The BankID IDP consists of the following options, distingused by Name, but both being LoA4 Services.
The BankID IDP in the OIDC Provider is a multi-tennant service having the capability to host several BankID merchant certificates. In its default configuration all OIDC Clients share a common BankID merchant certificate associated with the BankID OIDC Service itself. Alterntively, an OIDC Client may be configured with its own BankID merchant certificate. The BankID IDP includes support for both Bank netcentric and BankID on mobile.
BankID via the OIDC Provider is currently restricted to authentication. Future support for BankID signing may be added.
There are several benefits for merchants integrating BankID over OIDC rather than using a legacy integration via a locally installed BankID-server:
- The integration interface is the same for both BankID netcentric and BankID on mobile.
- The merchant does not need to implement any GUI for BankID on mobile since it is taken care of by the OIDC Provider itself
- The merchant does not need to implement a selector dialog for netcentric vs. mobil since the OIDC Provider offers such a selector dialogue.
- The integration interface is based on an industry-standard REST API being much more convenient than implementing via the legacy BankID-server.
- The merchant may have access to Value Added Services (VAS) that are not available via the legacy BankID server.
An OIDC Client make use of BankID either via login hints directly in the authorize request of the REST API or via integration with the JS Connector.
An OIDC Client may also customize its use of the BankID IDP.