...
- The OIDC Client must request as the scope associated with the claim
- The claim must be configured in for the OIDC Provider for access by Client at the OIDC ClientProvider
- The end-user must give his consent if the claim demands consent handling
Five different scope configurations are supported as suggested by the below table, corresponding to the standard scopes profile, email, phone and address and the non-standard scope nnin. Note that some of the claims associated with the profile scope are returned with the ID Token whereas others are returned via Userinfo. Among all supported claims, note that nnin is available only to eligible OIDC Clients. The end-user is always in control of the set of claims that is actually returned since most claims demand consent from from the end-user.
The OIDC Provider from BankID supports signed responses from Userinfo.
...