Skip to content

Commit d04e3e6

Browse files
committed
docs: finalize release-readiness cleanup and consistency fixes
Apply low-risk documentation polish for production readiness by fixing legacy references, certificate guidance links, homepage messaging, and sidebar consistency while removing orphaned pages.
1 parent c537956 commit d04e3e6

8 files changed

Lines changed: 20 additions & 26 deletions

File tree

docs/.vitepress/config.mts

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -95,7 +95,7 @@ export default withMermaid(defineConfig({
9595
},
9696
{
9797
text: '',
98-
items: [{ text: 'Imprint', link: '/rest-api-guide/imprint.md' }]
98+
items: [{ text: 'Imprint', link: '/rest-api-guide/imprint' }]
9999
}
100100

101101
],
@@ -108,13 +108,13 @@ export default withMermaid(defineConfig({
108108
{ text: 'Best Practices', link: '/oidc-integration-guide/best-practices' },
109109
{ text: 'Passkey Authentication', link: '/oidc-integration-guide/passkey-authentication' },
110110
{ text: 'Public Cloud Integration', link: '/oidc-integration-guide/cloud-integration-guide' },
111-
{ text: 'MobileID OIDC - Use Cases', link: '/oidc-integration-guide/oidc-use-cases' },
111+
{ text: 'Use Cases', link: '/oidc-integration-guide/oidc-use-cases' },
112112
{ text: 'App Message Formats', link: '/oidc-integration-guide/message-formats' }
113113
]
114114
},
115115
{
116116
text: '',
117-
items: [{ text: 'Imprint', link: '/oidc-integration-guide/imprint.md' }]
117+
items: [{ text: 'Imprint', link: '/oidc-integration-guide/imprint' }]
118118
}
119119
],
120120

@@ -131,7 +131,7 @@ export default withMermaid(defineConfig({
131131
},
132132
{
133133
text: '',
134-
items: [{ text: 'Imprint', link: '/radius-interface-gateway-guide/imprint.md' }]
134+
items: [{ text: 'Imprint', link: '/radius-interface-gateway-guide/imprint' }]
135135
}
136136
]
137137

docs/index.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@ features:
3333
<div class="vp-doc">
3434

3535
<div class="wip-banner">
36-
<strong>🚧 Work in Progress: We're actively building this documentation. Check back regularly for the latest updates.</strong>
36+
This documentation is actively maintained and updated as Mobile ID evolves. Use <em>"Give feedback on this page"</em> to suggest improvements.
3737
</div>
3838

3939
</div>

docs/oidc-integration-guide/introduction.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ Mobile ID utilizes the **Authorization Code Grant Type** to obtain an access tok
4646

4747
## Refresh Token
4848

49-
Because Access Tokens are always short-lived (see [Section Tokens](/oidc-integration-guide/getting-started#tokens)), a Relying Party may want to refresh the Access Token using their long-lived Refresh Token. To refresh an Access Token, the Client must always authenticate at the Token Endpoint. The Relying Party should always validate the Refresh Response.
49+
Because Access Tokens are always short-lived (see [Tokens](/oidc-integration-guide/getting-started#tokens)), a Relying Party may want to refresh the Access Token using their long-lived Refresh Token. To refresh an Access Token, the Client must always authenticate at the Token Endpoint. The Relying Party should always validate the Refresh Response.
5050

5151
![refresh-token](/img/refresh-token.png)
5252

docs/radius-interface-gateway-guide/rig-deployment.md

Whitespace-only changes.

docs/rest-api-guide/best-practices.md

Lines changed: 4 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,7 @@ When constructing an MSS Signature request, the following best-practice guidelin
3434

3535
6. **Define the `DataToBeDisplayed` (DTBD) message**
3636
The text shown on the user’s mobile device must comply with the following guidelines:
37-
- Encoded in UTF-8 [<sup id="a17">17</sup>](#17).
37+
- Encoded in UTF-8.
3838
- Should include a unique transaction reference (e.g., timestamp, customer ID, contract ID).
3939
- **Length limits:**
4040
- Maximum 239 characters if all characters are in the standard [GSM 03.38](https://en.wikipedia.org/wiki/GSM_03.38) character set.
@@ -44,12 +44,6 @@ When constructing an MSS Signature request, the following best-practice guidelin
4444
**Example DTBD:**
4545
> `Bank ACME: Proceed with the login? (TXN-3D5K)`
4646
47-
::: details Footnotes
48-
17. <span id="17"></span> Type of the AP_TransID is xsd:NCName, refer to http://www.datypic.com/sc/xsd/t-xsd_NCName.html [](#a17)
49-
18. <span id="17"></span> http://www.w3.org/TR/xmlschema-2/#dateTime [](#a17)
50-
19. <span id="17"></span> http://en.wikipedia.org/wiki/UTF-8 [](#a17)
51-
20. <span id="17"></span> In mobile telephony GSM 03.38 is the standard character set used in short message service. [](#a17)
52-
:::
5347

5448
### Signature Response
5549

@@ -72,7 +66,7 @@ The key validation aspects are as follows:
7266
- The client must be capable of validating both RSA and ECDSA signatures.
7367

7468
4. **(Optional) Validate the Mobile ID Serial Number**
75-
- For the highest level of assurance and a fully strong two-factor authentication process, validate the Mobile ID serial number as described in **Section Mobile ID Serial Number Validation**.
69+
- For the highest level of assurance and a fully strong two-factor authentication process, validate the Mobile ID serial number as described in **[Serial Number Validation](/rest-api-guide/best-practices#serial-number-validation)**.
7670

