Smart-ID+ is the next step in the Smart-ID journey – designed for organizations facing increasing fraud risks, stronger security requirements, and the need to deliver secure, intuitive identity experiences across devices.
Built on the trusted foundations of Smart-ID, Smart-ID+ introduces enhanced authentication flows, including QR-based cross-device login, same-device authentication, and secure device-session linking. These improvements strengthen protection against fraud while maintaining the simplicity users expect from Smart-ID.
In order to start using Smart-ID+, the upgrade process is straight forward - the only requirement being that the Smart-ID App should be updated to its newest firmware version.
A more detailed explanation on how the solution works and can be used is available on the official Smart-ID website: https://www.smart-id.com/smart-id-plus/#upgrade
API product compatibility with Smart-ID+
Identity Gateway
The Smart-ID+ function is available for Identity Gateway redirect-based integrations. In order to start using it, we've added two new parameters which should be part of your requests, depending on your specific use case - smartid_qr_flow=true/false and app2app_url=callbackLink .
-
If you already have the Identity Gateway API solution integrated, the Smart-ID+ can be added to it with an additional parameter when creating the authentication session:
When sending POST /api/authentication/create, add the parameter
smartid_qr_flow=trueto the request. -
If you are only starting to use Identity Gateway API solution after the introduction to Smart-ID+, this method will be automatically added to the default request.
In case you would like to turn it off, when sending POST /api/authentication/create, add the parameter
smartid_qr_flow=false -
For integrations done in mobile applications, the Smart-ID+ can as well be added with the
smartid_qr_flowvalue, used together with a newapp2app_url=callbackLinkparameter, where the user would be redirected after successful authentication in the Smart-ID app.Once the user is returned to your application, you would need to send all GET parameters to the
/auth/{token}/smartid-v3/callbackendpoint, after which the user is redirected to theredirect_url, provided in the initial POST /api/authentication/create request.Note: your mobile application must support deep links for
app2app_urlparameter to work.
A more detailed documentation on Identity Gateway and Smart-ID+ functionality with this API can be found here: https://id-sandbox.dokobit.com/api/doc.
Testing
Smart-ID+ is available in both sandbox and production environment of Identity Gateway. For production environment, it is enough to have the Smart-ID application updated to its latest version for the method to work.
In order to test the solution in sandbox environment, a Smart-ID Demo App account is required. Unfortunately, no test users are available for this solution.
Follow these steps to set up the Smart-ID DEMO app:
1. Install the app on your mobile device:
To install on the Android platform (minimum Android 4.1 required), click here.
To install on iOS (minimum iOS8 required), download Testflight here and join the Smart-ID demo beta app here.
2. Register and prove your identity. Please note that you will need to get a Smart-ID Qualified Electronic Signature account. In order to do so, please use an eID card or Mobile-ID for the identification. Using a bank link as a registration method means that you will be granted a Smart-ID Basic account, which can be used only by IDP-s (banks). You will only be able to use a Smart-ID Basic account in internet banks.
3. Your Smart-ID Demo account is now ready to use.
In case you have any additional questions regarding the functionality of Smart-ID+ with our API solutions, please reach out to developers@dokobit.com