The OIDC Provider from BankID currently supports signing of the following data elements in responses from the OIDC Provider :
A pair of statically configured assymmetric keys are used according to details returned by the Jwk endpoint. OIDC Clients must validate signatures as part of ID Token validation and and validation of responses from Userinfo to ensure that they are not tampered with after being issued by the OIDC Provider from BankID
Signing and encryption of request elements and/or encryption of response elements may be added as future options. |