Changelog
The AML service is running as a separate service and has its own release cycle different from the rest of the OIDC platform. See separate changelog for changes in the Anti-money laundering product.
The following tables summarizes changes in the releases of the OIDC Service:
OIDC 2023-11
Release date: 2023-08-29
| Change | |
|---|---|
| 1 | Add support for API versioning - introducing version 2 of BankID OIDC |
| 2 | Returns any BankID Error codes triggered during user session in error_description on callback to merchant. Here is an example where BID-20b0 was observed on the session: |
| 3 | Moves static error page path from https://login.bankid.no/error/* to https://login.bankid.no/err/* |
| 4 | (Version 2) Change format of AMR claim from an uppercase String to an array of lowercased Strings. |
| 5 | (Version 2) Introduce new claim api_ver in Tokens to indicate the BankID OIDC API version used to generate tokens. |
OIDC 2023-10
Release date: 2023-06-21
| Change | |
|---|---|
| 1 | Fixed issue in Fraud Data RS service. |
OIDC 2023-09
Release date: 2023-06-22 (delayed)
| Change | |
|---|---|
| 1 | Internal improvements and bug fixes. |
OIDC 2023-08
Release date: 2023-05-02
| Change | |
|---|---|
| 1 | Removed 1881 integration in additional user information step. |
| 2 | Updated the consent screen for sharing NNIN. |
OIDC 2023-07
Release date: 2023-04-17
| No | Change |
|---|---|
| 1 | Fixed a bug in JWKS uri responses where the EC keypairs occasionally returned less bytes than expected. |
| 2 | Update error messages to include a longer reference ID and the date. |
OIDC 2023-06
Release date: 2023-03-10
| Change | |
|---|---|
| 1 | Fixed a bug where users could get stuck if cancelling BankID Biometrics and cancelling the following BankID authentication in the same session. |
OIDC 2023-05
Release date: 2023-03-13
| Change | |
|---|---|
| 1 | PDF documents uploaded to Sign Document RS will be automatically converted to PDF/A to be compliant with BankID Document Signing. |
OIDC 2023-04
Release date: 2023-03-08
| Change | |
|---|---|
| 1 | Internal improvements and bug fixes |
OIDC 2023-03
Release date: 2023-02-28
| Change | |
|---|---|
| 1 | Bring back support for legacy logout method using only redirect_uri query param. We recommend all merchants using our logout endpoint to switch to RP-initiated logout. |
| 2 | Internal improvements and bug fixes |
OIDC 2023-02
Release date: 2023-02-01
| Change | |
|---|---|
| 1 | Fixed an issue causing occasional 404 responses to OpenID Configuration and JWKS endpoints. |
OIDC 2023-01
Release date: 2023-01-11
| Change | |
|---|---|
| 1 | Upgrade internal components |
OIDC 2022-09
Release date: 2022-12-13
| Change | |
|---|---|
| 1 | Upgrade internal components |
OIDC 2022-08
Release date: 2022-11-15
| Change | |
|---|---|
| 1 | Trust CA certificates for preprod, current and production x5c validation, see Trust CA certificates for x5c validation |
| 2 | Mobile keyboard overlaps "Next" button in NNIN view |
OIDC 2022-07
Release date: 2022-09-06
| Change | |
|---|---|
| 1 | Support key rotation (disabled) |
| 2 | Fix, ignore unrecognized request parameters |
| 3 | Improve user experience on wrong/invalid NNIN |
| 4 | Use text "National ID number" instead of "User ID" |
OIDC 2022-06
Release date: 2022-06-21
| Change | |
|---|---|
| 1 | Signing sessions now have a minimal timeout of 5 minutes. |
| 2 | Unified loading spinners across user interfaces. |
| 3 | Updated redirect chain to use automatic form POST instead of GET redirect in some places. |
| 4 | Favicon is back. |
OIDC 2022-05
Release date: 2022-05-31
| Change | |
|---|---|
| 1 | Added support for display parameter in the Authorization Request to provide merchants ways to display BankID user interface that is more consistent with the type of user agent. E.g. better fit for mobile apps or window popups. |