7771
5. **Implement Proper Fault and Status Handling**
7872
- Handle all status and fault codes using structured exception handling logic to ensure stable, predictable behavior of the client application.
@@ -94,7 +88,7 @@ If both signature requests target the SIM-based authentication method, and the f
9488

9589
- **Fault Code:** `406 / PB_SIGNATURE_PROCESS`
9690
- **Description:** The subscriber already has an active signature operation in process.
97-
- See **Section 6** for detailed fault code definitions.
91+
- See **[Status and Fault Codes](/rest-api-guide/status-fault-codes)** for detailed fault code definitions.
9892

9993
##### App Method Concurrency
10094
If both requests target the Mobile ID App-based authentication method, the behavior is different:
@@ -103,7 +97,7 @@ If both requests target the Mobile ID App-based authentication method, the behav
10397
- The second signature request is then displayed on the mobile device via the Mobile ID App.
10498

10599
- **Fault Code (cancellation of first transaction):** `401 / USER_CANCEL`
106-
- See **Section 6** for further information.
100+
- See **[Status and Fault Codes](/rest-api-guide/status-fault-codes)** for further information.
107101

108102
## Serial Number Validation
109103

docs/rest-api-guide/create-client-certs.md

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -26,17 +26,17 @@ $ openssl req -new -newkey rsa:4096 -nodes -rand /dev/urandom \
2626

2727
### Self-Sign Certificate
2828

29-
```bash
30-
31-
$ openssl x509 -req -days 1825 -sha256 -in mycert.csr -signkey mycert.key -out my-cert.crt
29+
Create a small extension file `ext.cnf` that adds the required Client Authentication Extended Key Usage:
3230

31+
```ini
32+
[v3_req]
33+
extendedKeyUsage = clientAuth
3334
```
3435

35-
and run:
36+
Then self-sign the certificate:
3637

3738
```bash
38-
39-
$ openssl x509 -req -days 1825 -sha256 -extfile ext.cnf \
39+
$ openssl x509 -req -days 1825 -sha256 -extfile ext.cnf -extensions v3_req \
4040
-in mycert.csr -signkey mycert.key -out mycert.crt
4141
```
4242

docs/rest-api-guide/root-ca-certs.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -28,14 +28,14 @@ Usually, a client's TrustStore contains the Root Certificate only, the so-called
2828
The Mobile ID End Entity Certificate is either based on the Root Certificate `Swisscom Root CA 4` or on the older Root Certificate `Swisscom Root CA 2`.
2929

3030
You can download the "Swisscom Root CA 4" certificate from the Swisscom Digital Certificate Service site:
31-
[http://aia.swissdigicert.ch/sdcs-root4.crt](http://aia.swissdigicert.ch/sdcs-root4.crt)
31+
[https://aia.swissdigicert.ch/sdcs-root4.crt](https://aia.swissdigicert.ch/sdcs-root4.crt)
3232

3333
| SHA-1 Fingerprint |
3434
|-------------------|
3535
| B9 82 1B 0C 87 7D 30 24 DD 6A 8F 6E 44 3E F5 38 8E 53 16 1B |
3636

3737
You can download the "Swisscom Root CA 2" certificate from the Swisscom Digital Certificate Service site:
38-
[http://aia.swissdigicert.ch/sdcs-root2.crt](http://aia.swissdigicert.ch/sdcs-root2.crt)
38+
[https://aia.swissdigicert.ch/sdcs-root2.crt](https://aia.swissdigicert.ch/sdcs-root2.crt)
3939

4040
| SHA-1 Fingerprint |
4141
|-------------------|

docs/rest-api-guide/status-fault-codes.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@
1010
| 501 | REVOKED_CERTIFICATE | The Mobile ID user's x509 certificate has been revoked. The user must re-activate the account on the Mobile ID self-care portal. | Signature, Status Query |
1111
| 502 | VALID_SIGNATURE | The MSS Signature transaction was successful. | Signature, Status Query |
1212
| 503 | INVALID_SIGNATURE | The MSS Signature transaction failed due to invalid signature data. The user may try to re-activate the account on the Mobile ID self-care portal. It may be required to replace the SIM card. | Signature, Status Query |
13-
| 504 | OUSTANDING_TRANSACTION | The MSS Signature transaction is outstanding. The AP must try again later. | Status Query |
13+
| 504 | OUTSTANDING_TRANSACTION | The MSS Signature transaction is outstanding. The AP must try again later. | Status Query |
1414

1515
### Fault Codes (Error)
1616

@@ -39,7 +39,7 @@
3939

4040
Specific MSISDNs are available to test different type of response status and fault codes. By placing a request to one of this number the related status or fault code will be raised. The following MSISDN structure is used for testing fault codes, which might help a developer to test the error handling of their Mobile ID client.
4141

42-
- `+41000092<faultcode>` - Use one of the 3-digit fault sub-code values listed in section 6.1.
42+
- `+41000092<faultcode>` - Use one of the 3-digit fault sub-code values listed in the [Fault Codes](#fault-codes-error) table above.
4343

4444
On the other hand, a successful Mobile ID signature response can be tested by using one of the two MSISDNs listed below, which might help with CI/CD pipelines that include automated regression testing with Mobile ID authentications. However, your account will require specific permissions to be able to use the test-MSISDNs for successful Mobile ID responses. Please ask your Swisscom contact if you need this permission.
4545

0 commit comments

Comments
 (0)