🏠 Overview 👥 User Roles 📖 Handle Authentication Errors and Provider Cancella...

Handle Authentication Errors and Provider Cancellation Gracefully

Both BankID and Vipps can return a variety of error states: user cancellation, network timeout, provider unavailability, invalid redirect URI, token exchange failure, and expired authorization codes. The BankID Integration Service and Vipps Integration Service must normalize provider-specific error codes into user-facing messages via the respective API Gateways. The login screens must differentiate between user-initiated cancellations (soft feedback, return to login) and system errors (actionable error with retry), and must never leave the user on a blank or crashed screen.

HIGH story-bankid-vipps-authentication-organization-administrator-006 3 pts
3
Story Points
High
Priority
BankID & Vipps Authentication
Feature

User Story

As a user
I want the app to handle BankID or Vipps errors and my own cancellation gracefully with clear feedback
So that So that I understand what happened and can retry or choose a different login method without becoming confused or thinking the app has crashed

Acceptance Criteria

  • Given a user who taps the back button or cancel within the BankID in-app browser, when the browser dismisses, then the app returns to the login screen with the message 'BankID login was cancelled' and no error dialog
  • Given a Vipps token exchange failure (e.g., expired authorization code), when the Vipps API Gateway returns an error, then the Vipps Integration Service surfaces a message 'Login failed — please try again' with a retry button on the Vipps Login Screen
  • Given a BankID provider outage, when the authorization endpoint is unreachable, then the app displays 'BankID is temporarily unavailable. Try Vipps instead or retry later' with both options visible
  • Given a Vipps provider indicating its service is down, when the Vipps API Gateway returns a provider unavailability code, then the app displays 'Vipps is temporarily unavailable. Try BankID instead or retry later'
  • Given a network timeout during token exchange, when the HTTP request times out after the configured threshold, then the app cancels the request, cleans up any partial state, and presents a retry option without crashing
  • Given any authentication error, when the user dismisses the error state, then the login screen is restored to its initial state with both BankID and Vipps options available and no stale data displayed

Business Value

Poor error handling in authentication flows is a leading cause of user drop-off and negative first impressions. Many of the app's users are older or less digitally experienced — a confusing error screen during BankID or Vipps login can permanently deter adoption. Graceful, human-readable error handling with clear next steps is essential for the incremental rollout strategy endorsed by all three organizations, where new users are being invited to try the app alongside existing tools.

Components

BankID & Vipps Authentication
Related Feature
Organization Administrator
User Role