BankID & Vipps Authentication - Likepersonsapp – Peer Mentor Activity Platform | Generated by Eircodex v3.0

Scope

high complexity extracted Authentication & Access Control Confidence: 100%

7

Components

58

Shared

0

User Stories

Yes

Analyzed

Description

This feature implements BankID and Vipps as primary authentication providers for initial user login, leveraging Norway's national identity infrastructure for strong verification. BankID provides verified Norwegian identity, while Vipps login can additionally return the user's national ID number (personnummer) back to the organization's member systems — a critical side-effect for organizations that currently lack this data for many members. After initial BankID or Vipps authentication, the user is linked to their organizational account and can use biometric login for subsequent sessions.

User Flow

BankID & Vipps Authentication user flow

Click to expand

Analysis

Business Value

BankID and Vipps are the preferred authentication methods across all four partner organizations, providing legally binding identity verification that email/password cannot. Vipps login specifically unlocks a high-value side-effect: returning personnummer to member registries that currently lack it for a significant portion of their member base — this alone justifies the integration cost. Strong identity verification also supports the encrypted assignment dispatch feature (Blindeforbundet) where sensitive personal data is shared with verified peer mentors. The Vipps monthly cost (350–750 NOK) is shared across organizations, making it economically viable.

Implementation Notes

Integration uses the official BankID OIDC and Vipps Login APIs, launched via in-app browser (flutter_web_auth_2 or similar) with a custom URL scheme redirect. The backend (Next.js) handles the OAuth callback, validates the identity token, creates or links the user account, and issues a platform JWT. The BankID Integration Service and Vipps Integration Service are backend services that abstract the provider-specific flows behind a common interface. Personnummer returned by Vipps is encrypted before storage and forwarded to the organization's member system API. National ID handling must comply with GDPR and Norwegian Datatilsynet requirements.

Components (65)

User Interface (2)

ui BankID Login Screen medium ui Vipps Login Screen medium

Service Layer (3)

service BankID Integration Service high service Identity Verification Service high service Vipps Integration Service high

Infrastructure (2)

infrastructure In-App Browser Infrastructure medium infrastructure OAuth Callback Handler medium

Shared Components

These components are reused across multiple features

User Interface (16)

ui Accessible Picker Widget medium Shared ui Speech Input Widget medium Shared ui Contact Card Widget low Shared ui Contact Search Bar Widget low Shared ui View Switcher Widget low Shared ui Activity Summary Widget low Shared ui Approval Status Badge Widget low Shared ui Bottom Navigation Bar Widget low Shared ui Duplicate Warning Badge Widget low Shared ui Receipt Viewer Widget medium Shared ui Benefit Breakdown Chart Widget medium Shared ui AppButton Widget medium Shared ui AppTextField Widget medium Shared ui Modal Navigation Helpers medium Shared ui Page Header Widget low Shared ui Sync Status Indicator Widget low Shared

Service Layer (13)

service Auth Service medium Shared service Role Guard Service medium Shared service Activity Service medium Shared service Role Guard Service low Shared service Contact Service medium Shared service Email Invitation Service medium Shared service Oversight Audit Log Service medium Shared service Reimbursement Approval Audit Logger low Shared service Context Management Service medium Shared service Statistics Service medium Shared service REST API Client high Shared service Accessibility Service high Shared service Encryption Service high Shared

Data Layer (9)

data Token Storage low Shared data Auth Token Repository medium Shared data Activity Repository medium Shared data Contact Repository Cache low Shared data Contact Repository medium Shared data Reimbursement Admin Repository medium Shared data Organization Repository high Shared data Local Cache Repository medium Shared data Audit Log Repository medium Shared

Infrastructure (20)

infrastructure JWT Infrastructure medium Shared infrastructure JWT Infrastructure low Shared infrastructure Auth Middleware medium Shared infrastructure Report API Middleware low Shared infrastructure Report Access Guard low Shared infrastructure Approval Audit Logger low Shared infrastructure End-to-End Encryption Infrastructure high Shared infrastructure Email Delivery Infrastructure low Shared infrastructure Invitation Token Infrastructure medium Shared infrastructure Signed URL Provider low Shared infrastructure Multi-Tenancy Infrastructure high Shared infrastructure Calculator Export Infrastructure medium Shared infrastructure Request & Response Interceptors high Shared infrastructure Design Token System medium Shared infrastructure Semantic Labels Infrastructure medium Shared infrastructure Connectivity Infrastructure low Shared infrastructure Local Database Infrastructure high Shared infrastructure Secure Storage Infrastructure medium Shared infrastructure Connection Pool Infrastructure medium Shared infrastructure Database Migration Infrastructure medium Shared

User Stories

No user stories have been generated for this feature yet.