Skip to content

Commit ce786de

Browse files
authored
Merge pull request #5 from MobileID-Strong-Authentication/docs/fix-reference-guide-typos
Docs/fix reference guide typos
2 parents b3b267c + 74d82f5 commit ce786de

31 files changed

Lines changed: 368 additions & 209 deletions

docs/.vitepress/config.mts

Lines changed: 36 additions & 40 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@ import { defineConfig } from 'vitepress'
22

33
// https://vitepress.dev/reference/site-config
44
export default defineConfig({
5-
title: 'Mobile ID Documentation',
5+
title: 'Mobile ID docs',
66
description: 'Technical documentation for Mobile ID integration',
77
base: '/',
88
lastUpdated: true,
@@ -13,81 +13,77 @@ export default defineConfig({
1313

1414
themeConfig: {
1515
// https://vitepress.dev/reference/default-theme-config
16-
logo: '/img/mobileid-colors.png',
16+
logo: '/img/mobileid-colors-transparent.svg',
1717
siteTitle: false, // Hide visual title, keep only logo (HTML <title> remains)
1818

1919
nav: [
2020
{ text: 'Home', link: '/' },
21-
{ text: 'API Reference Guide', link: '/reference-guide/introduction' },
22-
{ text: 'OIDC Integration', link: '/oidc/introduction' },
23-
{
24-
text: 'More',
25-
items: [
26-
{ text: 'Release Notes', link: '/release-notes/release-notes' },
27-
{ text: 'API Specification', link: '/api-reference/api' },
28-
]
29-
}
21+
{ text: 'REST API Guide', link: '/rest-api-guide/introduction' },
22+
{ text: 'OIDC Integration Guide', link: '/oidc-integration-guide/introduction' },
23+
{ text: 'Release Notes', link: '/release-notes/release-notes' }
3024

3125
],
3226

3327
sidebar: {
34-
'/reference-guide/': [
28+
'/rest-api-guide/': [
3529
{
3630
text: 'Reference Guide',
3731
items: [
38-
{ text: 'Introduction', link: '/reference-guide/introduction' },
39-
{ text: 'Application Provider Client Integration', link: '/reference-guide/app-provider-client-integration' },
40-
{ text: 'Mobile ID API', link: '/reference-guide/mobile-id-api' },
41-
{ text: 'Best Practices', link: '/reference-guide/best-practices' },
42-
{ text: 'Auto Activation', link: '/reference-guide/auto-activation' },
43-
{ text: 'Status and Fault Codes', link: '/reference-guide/status-fault-codes' },
44-
{ text: 'Root CA Certificates (Trust Anchor)', link: '/reference-guide/root-ca-certs' },
45-
{ text: 'Create X509 Client Certificates', link: '/reference-guide/create-client-certs' },
46-
{ text: 'Health Status Microservice', link: '/reference-guide/health-status' }
32+
{ text: 'Introduction', link: '/rest-api-guide/introduction' },
33+
{ text: 'Integration Steps', link: '/rest-api-guide/app-provider-client-integration' },
34+
{ text: 'Mobile ID API', link: '/rest-api-guide/mobile-id-api' },
35+
{ text: 'Best Practices', link: '/rest-api-guide/best-practices' },
36+
{ text: 'Auto Activation', link: '/rest-api-guide/auto-activation' },
37+
{ text: 'Status and Fault Codes', link: '/rest-api-guide/status-fault-codes' },
38+
{ text: 'Root CA Certificates', link: '/rest-api-guide/root-ca-certs' },
39+
{ text: 'Create Client Certificates', link: '/rest-api-guide/create-client-certs' },
40+
{ text: 'Health Status Service', link: '/rest-api-guide/health-status' }
4741
]
4842
},
4943

5044
{
51-
text: '',
52-
items: [
53-
{ text: 'Imprint', link: '/reference-guide/imprint.md' },
54-
]
45+
text: '',
46+
items: [{ text: 'API Specification', link: '/rest-api-guide/api-specification' }]
47+
},
48+
{
49+
text: '',
50+
items: [{ text: 'Imprint', link: '/rest-api-guide/imprint.md' }]
5551
}
5652

