Authenticating with BankID

BankID offers authentication both on the highest and substantial level of assurance and is the preferred authentication method for public services, bank services, and a lot of other business segments and applications.

With over 4 million BankID end users, you can be sure that your customers have a secure authentication method when going forward with BankID.

BankID allows you to verify the end user's identity with the highest security level according to Norwegian and EU legislation

Using our APIs for Authentication

Using the approach outlined below will return the end user's identity in the form of an ID token. The information contained in this token may be used to match the user against an existing customer profile, and thus allowing the user to enter as his/her identity has been confirmed by BankID.

Step	What you do	Endpoint	Method	Considerations	Remarks
1	Get the key properties of the OIDC provider	openid-configuration	GET
2	Build the authorization URL, and redirect the user to the authorization endpoint	authorize	GET	Use login hint to choose level of assurance. In the callback, make sure to check for error and matching states.	This is where the end user interacts with the BankID IDP selector and gives credentials for authentication (see user experience for details)
3	Exchange authorization code for tokens	token	POST	Check matching `nonce`	Use the ID Token to identify the user. For other services, such as electronic signing or digital onboarding, also note that you can... Use the Access token to access additional services provided by the BankID OIDC Provider, such as signing documents online Use the Refresh token to retrieve new access tokens Verify and store the BankID Proof token to prove that an end-user has authenticated with BankID Netcentric or BankID on Mobile.
4	Fetch our public keys and use these to validate token signatures	jwk	GET