Ready to get started with OpenID Connect? Here is what you need to do.

 

 

The preferred approach going forward with OpenID Connect is to implement using one of our partners. Alternatively, merchants can choose to implement directly themselves, without the involvement of a partner.

Using a partner

Using a partner is the easiest way to get started with OpenID Connect.

BankID Norge has a number of associated partners that are ready to guide you through the OIDC implementation process. There are a number of benefits of going forward using a BankID Norge partner:

  • Our partners are experts on digitizing businesses. They have extensive competence about OIDC, as well as knowledge about specific industry solutions.
  • The selected partner will offer you support and guidance, in the implementation process but also as long as you run the OIDC services.
  • A partner tailors the implementation process for your needs. They may do everything for you, or adjust the process to assist in your preferred way.
  • Partners may offer more extensive and quicker support.
  • Partners may bundle OIDC services from BankID Norge with other services that may be relevant to your use case, such as payment and check-out solutions, as well as alternative authentication solutions and ID services (such as Swedish BankID and NemID).

If a partner approach is selected, the partner of your choosing will guide you through every step of the OIDC implementation process - specifying needs, integration, test and going live. Your partner of choice will also handle everything related to management of your OIDC service, including support and invoicing (partners may operate with their own prices - contact a partner to get an offer).

To move forward with this approach, select a partner and contact them directly, or alternatively contact our sales team at salg@bankidnorge.no for guidance on which partner we recommend for your case.

Direct implementation

If you wish to move forward without the involvement of one of our partners, please follow the steps as outlined below. Note that BankID Norge has very limited capacity to assist merchants choosing this alternative on integrating against our OIDC services. As such, we highly recommend merchants with limited technical capabilities or resources to use one of our partners in this process.

1 Specify your needs

BankID Norway offers several Identity Providers and Value-Added Services delivered over the OIDC platform. Visit these pages, as well as the product literature, to learn more about the different services and decide which ones you require to meet your needs. If in doubt, you can contact BankID Norge's sales department by email at salg@bankidnorge.no for guidance and advice.

2 Integrate with our OIDC services

Please visit technical documentation to learn more about how to set up and integrate towards our OIDC services.

Need help? Contact one of our partners and get guidance throughout the process, or email our sales team at salg@bankidnorge.no to get help selecting a partner.

3 Test your OIDC integration

Once you have integrated towards the OIDC platform, the next step is to test the OIDC implementation towards our current environment. In order to do this, the merchant must be configured by BankID Norge and as such gain access to using the services in a test context. To request configuration in current, visit the OIDC pre-prod servicedesk, create a new ticket from the Access button, and supply the required information before you submit your request. If you need help on completing your request, visit provisioning for guidance.

BankID Norge will forward the credentials needed to access the current environment as soon as the request has been reviewed. Note that this may take up to two days.

Please note that you have to be a registered user in JIRA before submitting. If you do not have a registered user in JIRA, create one by following the above link, and then complete your request.

Test users can be created by using the self service RA Light. Note that preparation of test users with support for BankID on mobile is in most cases unnecessary for testing the OIDC platform (and requires special SIM cards). Netcentric BankID should cover most use cases as the platform handles the choice between the two authentication methods internally. For testing the AML service dedicated predefined test subjects should be used.

Merchants looking to test BankID over OIDC are required to use a BankID merchant certificate. The default option is to use a shared BankID certificate already hosted by the OIDC Provider. Alternatively, the merchant can use a dedicated BankID certificate for this purpose. Visit the provisioning page to learn more about BankID certificates.

4 Go live with OIDC

After testing your solution in our pre-prod environment and making sure everything works as intended, the final step is to go live with your OIDC services by accessing our prod environment. In order to do this, you must sign a contract with BankID Norge governing the use of the intended OIDC services. Please contact salg@bankidnorge.no and they will assist to get you signed, or alternatively recommend a partner that may constitute a better fit for your needs.

Merchants looking to use BankID over OIDC are required to use a BankID merchant certificate. The default option is to use a shared BankID certificate already hosted by the OIDC Provider. Alternatively, the merchant can use a dedicated BankID certificate for this purpose. Visit the provisioning page to learn more about BankID certificates.

Now what?

Congratulations! You should now be ready to offer a simplified authentication experience through the use of OpenID Connect. A couple of nice things to know:

  • In order to make the user experience as good as possible, be sure to check out the product literature for tips and guidelines on your implementation.
  • When not using a partner, BankID Norge will serve as the first line of support. The technical resource listed in the contract will soon after signing receive an invitation to join our support service desk for OIDC in production.
  • When not using a partner, BankID Norge is responsible for invoicing, which will occur on a monthly basis. For more information, please refer to our pricing information.

 

We are continuously working to improve our customer experience. A new tool for simplifying the contract management process is under development, and will launch during spring 2018.

 

 

 

  • No labels