4.1.11. MojeID LITE Library¶
Javascript library MojeID LITE (or also MojeID Connect) allows to load data from a MojeID identity to a website on the client’s side using the OpenID Connect protocol.
This feature can be used, for example, to simply prefill a web form with data of a user with an active MojeID account.
To enable this feature in your web form, you have to perform at least the following steps:
Insert a link to the library.
If you want to decrease your dependency on an external website, you can upload this library to your own website. The library can be downloaded here. The library depends on a cryptographic library jsrsasign which is available (in its newest version) on our webiste, so you do not have to insert it directly. The code of the script to insert the library has to be inside
<HEAD>
.An example of inserting the library:
<script type="text/javascript" src="https://www.mojeid.cz/public/media/1542958574/150/" data-jsrsasign="https://www.mojeid.cz/public/media/1542956522/149/"> </script>
Call a function for creating a MojeidConnect object.
This object represents communication with MojeID server. When calling the creating function, you can set certain parameters, that will affect the data transfer process. The code of the script to call the function has to be inside
<HEAD>
.An example of creating the object:
<script type="text/javascript"> (function() { mojeid = createMojeidConnect( { clientName: "Sample form", claims: ['phone_number', 'family_name', 'given_name', 'nickname', 'email', 'address', 'birthdate', 'gender', 'website', 'profile'] } ); })();</script>
Attach calling of requestAuthentication() method to the button that activates the prefilling of the form.
This method initiates the authentication process and filling the form with the values of the confirmed data.
An example of a code for the button:
<button onclick="mojeid.requestAuthentication()"> Prefill using MojeID </button>
createMojeidConnect(options) function parameters
When calling this function, you can set certain parameters (in dictionary structure) that will affect communication with the MojeID server:
clientId
It is possible that the service is already registered in the MojeID server. If yes, this service has a clientId assigned and you can provide it in the parameter. If the clientId parameter is not defined, registration is completed dynamically according to the OpenID Connect specifications using the address from the
regEndpoint
parameter. Caution: automatic (dynamic) registration cannot be used for Full access.
clientName
In case of dynamic registration, it is possible to define the name of the service that is shown to the user upon data transfer approval. If the name is not defined, the service’s URL is used.
scope
Required transferred data in form of a group of data. The value is a sublist
['openid', 'profile', 'email', 'phone', 'address']
, while'openid'
is required. If it is not defined, the value is['openid']
.
claims
Required transferred data in form of individual attributes. The value is a list of attributes. A full list of possible attributes is available in the value of
claims_supported
from server’s configuration file. An example of a list:['phone_number', 'family_name', 'given_name', 'nickname', 'email', 'address', 'birthdate', 'gender', 'website', 'profile']
attrDict
The library assumes the form items have the same
id
as the name of the attribute from theclaims
list. If that is not the case, it is possible to define a map list for the form item id and for the attribute name in this parameter.
formCallback
If the map dictionary from
attrDict
is not sufficient, you can define a name of your own JS function that will take care of filling the form.
display
The value is either
popup
orredirect
based on whether the login should be done in a new window or in the existing one. The default value ispopup
.
regEndpoint
Registration endpoint’s URL according to the OpenID Connect protocol specification. The default value is
https://mojeid.cz/oidc/registration/
.
authEndpoint
Authentication endpoint’s URL according to the OpenID Connect protocol specification. The default value is
https://mojeid.cz/oidc/authorization/
.
Sample form
For easier understanding, you can have a look at and try a full form sample.