The OIDC Provider is currently available in three different pilot configurations corresponding to the columns in the following table. Each of the pilot configurations support various feature combinations as shown. All features will be consolidated into one single configuration after the pilot phase.  

 

FeaturesBankID pilotxID pilotPSD2 pilot
Identity Providers   
BankID(tick)(tick)(warning) 
xID(error)(tick)(warning) 
Protcted Resources   
TINFO(tick)(tick)(warning) 
PSD2(error)(error)(warning) 
(tick) = Supported. (error) = Not supported. (warning) = In progress / future support

Each of the pilot configurations are in turn available in different environments (preview, pre-prod) as shown in the following table, each with its own base URLs for the REST API and the default GUI component, respectively.
Base URLBankID pilotxID pilotPSD2 pilot
Preview

API: preview.bankidapis.no/oidc

GUI: oidc.bankidnorge.no

API: preview.bankidapis.no/oidc-xid-poc

GUI: xid-poc.bankidnorge.no

(warning) 
Pre-prod

API: preprod.bankidapis.no/oidc

GUI: oidc-preprod.bankidnorge.no

API: preprod.bankidapis.no/oidc-xid-poc

GUI: xid-poc-preprod.bankidnorge.no

(warning) 

Please contact developer@bankidnorge.no to request access to any of the pilot configurations in any of the environments.

The following information must be supplied by the owner of the OIDC Client that requests access.

  • Description on what the OIDC Client is going to be used for
  • Contact information for both technical and commercial requests.
  • Requested Identity Providers (IDPs).
  • Requested Protected Resources
  • If BankID is requested, optionally a BankID Merchant certificate to be used, thus replacing the default certificate of the OIDC Service itself.
  • Requested scopes and claims (user properties or resources). 
  • One of more URLs where control will redirected back to the OIDC client (redirect URLs must be pre-registered for safety reasons).
  • A display name for the OIDC Client that will be shown in the header of the (default) OIDC dialogues.
  • Optionally an URL for custom GUI handling overriding the default GUI component of the OIDC Provider.

Sucessfull enrollment results in the return of a client_id and a client_secret that the owner of the OIDC Client must use when calling selected endpoints of the REST API.