Openid-configuration is a standard endpoint that returns a JSON-formatted response containing configuration metadata in terms of key properties of the OIDC Provider. Among other things this endpoint is used to token signature validation.

Request parameters

None

Response elements

The response is a JSON structure according to standard.

Postman example

Below is an example response for the OIDC Provider in its current BankID pilot configuration in pre-production:

{
"issuer":"https://preprod.bankidapis.no",
"authorization_endpoint":"https://preprod.bankidapis.no/oidc/oauth/authorize",
"token_endpoint":"https://preprod.bankidapis.no/oidc/oauth/token",
"userinfo_endpoint":"https://preprod.bankidapis.no/oidc/oauth/userinfo",
"jwks_uri":"https://preprod.bankidapis.no/oidc/oauth/userinfo/jwk",
"scopes_supported":[
"standard_bankid", "address", "phone",
"nnin", "openid", "profile",
"email"
],
"response_types_supported":[
"code", "token", "id_token",
"id_token token", "code token", "code id_token",
"code id_token token"
],
"response_modes_supported":[
"query", "fragment", "form_post"
],
"grant_types_supported":[
"authorization_code"
],
"subject_types_supported":[
"public"
],
"id_token_signing_alg_values_supported":[
"RS256"
],
"userinfo_signing_alg_values_supported":[
"RS256", "none"
],
"token_endpoint_auth_methods_supported":[
"client_secret_post", "client_secret_basic"
],
"claim_types_supported":[
"normal"],
"claims_supported":[
"preferred_username", "name", "sub",
"iat", "iss", "auth_time",
"exp", "birthdate", "nonce",
"amr", "azp", "bid_code",
"aud", "at_hash", "c_hash",
"nnin", "address", "phone"
],
"claims_parameter_supported":false,
"ui_locales_supported":[
"no",
"en"
],
"login_hint_supported":"[BIM|BID][:\\d{11}][:\\d{8}][:\\d{6}] for respectively client_type, nnin, phoneNo, birthday",
"serverVersion":"bankid-oauth-api 1.2.0"
}