Skip to main content
Skip table of contents

ID Verifier FAQ

What is the ui_locales parameter used for in the CIBA call?

The ui_locales parameter sets the language shown in the web browser UI during the identification flow. It is not used in the SDK’s internal UI.

Does ui_locales affect the SDK interface directly?

No. The SDK uses the device OS language setting, not the ui_locales value. This means the parameter only influences browser-based content, not native UI.

Will language sync between backend and SDK be supported in the future?

Yes. Language synchronization between the SDK and backend session is a planned feature for a future SDK release.

Is ui_locales a list or a single value?

Despite the plural name, only a single locale value is supported (e.g., nb-NO).

Which values are valid for ui_locales?

Supported values are listed in the official developer documentation. Common examples include:

en-US – English (US)
nb-NO – Norwegian (Bokmål)

How do I localize the SDK UI?

The SDK UI reflects the language of the user's mobile OS. To support localization:

Add translated strings.xml files for each language you support.
The SDK will automatically select the correct language based on the OS.

How do I initialize the SDK in Android?

To initialize the SDK, you must call the NtdrSDK.load(key, version) method with a valid SDK key and version.
Example:

java

CopyEdit

NtdrAPI api = NtdrSDK.load("DEVICE_IDENTIFIER", NtdrSDK.VERSION);

What is the SDK authorization key and where do I get it?

The SDK key is a static device identifier string, typically provided by Nets.
In the sample app, these are the default keys:

Android:
private final String DEVICE_IDENTIFIER = "AND0000000000000";
iOS:
private final String DEVICE_IDENTIFIER = "IOS0000000000000";
If you are integrating into production, contact Nets to request a production-ready key.

What is the purpose of the SDK version parameter?

The version identifies the SDK implementation version. It ensures compatibility with the backend and correct handling of protocol features. It is usually provided as NtdrSDK.VERSION.

How does the user choose between Passport and ID card in the mobile app?

Use the SDK’s built-in UX to present document type options. From the backend, initiate the CIBA-flow with:

  • ntdr-app-doclist: true

  • ntdr-doc-types: "P, I"

When ntdr-app-doclist is set to true, the user is shown a screen to select a document type, and the animation adapts based on the selection.

Can the ID type be selected outside the SDK?

No, selecting the ID type externally of the SDK is not supported.

How do we interpret the authentication results?

The claim "authentication_result" returns either:

  • "pass" – all ID checks were successful.

  • "fail" – one or more checks failed.

What does the "result_explanation" provide?

It explains why authentication failed. Possible values include:

  • STATUS_BAD_FACEMAP – Facial recognition was not completed

  • STATUS_BAD_BIODATA_AUTH – SDK authorisation failed

  • STATUS_BAD_BIODATA_EXPIRY – Document expiration criteria not met

  • STATUS_BAD_BIODATA_DOCTYPE – Document type mismatch

  • STATUS_BAD_BIODATA_ISSUER – Document issuer mismatch

  • STATUS_BAD_CHIPVERIFICATION – Chip verification failed

  • STATUS_BAD_CLONEDETECTION – Clone detection failed

  • STATUS_BAD_DOCUMENTHASHES – Document hashes do not match signature

  • STATUS_BAD_DOCUMENTSIGNATURE – Signature verification failed

  • STATUS_BAD_COUNTRYSIGNERCHAIN – Document trust anchor incomplete

Which ACR values should be used to meet DIGG level 3 assurance in Sweden?

Check the "acr" claim in the ID token:

  • urn:eident:cert:eidas:substantial → eIDAS Level 3 (DIGG Level 3)

  • urn:eident:cert:eidas:high → eIDAS Level 4 (DIGG Level 4)

Should we use the acr_values parameter in the auth request?

Yes, use it to specify the required assurance level. It affects which verification checks are enforced.

What’s the difference between ACR substantial and high?
  • High: All key checks must pass — CHIPVERIFICATION, CLONEDETECTION, DOCUMENTHASHES, DOCUMENTSIGNATURE, COUNTRYSIGNERCHAIN.

  • Substantial: More lenient — can accept expired documents within limits and allow documents without clone detection.

Is clone detection always performed?

Yes, for all scanned documents. But its result is only critical if ACR high is requested. If clone detection fails in that case:

  • authentication_result=fail

  • result_explanation=STATUS_BAD_CLONEDETECTION

Where is the Swedish personal number (personnummer) returned?

In the ID token, via the personal_number claim.

Where is the name of the document holder provided?

In the claims:

  • primary_identifier

  • secondary_identifier
    All in Latin characters.

How is the birthdate provided?

Via the birthdate claim in the ID token.

How do we retrieve the picture of the holder?

Through the authentication files accessible via auth_files_url.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.