the contract.

See Terms: Nexus GO Authentication with Swedish BankID (in Swedish).