Getting started


This page is intended to be a quick-start guide for developers who seek to implement a solution for authentication. The page will outline a quick-start guide for using our APIs in this context, as well as some considerations that are good to know.

We emphasize that even though this guide contains most of the information needed to set up authentication with BankID, you'll need a commercial agreement with one of our partners in order to go live. We encourage to do this as early as possible. For more information on this, check out our getting started guide.

Using our APIs for Authentication

Using the approach outlined below will return the end user's identity in the form of an ID token. The information contained in this token may be used to match the user against an existing customer profile, and thus allowing the user to enter as his/her identity has been confirmed by BankID.

StepWhat you doEndpointMethodConsiderationsRemarks

Get the key properties of the OIDC provider


2Build the authorization URL, and redirect the user to the authorization endpointauthorizeGETIn the callback, make sure to check for error and matching statesThis is where the end user interacts with the BankID IDP selector and gives credentials for authentication (see user experience for details)
3Exchange authorization code for tokenstokenPOSTCheck matching nonce

Use the ID Token to identify the user. For other services, such as electronic signing or digital onboarding, also note that you can...

4Fetch our public keys and use these to validate token signaturesjwkGET