5753
],
58-
'/entraid/': [
54+
'/entraid-guide/': [
5955
{
6056
text: 'EntraID Guide',
6157
items: [
62-
{ text: 'Index', link: '/entraid/' },
63-
{ text: 'One', link: '/entraid/one' },
64-
{ text: 'Two', link: '/entraid/two' }
58+
{ text: 'Index', link: '/entraid-guide/' },
59+
{ text: 'One', link: '/entraid-guide/one' },
60+
{ text: 'Two', link: '/entraid-guide/two' }
6561
]
6662
}
6763
],
6864

69-
'/oidc/': [
65+
'/oidc-integration-guide/': [
7066
{
7167
text: 'OIDC Guide',
7268
items: [
73-
{ text: 'Introduction', link: '/oidc/introduction' },
74-
{ text: 'Getting Started', link: '/oidc/getting-started' },
75-
{ text: 'Best Practices', link: '/oidc/best-practices' },
76-
{ text: 'Public Cloud Integration Guide', link: '/oidc/cloud-integration-guide' },
77-
{ text: 'MobileID OIDC - Use Cases', link: '/oidc/oidc-use-cases' },
78-
{ text: 'Message Formats on the Mobile ID App', link: '/oidc/message-formats' }
69+
{ text: 'Introduction', link: '/oidc-integration-guide/introduction' },
70+
{ text: 'Getting Started', link: '/oidc-integration-guide/getting-started' },
71+
{ text: 'Best Practices', link: '/oidc-integration-guide/best-practices' },
72+
{ text: 'Public Cloud Integration Guide', link: '/oidc-integration-guide/cloud-integration-guide' },
73+
{ text: 'MobileID OIDC - Use Cases', link: '/oidc-integration-guide/oidc-use-cases' },
74+
{ text: 'Message Formats on the Mobile ID App', link: '/oidc-integration-guide/message-formats' }
7975
]
8076
}
8177
],
8278

8379

84-
'/rig-radius/': [
80+
'/radius-interface-gateway-guide/': [
8581
{
8682
text: 'RIG Radius Guide',
8783
items: [
88-
{ text: 'Index', link: '/rig-radius/' },
89-
{ text: 'One', link: '/rig-radius/one' },
90-
{ text: 'Two', link: '/rig-radius/two' }
84+
{ text: 'Index', link: '/radius-interface-gateway-guide/' },
85+
{ text: 'One', link: '/radius-interface-gateway-guide/one' },
86+
{ text: 'Two', link: '/radius-interface-gateway-guide/two' }
9187
]
9288
}
9389
]
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.

docs/index.md

Lines changed: 5 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -6,27 +6,20 @@ hero:
66
name: "Mobile ID docs"
77
text: ""
88
tagline: seamless strong multi-factor authentication
9-
actions:
10-
- theme: brand
11-
text: API Reference Guide
12-
link: /reference-guide/introduction
13-
- theme: alt
14-
text: API Specification
15-
link: /api-reference/api
169

1710
features:
18-
- title: Getting Started
11+
- title: REST API Guide
1912
icon:
2013
src: /img/icon-info.svg
2114
class: feature-icon-info
22-
details: Discover the Mobile ID documentation and learn how to secure your application.
23-
link: /reference-guide/introduction
15+
details: Start here for direct integration via REST API (works for web apps and non-browser flows like native apps/backends).
16+
link: /rest-api-guide/introduction
2417
- title: OIDC Integration Guide
2518
icon:
2619
src: /img/icon-security.svg
2720
class: feature-icon-security
28-
details: Follow this guide to integrate Mobile ID into your application through the OpenID Connect (OIDC) standard.
29-
link: /oidc/introduction
21+
details: Start here for standards-based login via OpenID Connect (browser/redirect flow). Mobile ID acts as the OpenID Provider.
22+
link: /oidc-integration-guide/introduction
3023
- title: Release Notes
3124
icon:
3225
src: /img/icon-notes.svg

docs/oidc/best-practices.md renamed to docs/oidc-integration-guide/best-practices.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -141,7 +141,7 @@ Tokens, especially Refresh Tokens, must be treated as credentials and stored sec
141141

