xID

This IDP consists of the following and is a LoA2 Service:

Service Name
(amr)

LoA
(acr)

xID xID 2

The xID IDP in the OIDC Provider provides access to the xID Service. An integral part of the xID IDP is to provide stepup to the BankID IDP whenever required. Note that such stepup is initated, and handled, by the xID IDP itself when the end-user cannot be determined via device detection. The merchant is not involved in any way for such a stepup. This is in contrast to any stepup from xID to BankID that the merchant may initiate for other business reasons. In the later case the OIDC Client for the merchant needs to be registered and configured both for the xID service and the BankID service. 

Note that values for amr and acr returned in the ID Token will be those for BankID if xID did a step-up. In the normal case these values will be those for xID. In the former case the OIDC Client may ommit any subsequent merchant initiated step-up to BankID since the xID authentication has already resulted in a BankID authentication. An alternative is to progress with the merchant-initiatied step-up to BankID using the ID Token from the xID-initiated step-up to BankID in the id_token_hint request parameter.

An OIDC Client make use of xID either via login hints directly in the authorize request of REST API or via integration with the JS Connector.

An OIDC Client may also customize its use of the xID IDP.