The OIDC Provider from BankID currently supports signing of the following data elements in responses from the OIDC Provider :
A pair of statically configured assymmetric keys are used according to details returned by the Jwk endpoint. OIDC Clients must validate the signatures of ID Tokens and responsen from Userinfo to ensure that they are not tampered with after being issued by the OIDC Provider from BankID