142142
There are test user accounts available for testing and debugging purpose.
143143

144-
Please be aware, due to the strict phone number validation during the Mobile ID authorization flow, these test phone numbers will only be accepted by the Mobile ID server if they are provided via `log-in_hint` request parameter. However, your account must be authorized to use the `login_hint` parameter and requires the use of Pushed Authorisation Requests (PAR), which keeps the parameters confidential between client and server (see section [Pushed Authorization Request (PAR)](/oidc/best-practices#pushed-authorization-request-par) ).
144+
Please be aware, due to the strict phone number validation during the Mobile ID authorization flow, these test phone numbers will only be accepted by the Mobile ID server if they are provided via `log-in_hint` request parameter. However, your account must be authorized to use the `login_hint` parameter and requires the use of Pushed Authorisation Requests (PAR), which keeps the parameters confidential between client and server (see section [Pushed Authorization Request (PAR)](/oidc-integration-guide/best-practices#pushed-authorization-request-par) ).
145145

146146
| MSISDN | Auth | Description |
147147
|--------|------|-------------|
File renamed without changes.

docs/oidc/getting-started.md renamed to docs/oidc-integration-guide/getting-started.md

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -8,8 +8,8 @@ For the technical on-boarding, you will be asked to provide Swisscom with the fo
88
|------|--------------------|------|
99
| **Client Display Name** | Your client’s name, which is displayed by the authorization server. <br> Example value: `iDemo Online Shop` | |
1010
| **Redirect URI(s)** | Redirection URI(s) to which the response will be sent. Note that TLS (https) is always required and the localhost URI is not allowed.<br> Example value:<br>`https://app01.idemo-company.ch/oauth2/authresp`<br>`https://app02.idemo-company.ch/oauth2/authresp` | [OIDC spec](https://openid.net/specs/openid-connect-core-1_0.html#AuthRequest) |
11-
| **Default ACR** | Your default ACR. Must be a value that is available for your selected Mobile ID contract.<br> Example value: `mid_al3_any` | [Section Auth Code Request ](/oidc/getting-started#authorization-code-request) |
12-
| **Client Auth Mode** | Your client’s authentication method, either basic or post.<br> Example value: `client_secret_post` | [Section Access Token Request ](/oidc/getting-started#access-token-request) |
11+
| **Default ACR** | Your default ACR. Must be a value that is available for your selected Mobile ID contract.<br> Example value: `mid_al3_any` | [Section Auth Code Request ](/oidc-integration-guide/getting-started#authorization-code-request) |
12+
| **Client Auth Mode** | Your client’s authentication method, either basic or post.<br> Example value: `client_secret_post` | [Section Access Token Request ](/oidc-integration-guide/getting-started#access-token-request) |
1313
| **Always Prompt For Consent** | The Mobile ID server default behavior is to skip the consent step, provided such is already recorded for the given end-user and client.<br> Default: `false` | |
1414
| **MFA Number Matching** | Enable MFA number matching feature for Mobile ID SIM and Mobile ID App authentication.<br> When a user responds to an MFA notification using Mobile ID SIM or Mobile ID App, they'll be presented with a number on their mobile. They need to select that number in the sign-in prompt to complete the approval.<br> Default: `false` | [Video](https://youtu.be/4ACfK_kByKY) |
1515
| **LDAP Settings** | Optional. Mobile ID server can connect to an LDAP(S) to validate user credentials and/or retrieve user attributes from the LDAP, such as:<br> - MFA mobile number attribute<br> - Mobile ID Serialnumber attribute (required for ACR mid_al4)<br> - User password attribute | |
@@ -72,13 +72,13 @@ The following request query string parameters are supported:
7272

