What is Active Login?
Active Login is an Open Source project built on .NET Standard that makes it easy to integrate with leading Swedish authentication services like BankID.
It also provide examples of how to use it with the popular OpenID Connect & OAuth 2.0 Framework IdentityServer and provides a template for hosting the solution in Microsoft Azure. In addition, Active Login also contain convenient modules that help you work with and handle validation of Swedish Personal Identity Number.
Commercial support and traning is available if you need assistance or a quick start.
The source for Active Login is available on Github and is licensed under the very permissive MIT license for you to be able to use it in commercial or non-commercial applications without many restrictions.
Easy To Use
You can be up and running by writing only few lines of code.
.AddBankId() and you are one step closer to use BankID in you web application!
With an enforcement date of May 25, 2018, the GDPR is designed to unify data privacy requirements across the European Union (EU). Active Login was built with GDPR in mind and has privacy by design.
Active Login was built with Microsoft Azure in mind. While you are not required to use it, the Azure extensions will make you even more secure and the ARM template will get you started quicker than ever.
Azure AD B2C
Active Login can be deployed with Identity Server and enable support for BankID in Azure AD (Active Directory) B2C using custom identity providers.
Active Login targets .NET Standard so that you can use it on all the major platforms including macOS, Linux and Windows.
By using Razor Class Libraries introduced in ASP.NET Core 2.1 Active Login provides an pre-built UI that you can extend and customize.
Parsing and validation of Swedish identities such as Personal Identity Number (svenskt personnummer) is separated into standalone packages so that you can use it without the need of BankID.
What do I need to do to implement BankID in my application?
If you have knowledge within development around authentication yourself, all resources you need is available at GitHub. If you want a quick start, education or help with the full implementation we do provide consultancy services. See more info on Support below.
Why is Active Login an open source product and not a commercial product?
Active Login was “founded” by a group of developers and actually marketing people putting their ideas together. An important part was also the input from our beloved partner Microsoft. They are today very open for open source which helped us in the right way. They also had a member of the steering committee for the Active login project.
Will it always be for free?
It’s always hard to promise eternal things when it comes to business. But in the form it is launched and the way it’s working today we are more than happy. The core functions as is today will be open source as long as we can see into the future and obviously any use taken in action today will be for free also in the future. As far as we know we can’t protect us from that any other company sells side solutions in associating areas as Active Login.
But with that stated, you are a business minded company - how do you people think about that?
Believe it or not, we do a great business by not charging anything for the Active Login software. We saw some very interesting side effect and we are not a software company or ISV. Start selling software was not an option. The way we are gaining is above all that we get a lot of very nice new clients in the log in area. Active Login speeds up the process and helps our new and existing clients to get secure and future proof solutions. We also do some training and workshops that is great fun business. We have also helped some clients to start up open source project.
Do you provide help to other consultant companies?
Yes we do. At time being we have to prioritize whom to help and normally we can provide training to consultant companies. We do not provide support and Q&A technical sessions Ad hoc which comes frequently from different small and global consultant companies. That type of needs we do help our clients within support agreements. Questions and technical solutions should always be listed at the Git hub Active Login project.
If I have technical questions how do I do?
We have an FAQ at GitHub with more technical related questions, you might find your answer there.
If your question is related to our code, for example, if you have found a bug or have a suggestion for a feature. Please file an issue at GitHub.
If you need technical assistance, we do provide consultancy services to assist you with your implementation. See contact details below.
If I have general questions – how do I do?
Please feel free to send questions by mail to us. Do allow us some time to answer, but expect answers within a few working days.
Will Active Login come with new features?
Yes it will. As a matter of fact this happens frequently. We have had some great contributions from developers all over mainly Sweden. Active Solutions developers also contribute from time to time. It´s really working well and as it should in an open source project.
Will there be other national or European solutions like BankID incorporated in Active Login?
We do not really know. As Active Login is an open source project anyone is welcome to provide solutions to the project. We would welcome that as long as the security standards and quality is within standards.
What is the Architecture of Active Login?
Active Login can be used for direct application integration where your application directly references the packages you want to use. For example using BankIdApiClient to authenticate users of the application directly against BankID. Active Login will abstract the details of the BankID authentication/signing, error handling and makes it easy to start and control the authentication flow from your own application code. Although comprehensive samples are available for using Active Login with ASP.NET Core MVC, the core libraries and API clients are not tied to ASP.NET Core but can be used from all platforms that implement .NET Standard 2.0.
A common and often more suitable scenario is to handle all external authentication through a Federation Gateway. The Federation Gateway will act as a single Security Token Service (STS) for all applications that wants to use external authentication services. This makes it possible to use standard protocols like OpenID Connect and OAuth for all dependent applications and gives greater flexibility to the solution. Active Login has a comprehensive sample of how to use IdentityServer as the Federation Gateway. IdentityServer runs on .NET Core and is one of the most popular and mature Open Source products for handling these kind of scenarios.
Support & Training
A company or organization's own system development department faces many different challenges, which can not always be solved on their own. There are various reasons for taking in help. This can be due, for example, to difficulties in finding the right skills or for over time becoming too costly to keep up with your own staff.
Active Solution, the main contributor to Active Login, are doing consulting, training and mentoring around web based authentication in general with a focus on BankID with Active Login.
If you need help with implementing Active Login, there are commercial support & training options available.
We can help you out with:
- Education and training on:
- Active Login
- Identity Server
- Azure AD B2C
- Authentication on the .NET platform in general
- Hands on implementing BankID using Active Login
- Implement BankID as a custom Identity Provider for Azure AD B2C
- Continuous support for Active Login
Please contact us do discuss how we can help.