OIDC 2022-04
Release date: 2022-05-11
| No | Change |
|---|---|
| 1 | Added BankID method selector and NNIN input with new look-and-feel |
| 2 | Updated look-and-feel of error pages |
OIDC 2022-03
Release date: 2022-04-21
| Change | |
|---|---|
| 1 | Added chgpwd scope used to initiate an end-user change of password in the BankID netcentric web client |
| 2 | Support signing sessions up to 1 hour before timeout |
| 3 | Internal improvements and bug fixes |
OIDC 2022-02
Release date: 2022-02-15
| Change | |
|---|---|
| 1 | Added sid to tokens. See depreciation notice session state replaced by sid in tokens |
| 2 | Internal improvements and bug fixes |
OIDC 2021-10
Release date: 2021-10-28
| Change | |
|---|---|
| 1 | Changed path for IDP view |
| 2 | Internal improvements and bug fixes |
OIDC 2021-09
Release date: 2021-09-06
| Change | |
|---|---|
| 1 | Add BankID Proof token |
| 2 | Internal improvements and bug fixes |
OIDC 2021-08
Release date: 2021-08-10
| Change | |
|---|---|
| 1 | Add favicon to BankID OIDC client |
| 2 | Changes related to supporting old and new domains |
| 3 | Internal improvements and bug fixes |
OIDC 2021-07
Release date: 2021-07-08
| Change | |
|---|---|
| 1 | Signdoc RS returns HTTP 403 Forbidden instead of HTTP 500 if missing scope signdoc/read_write |
| 2 | Changes related to supporting old and new domains |
| 3 | Internal improvements and bug fixes. |
OIDC 2021-06
Release date: 2021-06-07
| Change | |
|---|---|
| 1 | Fixed issue causing BankID on mobile not working on Safari on Mac and iOS browsers. |
| 2 | Internal improvements and bug fixes. |
OIDC 2021-05
Release date: 2021-05-18
| Change | |
|---|---|
| 1 | Support encryption of login hint by using encryption key from "jwks_uri_enc" in OpenID configuration |
| 2 | Internal improvements and bug fixes. |
OIDC 2021-04
Release date: 2021-04-20
| Change | |
|---|---|
| 1 | Resolved issue that caused resource servers to respond with 401 Unauthorized even if the access token used is valid |
| 2 | Internal improvements and bug fixes. |
OIDC 2021-03
Release date: 2021-03-23
| Change | |
|---|---|
| 1 | Userinfo now returns all given names |
| 2 | BankID OIDC now returns error with value |
| 3 | BankID OIDC now returns error with value |
| 4 | Add support for encryption of login_hint |
| 5 | Internal improvements and bug fixes. |
OIDC 2021-02
Release date: 2021-03-18
| Change | |
|---|---|
| 1 | Scheduled maintenance: https://bankid-services.statuspage.io/incidents/076b2wwy996j |
| 2 | Internal improvements and bug fixes. |
OIDC 2021-01
Release date: 2021-01-28
| Change | |
|---|---|
| 1 | BID signing view is now bigger and resizable to improve user experience. |
| 2 | Removed Norwegian Nynorsk, i.e. "nn", from ui_locales_supported in OpenID configuration as it was never supported. |
| 3 | Internal improvements and bug fixes. |
OIDC 2020-11
Release date: 2020-12-02
| Change | |
|---|---|
| 1 | Internal bug fix |
OIDC 2020-09/10
Release date: 2020-11-19
| Change | |
|---|---|
| 1 | Fixed bug causing birthdate claim to be off-by-one day for some users. |
| 2 | Internal improvements |
OIDC 2020-08
Release date: 2020-09-16
| Change | |
|---|---|
| 1 | Fixed bug that was causing birthdate claim to be absent from tokens for users that was authenticating through OIDC for the first time. |
| 2 | Internal improvements |
OIDC 2020-07
Release date: 2020-06-25
| Change | |
|---|---|
| 1 | Maintenance update to internal systems. All authorization and authentication services was affected. Estimated downtime: 5-15 minutes. |
OIDC 2020-06
Release date: 2020-05-11
| Change | |
|---|---|
| 1 |
This change was reverted on 2020-05-14 due to it's backwards incompatible changes in token payload. |