7373
| Parameter | Value | Remarks |
7474
|-----------|-------|---------|
75-
| scope | MUST contain the value `openid` | Optionally, the client may request additional scopes as specified in [Scopes and Claims](/oidc/getting-started#scopes-and-claims) |
75+
| scope | MUST contain the value `openid` | Optionally, the client may request additional scopes as specified in [Scopes and Claims](/oidc-integration-guide/getting-started#scopes-and-claims) |
7676
| response_type | MUST be the value `code` | |
7777
| client_id | MUST be your client ID | |
7878
| redirect_uri | MUST be (one of) your redirect URI(s) | |
7979
| state | MUST be an opaque value | Used to maintain state between the request and the callback |
8080
| nonce | MUST be a nonce value | |
81-
| acr_values | CAN be set to overwrite the client's default ACR | Authentication Level (AL) required by the client (see [ACR](/oidc/getting-started#authentication-context-class-reference-acr)) |
81+
| acr_values | CAN be set to overwrite the client's default ACR | Authentication Level (AL) required by the client (see [ACR](/oidc-integration-guide/getting-started#authentication-context-class-reference-acr)) |
8282
| response_mode | SHALL NOT be used | |
8383
| display | SHALL NOT be used | |
8484
| prompt | CAN be set to `login` | |
@@ -152,7 +152,7 @@ If a user has more than one authentication method available that comply with the
152152
| 3 | Unknown SIM card & Active Mobile ID App | Mobile ID App |
153153
| 4 | Unknown SIM card & Inactive Mobile ID App | AL2: One-Time-Password SMS<br>AL3: Mobile ID App (Account Recovery)<br>AL4: Mobile ID App (Account Recovery) |
154154

155-
If your client attempts to request a scope that is not available with your current Mobile ID contract, an OIDC error `mid_sec_2020` ("unauthorized acr_values used in request", see [Error Scheme](/oidc/getting-started#error-scheme)) is returned.
155+
If your client attempts to request a scope that is not available with your current Mobile ID contract, an OIDC error `mid_sec_2020` ("unauthorized acr_values used in request", see [Error Scheme](/oidc-integration-guide/getting-started#error-scheme)) is returned.
156156

157157
Please check with your commercial contact or via Backoffice.Security@swisscom.com if you are interested in ACR values that are listed in the table above but currently not configured for your Mobile ID OIDC account.
158158

@@ -206,7 +206,7 @@ Location: https://client.example.org/cb?
206206

207207
## Access Token Request
208208

209-
The obtained authorization code ([see here](/oidc/getting-started#authorization-code-response)) can be used to receive an access token. This chapter describes how to format the access token request and which data is returned from the access token endpoint.
209+
The obtained authorization code ([see here](/oidc-integration-guide/getting-started#authorization-code-response)) can be used to receive an access token. This chapter describes how to format the access token request and which data is returned from the access token endpoint.
210210

211211
The OpenID Connect RFC states that there are 4 possible client authentication methods (used by clients to authenticate to the Authorization Server when using the Token Endpoint).
212212

@@ -269,7 +269,7 @@ Authentication Method Reference (AMR) is an attribute within the OpenID Connect
269269
| mid_sim || | |
270270
| mid_sms || | |
271271

272-
The AMR can be helpful in case the client requests an ACR with an "any" value, such as `mid_al3_any` (see section [ACR](/oidc/getting-started#authentication-context-class-reference-acr)). Since there are multiple authentication methods that comply with such ACR, the client will know from the AMR what authentication method the user actually used for the sign-in.
272+
The AMR can be helpful in case the client requests an ACR with an "any" value, such as `mid_al3_any` (see section [ACR](/oidc-integration-guide/getting-started#authentication-context-class-reference-acr)). Since there are multiple authentication methods that comply with such ACR, the client will know from the AMR what authentication method the user actually used for the sign-in.
273273

274274
### Example Access Token Response
275275

File renamed without changes.

0 commit comments

Comments
 (0)