...
BankID offers authentication both on the highest and substantial level of securityassurance.
This product is widely used in the Norwegian market today - BankID is the preferred authentication method for public services, bank services, and a lot of other business segments and applications. With over 4 million BankID end users, you can be sure that your customers have a secure authentication method when going forward with BankID.
...
Step | What you do | Endpoint | Method | Considerations | Remarks |
---|---|---|---|---|---|
1 | Get the key properties of the OIDC provider | Openid-configuration | GET | ||
2 | Build the authorization URL, and redirect the user to the authorization endpoint | Authorize | GET | Use login hint to choose level of assurance. In the callback, make sure to check for error and matching states. | This is where the end user interacts with the BankID IDP selector and gives credentials for authentication (see user experience for details) |
3 | Exchange authorization code for tokens | Token | POST | Check matching nonce | Use the ID Token to identify the user. For other services, such as electronic signing or digital onboarding, also note that you can...
|
4 | Fetch our public keys and use these to validate token signatures | Jwk | GET |
...