The API comprises implementation of the following set of endpoints according to the OpenID Connect 1.0 and OAuth 2.0 standards. 

The OIDC Provider from BankID includes both restrictions by not supporting certain optional parts of the standards and also make extensions by adding non-standard capabilities. 

See Core Concepts for a closer description of topics like Scopes and claims, ID Tokens, Access Tokens, Consent Handling, etc. that are vital to understand before start using the API.