Resource servers

Introduction

A default feature with the BankID OIDC Provider is that it employs Access tokens for accessing protected resources regarding the end user in question. These protected resources are stored in resource servers which have different properties and features. This page is intented as an overview of these resource servers, with some reference points to the APIs used to request data from them, as well as some considerations regarding user involvement and scopes.


Overview

Resource serverDescriptionAPIsUser involvementComments
SignDocWhen performing electronic signing, this is where the order is created, stored, and retrieved after end user completes.

signdoc/pades

signdoc

The user interacts with BankID GUI for signing the documents.Is triggered by including the sign scope in the authorize request. See Getting started for more on this.
TINFO

Additional information about the authenticated end user.

userinfoConsent for sharing each requested data pointFor some scopes (email, address, phone) the user has to register data points with BankID the first time (see user experience). nnin scope is always available given that the merchant has legal basis for treating this.
AMLDatapoints related to the anti money laundering serviceSee AML APINone
Fraud DataDatapoints related to the fraud data servicesecurityDataNoneCurrently only available for issuing banks
Operational statusOperational status of BankID netcentric and BankID on mobileSee operational statusNone