| 2 | Added support for specifying OTP mechanism in login hint |
| 3 | Internal improvements and bug fixes |
OIDC 2020-05
Release date: 2020-04-15
| Change | |
|---|---|
| 1 | Internal improvements and bug fixes |
OIDC 2020-04
Release date: 2020-04-02
| Change | |
|---|---|
| 1 | Fix for KMF-54 |
| 2 | Display merchant logo when using TINFO |
| 3 | Added alt attribute for merchant logo |
| 4 | Internal improvements and bug fixes |
OIDC 2020-03
Release date: 2019-03-05
| Change | |
|---|---|
| 1 | Improved user experience for TINFO when only asking for NNIN |
OIDC 2020-02
Release date: 2020-02-14
| Change | |
|---|---|
| 1 | Stability improvements for TINFO service |
| 2 | Shorter timeout and better feedback to end-user when TINFO service is not responding |
| 3 | Internal improvements and bug fixes |
OIDC 2020-01
Release date: 2020-02-04
| Change | |
|---|---|
| 1 | Added button to confirm redirect after BIM authentication is completed when using Android and Chromium browser |
| 2 | Fixed bug that was causing BIM text sign to fail |
| 3 | Fixed bug that was causing client not starting for IE 11 |
| 4 | Fixed bug that was causing screen readers to read hidden text fields in client |
| 5 | Internal improvements and bug fixes |
OIDC 2019-8
Release date: 2019-12-04
| Change | |
|---|---|
| 1 | Resolved issue for users met with error message "User with username (...) already exists." |
| 2 | Fixed bug that allowed documentDisplayMode to be set to null when creating a new signing order |
| 3 | Internal improvements and bug fixes |
OIDC 2019-7
Release date: 2019-10-29
| Change | |
|---|---|
| 1 | Fixed bug that was causing incorrect error code to be displayed when signing with BankID on mobile. |
| 2 | Internal improvements and bug fixes |
OIDC 2019-6
Release date: 2019-09-11
| Change | |
|---|---|
| 1 | Added support for PAdES (PDF Advanced Electronic Signatures). |
| 2 | Fixed a bug that was causing error for some users of IE11 |
| 3 | Improved error handling in situations where there are multiple windows for same session |
OIDC 2019-5
Release date: 2019-07-02
| Change | |
|---|---|
| 1 | Added new claim ‘additionalCertInfo’ in ID Token containing information about the end user certificate. |
| 2 | The client_id of the OIDC client is no longer part of the audience (aud) claim in the Access Token. |
| 3 | Internal improvements and bug fixes. |
OIDC 2019-4
Release date: 2019-06-17
| Change | |
|---|---|
| 1 | Deprecation of implicit and hybrid flow. |
| 2 | Bugfixes and improvements. |
OIDC 2019-3
Release date: 2019-05-22
| Change | |
|---|---|
| 1 | Bugfixes and improvements. |
Skopje (OIDC)
Release date: 2019-04-30
| Change | |
|---|---|
| 1 | Technical platform-upgrade |
| 2 | No functional changes |
| 3 | Since this release paves the way for us to release more often, this is the last named release. |
Sofia (OIDC)
Release date: 2019-02-25
| Change | |
|---|---|
| 1 | Added option to show merchant logo as part of the end user dialogues |
| 2 | Improved error handling by replacing presentation of some general error codes with more detailed and precise error codes |
| 3 | Added the possibility for merchants to subscribe to error notifications through a new push feature |
| 4 | The claim 'username' is removed from introspect response, as the same information is available through other claims |
| 5 | Better support for old browsers and devices |
| 6 | Internal improvements and bug fixes |
Roma (OIDC)
Release date: 2018-12-17
| Change | |
|---|---|
| 1 | The Document and Text Signing service is production ready |
| 2 | A series of different small improvements and bug fixes |
Ljubljana (OIDC)
Release date: 2018-11-13
| Change | |
|---|---|
| 1 | Visual improvements |
| 2 | Information about originator in id_token |
| 3 | Lots of other important and not so important fixes |