Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space PDOIDC and version London_OIDC
Note
iconfalse

OIDC Clients must be configured

...

according to the below instructions in order to gain access to the services supported by the OpenID Connect Provider from BankID.

supported services. The provisioning process is separate for each supported environment and results in security credentials issued to the requesting party. The client must use these credentials to authenticate with  with selected endpoints of the REST API  of the OIDC Provider.

...

iconfalse

...

 Client configurations are maintained across releases of the OIDC Provider in each environment unless specified otherwise.

Visit the OIDC current service desk to request provisioning of an OIDC Client for test in the current environment.
EnvironmentClient provisioning requests
PRE-PROD / CURRENTVisit the OIDC preprod service desk to request provisioning of an OIDC Client for test in the for OIDC pre-production environment. and supply the information reuired in your request
PRODContact salg@bankidnorge.no to request provisioning of an OIDC Client in production and supply the information reuired in your request. A valid contract with BankID Norge AS or one of its resellers is required for provisioning in production.CURRENT
Warning
iconfalse

The CURRENT environment is not yet available for provisioning of OIDC Clients.

Anchor
required-information
required-information
Information required

 The following information must be supplied as part of the provisioning request:  

ItemWhat
1The requested environment (PRE-PROD, CURRENT, PROD)
2

Description of the OIDC Client and its intended use. 

3

A display name for the OIDC Client that will be shown in the header of the (default) OIDC dialogues.

42

Contact information for both technical and commercial issues.

35

Requested OAuth2 flows

46

Requested Identity Providers. If  See section below on BankID merchant certificate if BankID is requested, optionally a BankID Merchant certificate to be used, thus replacing the default certificate of the OIDC Service itself.among the requested IDPs.

75

Requested Value Added Services (VASs).

68

One of more URLs where control will redirected back to the OIDC client (redirect URLs must be pre-registered for safety reasons).

7

A display name for the OIDC Client that will be shown in the header of the (default) OIDC dialogues.

98Requested access to Norwegian National Identity Number. Note that such access will only be granted for eligible applications.

Anchor
bankid-merchantcert
bankid-merchantcert
BankID merchant certificate

OIDC Clients requesting access to the  BankID service will by default use a shared BankID merchant certificate already hosted by the OIDC Provider unless a dedicated BankID merchant certificate is requested. See the below table for instructions on how to obtain dedicated certificates for each of the environments. BankID will be responsible for installation, hosting and management of the dedicated certificate on behalf of the requesting party. 

EnvironmentDedicated BankID certificates
PRE-PROD / CURRENTPlease use the RA self-service tool for PRE-PROD to order a test certificate for your organization. After ordering is completed please use the tool to also active the certifiate in question. Then download the resulting certificate file (.bid file) and attach it to your provisioning request along with the pre-set password (qwer1234) for the certificate file.
PROD

Inform salg@bankidnorge.no about your request for a dedicated certificate and BankID Norge will take care of ordering, activation and installation of the certificate. BankID Norge will need your organization number, organization name and the desired common name of the certificate to fulfill the request.