4.1.11. mojeID LITE Library

Javascript library mojeID LITE (or also mojeID Connect) allows to load data from a mojeID identity to a website on the client’s side using the OpenID Connect protocol.

This feature can be used, for example, to simply prefill a web form with data of a user with an active mojeID account.

To enable this feature in your web form, you have to perform at least the following steps:

  1. Insert a link to the library.

    If you want to decrease your dependency on an external website, you can upload this library to your own website. The library can be downloaded here. The library depends on a cryptographic library jsrsasign which is available (in its newest version) on our webiste, so you do not have to insert it directly. The code of the script to insert the library has to be inside <HEAD>.

    An example of inserting the library:

    <script type="text/javascript"
  2. Call a function for creating a MojeidConnect object.

    This object represents communication with mojeID server. When calling the creating function, you can set certain parameters, that will affect the data transfer process. The code of the script to call the function has to be inside <HEAD>.

    An example of creating the object:

    <script type="text/javascript"> (function() {
       mojeid = createMojeidConnect( {
          clientName: "Sample form",
          claims: ['phone_number', 'family_name', 'given_name', 'nickname',
             'email', 'address', 'birthdate', 'gender', 'website', 'profile']
       } );
  3. Attach calling of requestAuthentication() method to the button that activates the prefilling of the form.

    This method initiates the authentication process and filling the form with the values of the confirmed data.

    An example of a code for the button:

    <button onclick="mojeid.requestAuthentication()">
    Prefill using mojeID

createMojeidConnect(options) function parameters

When calling this function, you can set certain parameters (in dictionary structure) that will affect communication with the mojeID server:


It is possible that the service is already registered in the mojeID server. If yes, this service has a clientID assigned and you can provide it in the parameter. If the clientID parameter is not defined, registration is completed dynamically according to the OpenID Connect specifications using the address from the regEndpoint parameter.


In case of dynamic registration, it is possible to define the name of the service that is shown to the user upon data transfer approval. If the name is not defined, the service’s URL is used.


Required transferred data in form of a group of data. The value is a sublist ['openid', 'profile', 'email', 'phone', 'address'], while 'openid' is required. If it is not defined, the value is ['openid'].


Required transferred data in form of individual attributes. The value is a list of attributes. A full list of possible attributes is available in the value of claims_supported from server’s configuration file. An example of a list: ['phone_number', 'family_name', 'given_name', 'nickname', 'email', 'address', 'birthdate', 'gender', 'website', 'profile']


The library assumes the form items have the same id as the name of the attribute from the claims list. If that is not the case, it is possible to define a map list for the form item id and for the attribute name in this parameter.


If the map dictionary from attrDict is not sufficient, you can define a name of your own JS function that will take care of filling the form.


The value is either popup or redirect based on whether the login should be done in a new window or in the existing one. The default value is popup.


Registration endpoint’s URL according to the OpenID Connect protocol specification. The default value is https://mojeid.cz/oidc/registration/.


Authentication endpoint’s URL according to the OpenID Connect protocol specification. The default value is https://mojeid.cz/oidc/authorization/.

Sample form

For easier understanding, you can have a look at and try a full form sample.