OK we get it. “Dependencies are evil”, you’re a badass.

If you wish to implement our IDaaS by yourself, it’s still pretty easy. When a user begins authentication:

  1. Redirect the user to eID Easy authorize endpoint.

    URL: https://id.eideasy.com/oauth/authorize

    Required query parameters:
    client_id – client_id value that you got when registering the website
    redirect_uri – you set this value when you registered your website in My Webpages
    response_type – this is always “code”. Don’t ask why.

    Optional query parameters:
    lang – language of the user. Use 2-letter codes: (ISO 639-1)
    method – user’s selected method code. If specified, authentication will begin with this method, user will not be asked to select authentication method. See available method codes.
    phone – Mobile-ID mobile number prefill
    idcode – Smart-ID and Mobile-ID number prefill
    country – Smart-ID country preselect EE, LT or LV

    Example: https://id.eideasy.com/oauth/authorize?client_id=pM...m5&redirect_uri=https://your-site.com/login&response_type=code
  2. User will identify him/her/it on our login page. Don’t worry, we’ll send them back.
  3. After authentication, user is redirected to your redirect_uri. e.g https://your-site.com/login?code=j93jd0qk. Notice you received a query param named code. We’ll use this in the next step.
  4. Make a POST request eID Easy server to ask for access token.

    URL: https://id.eideasy.com/oauth/access_token

    Required body parameters:
    client_id – client_id value that you got when registering the website
    client_secret – secret value that you got when registering the website
    redirect_uri – redirect_uri value that you entered when registering the website
    code – code value that was set when redirecting user back from authorization endpoint
    grant_type – this is always “authorization_code”.

    Example body: code=fy...36&grant_type=authorization_code&client_id=r1...oo&client_secret=Iu...ch&redirect_uri=http%3A%2F%2Fexample.com%2Flogin.

    Make sure that headers contain “Content-Type: application/x-www-form-urlencoded” and redirect_uri value is urlencoded.

    Example response: {"access_token":"yF...zc","token_type":"Bearer","expires_in":3600} .
    You’ll need the access_token value in the next step.
  5. Make a GET request to eID server to ask for user details.

    URL: https://id.eideasy.com/api/v2/user_data

    Required query parameters:
    access_token – you got this from the previous step.

    Example: https://id.eideasy.com/api/v2/user_data?access_token=2D...Co

    Example response: 
{
    "status": "OK",
    "idcode": "38112086027",
    "lastname": "Pala",
    "firstname": "Margus",
    "current_login_method": "ee-id-login",
    "birth_date": "1981-12-08",
    "country": "EE",
    "current_login_info": {
        "valid_from": "2017-11-08T07:49:13+00:00",
        "valid_to": "2022-10-12T20:59:59+00:00"
    }
}

Job well done!