The following table summarizes changes in this release of the OIDC Provider from BankID since its preceeding release:

No Changes in 2017-12-06 Luxembourg (OIDC) since 2017-02-02 BankID Pilot (OIDC)
1 The baseurl for the REST API has changed

The current version is built on Keycloak whereas the predecessor version was built on  Apache CFX.


The current version is equipped for load-balancing and application clustering, thus supporting large-scale operation.

4 Support for the TINFO-service via the standardized OIDC Userinfo endpoint has been removed. TINFO vil be supported again in a sucessor version but then via a regular OAuth2 Resource Server and not via the OIDC Userinfo endpoint.

The predecessor version used BankID PID for the sub claim. The current version uses a generic GUID value for the sub claim. The BankID PID is available in a separate claim called bankid_altsub. The latter claim is missing for IDPs that are not related to BankID in any way.

See ID Token for further information.

6 Access to Norwegian National Identity Number (NNIN) has been refined as follows.
  1. Eligible merchant are granted access for the purpose of looking up already existing users via a claim called nnin_altsub in the ID Token. This product option does not demand any consent from the end-user. Merchants may not use this product option to onboard new customers by Norwegian National Identity Number
  2. Eligible merchant are granted access for the purpose of onboarding new users via a claim called tinfo/nnin in the TINFO-service. This product option demand consent from the end-user

See ID Token and Access Token for further information.


The content and structure of ID Tokens have changed slightly


The content and structure of Default Access Tokens have changed sigificantly. The current version supports self-contained tokens whereas the predecessor version supported by-reference tokens.

See Access Token for further information. 


Support for Refresh Tokens has been added.

10 Support for a JS Connector has been added. The JS Connector simplifies integration for front-end applications.

The documentation has been improved in structure and clarity.