Skip to content

Replace default returnUrl value from String.Empty to null for BankID authentication #520

New issue
New issue
Closed
#519
Closed
Replace default returnUrl value from String.Empty to null for BankID authentication#520
#519
Labels
bugSomething isn't working
Milestone
v11.1.1
@elinohlsson

Description

@elinohlsson
elinohlsson
opened on Oct 9, 2025

Description
The handling of the returnUrl parameter sent to the BankID security application needs to be reviewed to ensure compliance with BankID’s updated recommendations.

As a first step, we can no longer use String.Empty as a default value to allow the user to manually navigate back to the originating application. Sending an empty string as the returnUrl parameter in the Auth API request now results in a 400 status code.

To address this, the default value will initially be updated to null.

Currently, this value is used on IOS devices when the browser is something other than Safari, Chrome, or Firefox — for example, Edge or Opera.

NuGet package version
11.1.1

Smartphone:

  • OS: IOS
  • Browser: Edge, Opera

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions