Page tree
Skip to end of metadata
Go to start of metadata

The REST API of the OIDC Provider from BankID consists of a set of Endpoints, TokensScopes and Claims according to the  OpenID Connect 1.0 (OIDC) and OAuth 2.0 (OAuth2) standards.  A key feature of the OIDC platform is to provide uniform handling of Claims with corresponding Consent handling across all supported IDPs. 

The OIDC Provider from BankID does in addition provide a set of JavaScript Connectors being front-end wrappers for the REST API. OIDC Clients should use such connectors because it simplifies integration work and ensures that the REST API is used in the intended way.

Since the OIDC/OAuth standards are frameworks, any particular implementation may make both restrictions and extensions. The OIDC Provider from BankID includes both restrictions by not supporting certain optional parts of the standards and also make extensions by adding non-standard capabilities.

The OIDC Provider from BankID employs signing and encryption of certain data elements over the REST API. Important examples are signing of ID Tokens and responses from Userinfo. An OIDC Client needs to authenticate with the OIDC Provider for many of the Endpoints.  A separate section on message flow provides an elaborated understanding of message flow both over the REST API as such and also the message flow with components behind the REST API. The REST API supports all flows from the OIDC/OAuth2 standards.

 

  • No labels