OIDC Clients must be provisioned (configured) in order to gain access to the services supported by the OpenID Connect Provider from BankID. See the section on how to get started for a non-technical introduction.
The provisioning process is separate for each supported environment as shown in the following table. Provisioning results in security credentials being issued to the requesting party. The client must use these credentials to authenticate with selected endpoints of the REST API of the OIDC Provider. Client configurations are maintained across releases of the OIDC Provider in each environment unless specified otherwise..
| Environment | Client provisioning requests |
|---|---|
| PRE-PROD | Not available for provisioning. |
| PROD | Contact salg@bankidnorge.no in order to sign a contract and get access to the prod environment. |
| CURRENT | Visit the service desk for OIDC test environment and create a new Access request. Supply the required information and submit. |
BankID merchant certificate
OIDC Clients requesting access to the BankID service will by default use a shared BankID merchant certificate already hosted by the OIDC Provider unless a dedicated BankID merchant certificate is requested. See the below table for instructions on how to obtain dedicated certificates for each of the environments. BankID will be responsible for installation, hosting and management of the dedicated certificate on behalf of the requesting party.
| Environment | Dedicated BankID certificates |
|---|---|
| PRE-PROD | Not available for provisioning. |
| PROD | Inform salg@bankidnorge.no about your request for a dedicated certificate and BankID Norge will take care of ordering, activation and installation of the certificate. BankID Norge will need your organization number, organization name and the desired common name of the certificate to fulfill the request. |
| CURRENT | Please use the RA self-service tool for PRE-PROD to order a test certificate for your organization. After ordering is completed please use the tool to also active the certifiate in question. Then download the resulting certificate file (.bid file) and attach it to your provisioning request along with the pre-set password (qwer1234) for the certificate file. |