Skip to content

Mit ID transfer of control

Getting service provider id and MitId broker id

You can get the current values for service provider id and Mit ID broker id in authentication service documentation, "Transfer of control" section.

Flow diagram

---
config:
    sequence:
        showSequenceNumbers: true
---
sequenceDiagram

    title Transfer of control
    participant mitIdBroker as Mit ID broker
    participant integrator as Integrator (you)
    participant usersBrowser as Users browser
    participant addo as Addo Sign


    integrator ->> mitIdBroker: Initiate transfer of control.<br/>(Use "Addo service provider Id" and<br/>"Addo Broker Id" here.
    mitIdBroker -->> integrator:"transferTokenExchangeCode" and "transfer_token_text"

    integrator ->> addo: HTTP POST /signing-portal-api/v1/toc<br/>{ "redirectUrl": "https://example.com/addo-callback, ...}
    addo -->> integrator: "exchange_token"

    integrator ->> usersBrowser: Redirect to /signing-portal-api/v1/toc<br/>?recipient_token={some_recipient_token_value}<br/>&exchange_token={some_value}<br/>&transfer_token_text={some_value}
    usersBrowser ->> addo: HTTP GET /signing-portal-api/v1/toc<br/>?recipient_token=...

    addo ->> addo: User signs
    alt Flow completed sucessfuly
        addo -->> usersBrowser: Redirect to https://example.com/addo-callback<br/>?state={recipient_token_value}<br/>&transfer_token_exchange_code={transfer_token_value}<br/>&transfer_token_text={transfer_token_text_value}
    else
        addo -->> usersBrowser: https://example.com/addo-callback<br/>?state={recipient_token_value}<br/>&transfer_token_exchange_code={transfer_token_value}<br/>&transfer_token_text={transfer_token_text_value}<br/>&error={error_value}
    end
    usersBrowser -->> integrator: HTTP GET https://example.com/addo-callback?state=...

Callback

The the callback will contain these parameters:

  • state- recipient token.
  • error- What went wrong. Not present when callback is a success.
  • transfer_token_exchange_code- value used to transfer control to your app.
  • transfer_token_text- value used to transfer control to your app.

Example success callback: 

https://example.com/addo-callback?state={recipient_token}&transfer_token_exchange_code={some_value}&transfer_token_text={some_value}

Example error callback: 

https://example.com/addo-callback?state={recipient_token}&transfer_token_exchange_code={some_value}&transfer_token_text={some_value}&error={error_code}

Currently possible error codes, keep in mind that in the future more values might be added:

  • authentication_method_not_allowed - wrong authentication method was used when creating the signing/form.
  • user_disconnect - user logged out of the flow.
  • signing_type_not_allowed - signing type is not supported by transfer of control. Only signings and forms are supported.
  • invalid_recipient_state - the recipient(transaction) was in an invalid state. Signing might be already completed, rejected, etc.
  • recipient_not_found - the recipient(transaction) was not found.
  • internal_server_error - an unexpected error happened.