lbschenkel I know it's off topic but I was looking at the code display as an backup option and found that they also have the "MitID Chip". Looking into it's spec, I found that it use the FIDO U2F standard which made me wonder if I could register any FIDO U2F complaint hardware tokens with MitID, like the Yubikey 5 NFC?

Do you know if that is possible?

      trilogy6202 I'm certain that the only approved devices are the ones in the MitID page. To enroll a different U2F authenticator, they would need to implement generic U2F enrollment functionality to allow you using other hardware and they won't do that for obvious reasons.

          lbschenkel But it's good that you mentioned the chip option, I mistakenly thought that it was only used for company accounts, not personal ones. I checked and it's possible to have it alongside a code display. That can be a good way of having two authenticators and avoiding the app altogether. I'm considering ordering one (but unlike the other options, this one is not free).

              It's possible to order an extra code display dongle - that's priced at DKK 41.75 (incl. VAT...).

              There's also the possibility of ordering a second one for free under the pretext of the first one having been lost or broken, but I'd assume the first one would be blocked in that case.

              Edit: My solution going forward, having been without anything but the dongle for months, will be to install the app v. 73 in a secondary profile to supplement the dongle.

                user1 The website makes it pretty clear that you cannot have two dongles attached to the same account. You must revoke the existing one before it lets you activate a new one.

                    [deleted] This is very bad advice and it's completely inappropriate to criticize people for using GrapheneOS as it was intended to be used.

                      Could someone who does not use MitID (or who does not care if it breaks) and has version 2023032600 of GrapheneOS + Play Services version 23.10.15 try installing the latest version from the store, launch it and report here what you see after waiting 10 seconds? (1) welcome screen (2) stuck at blue loading screen (3) message that the phone is rooted

                        Just the blue loading screen as well. Only had it while being like this. Hope it will work in the future.

                        lbschenkel Testing: I installed the app now for the first time. The app opened fine for me and I got past the blue loading screen, accepted the privacy policy, and proceeded with adding Danish ID. I stopped at the point where my camera opened to scan a copy of a Danish passport.

                        Google Play Services version 23.11.14
                        GrapheneOS version 2023032600

                            treequell worka for me AS well. The APP nas been updated. Have only tried if it works, no pass etc

                              3.0.3 (76): works with GOS 2023032600 + Play Services 23.10.15

                              I can confirm it works for me date: 31/03/2023, the last time I checked.

                              MitID works for me without Play services.

                              Pixel 4a
                              MitID Version 3.0.3
                              GrapheneOS 2023032600
                              Google Services Framework installed but disabled.

                              Since im not a citizen from the aforementioned countries I could just click through until I was asked to scan my ID. I had no issues or error prompts whatsoever.

                                lbschenkel Yes that's correct. I should have probably mentioned that I do have Google Play services and Google Play Store installed but in a secondary user profile. In my main user profile I have Google Services Framework but disabled and MitID installed. I need that for Gcam to work properly which I'm going to delete anyways since with the next GrapheneOS update Gcam should work without the need to have Google Services Framework present.

                                I don't know if having Google Play Services and Google Play Store installed in a different, secondary user profile that's not even active has an effect on MitID.

                                I also have an always on VPN. Maybe that has an effect on MitID as well.

                                  lbschenkel Okay having google apps installed in secondary user profiles should not have an effect on apps in the main profile. I deleted Google Services Framework in the main profile (while having it installed in my secondary user profile) Gcam stopped working.

                                  It makes sense since apps cannot communicate between profiles and since this Google apps aren't privileged on GrapheneOS it applies to them as well. So MitID nor any other app in the owner profile knows what apps are installed in other profiles. So yes MitID seems to be working with just a disabled Google Services Framework app.

                                    That will simplify keeping track of the compatibility matrix; since MitID works without Play Services then I guess that the version becomes irrelevant.

                                    4 days later
                                    7 days later

                                    Re-checked with 2023041100 and it still works.

                                    There is a new version in the Play Store (3.0.4), is there any brave soul willing to install it and report here (alongside the GOS version)?

                                      Works fine after the latest update all the way from install to actually using the app

                                      I dont use GPS, installed via aurora

                                        Duckduck Interesting that MitID doesn't require GPS, I didn't know or expect that. Then it's actually only my mobile banking app and e-boks that prevents me from deleting my "Google Play" user profile.

                                            Grkrz Hmm why didn't I think of that. I might try adding e-boks and my mobile bank as PWA on my user profile with GSF and see how that works.

                                                Also apps like mobilepay says it requires GPS, but if you dismiss that promt, the app works fine without. Was also quite surprised that mitid works without GPS

                                                trilogy6202

                                                    Duckduck Yeah I've been made aware of this in hear recently. Actually mobilepay doesn't even require GSF. It will give you a warning every time you open it but it will work nonetheless, except for notifications.

                                                      Duckduck the only concern I have with disabling Google services and not being connected to play store is that all apps like bank, mobilPay, bank app, mitID ect apps have to downloaded from Aurora store.
                                                      Aurora Store is OK for not important apps but downloading bank app I would say is a bit riski. Would like to heat your comments on that.

                                                          Grkrz Aurora is open source and downloads directly from Google's own servers, the binaries are the same ones you'll get from the Play Store app. If you don't compile it yourself, naturally you will need to trust the provider of the Aurora binary app (either Aurora itself or F-Droid).