Technical documentation
This section on technical documentation contains information on how to integrate with the services supported by the OpenID Connect Provider from BankID.
- See the problems we solve for further information on the products, features and functions of such services
- See the getting started guide for a step-by-step description on how to integrate BankID over OpenID Connect
- Access developer resources for info on environments, provisioning, and how to monitor the operational status of BankID
- See the Release Notes for information on changes and new features supported
BankID OpenID Connect overview
BankID services are available over OpenID Connect (OIDC) where we have a multi-tenant OpenID provider offering authentication and signing with BankID netcentric and BankID on mobile at LoA4. This OpenID provider has the capability to host several BankID merchant certificates where a Client (Relaying Party, BankID Merchant) may either be configured with its own BankID merchant certificate, or share a common BankID merchant certificate with other Clients.
The term OIDC Client is used for any application that integrates with the OIDC Provider, corresponding to the following terms in related vocabularies:
- OAuth2 clients in OAuth vocabulary
- Relying Party in OIDC vocabulary
- Merchant in BankID vocabulary
The BankID service is implemented as two different Identity providers offering support for both BankID netcentric and BankID on mobile.
OIDC Clients use Scopes and Claims to request access to services. Identity Providers return ID Tokens containing assertions about the end-user and (optionally) Access Tokens to gain subsequent access to resource servers for downloading signign results or end-user data through userinfo. Consent handling is a key feature of the OIDC Provider that puts the end-user in control of delegating rights to an OIDC Client to access any end-user data on behalf of the end-user.
Testing tools are available to test and get familiar with the OIDC Provider and its supported services.