The provisioning process is separate for each supported environment and results in security credentials issued to the requesting party. The client must use these credentials to authenticate with selected endpoints of the REST API of the OIDC Provider. Client configurations are maintained across releases of the OIDC Provider in each environment unless specified otherwise.
| Environment | Client provisioning requests |
|---|---|
| PRE-PROD / CURRENT | Visit the service desk for OIDC pre-production and supply the required information in your request |
| PROD | Contact salg@bankidnorge.no and supply the required information in your request. A valid contract with BankID Norge AS or one of its resellers is required for provisioning in production. |
Required information
The following information must be supplied as part of the provisioning request:
| Item | What |
|---|---|
| 1 | The requested environment (PRE-PROD, CURRENT, PROD) |
| 2 | Description of the OIDC Client and its intended use. |
| 3 | A display name for the OIDC Client that will be shown in the header of the (default) OIDC dialogues. |
| 4 | Contact information for both technical and commercial issues. |
| 5 | Requested OAuth2 flows |
| 6 | Requested Identity Providers. See section below on BankID merchant certificate if BankID is among the requested IDPs. |
| 7 | Requested Value Added Services (VASs). |
| 8 | One of more URLs where control will redirected back to the OIDC client (redirect URLs must be pre-registered for safety reasons). |
| 9 | Requested access to Norwegian National Identity Number. Note that such access will only be granted for eligible applications. |
BankID merchant certificate
OIDC Clients requesting access to the BankID service will by default use a shared BankID merchant certificate already hosted by the OIDC Provider unless a dedicated BankID merchant certificate is requested. See the below table for instructions on how to obtain dedicated certificates for each of the environments. BankID will be responsible for installation, hosting and management of the dedicated certificate on behalf of the requesting party.
| Environment | Dedicated BankID certificates |
|---|---|
| PRE-PROD / CURRENT | Please use the RA self-service tool for PRE-PROD to order a test certificate for your organization. After ordering is completed please use the tool to also active the certifiate in question. Then download the resulting certificate file (.bid file) and attach it to your provisioning request along with the pre-set password (qwer1234) for the certificate file. |
| PROD | Inform salg@bankidnorge.no about your request for a dedicated certificate and BankID Norge will take care of ordering, activation and installation of the certificate. BankID Norge will need your organization number, organization name and the desired common name of the certificate to fulfill the request. |