Introduction
This documentation will explain how to initialize and start up the AusweisApp as an additional service. It distinguishes between a connection to the application and the communication between your application and AusweisApp.
The section Connection will show you what you need to do to set up a connection to AusweisApp. Once you have established a connection you can send and receive JSON documents in a bi-directional manner. There are different commands and messages. These are listed and described in the section Protocol. The protocol is split up in Commands and Messages. Commands will be sent by your application to control AusweisApp. Messages contain additional information to your command or will be sent as an event.
Also this documentation provides some example workflows to show a possible communication.
See also
For Android and iOS there is also the AusweisApp SDK Wrapper which is a software library that offers a high-level interface to the AusweisApp SDK.
Important
The AusweisApp does not provide any personal data to your client application directly as AusweisApp does not have access to this data for security reasons. AusweisApp facilitates a secure connection between the eID server and the ID card, enabling the eID server to get those data from the card.
This way your backend receives high level trust data. Since your client application runs in a user’s environment, you could not be sure about the integrity of the data if your client application were to receive high sensitive data from the AusweisApp directly as your backend does not have any possibility to verify the source of the data.
Also this approach, recommended for compliance reasons by the Federal Office for Information Security, spares your client application the necessity of encypting these high sensitive data.
In case your client application requires data input from the ID card, you need to get this from the backend system (e.g. the eID server) after a successful authentication.
See also
TR-03124, part 1: Specifications