Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space PDOIDC and version master

To be sure... or not to be sure?

As the customer relationship moves from the physical into the digital world, people need an easy and secure way of interacting with organizations online. However, easy and secure don't always go hand-in-hand, and sometimes, prioritizing one aspect will compromise the other.

For some organizations, giving end users easy access to their services is more important than being sure about the end user's identity. But for others, being 100% confident on the end user's identity is of utmost importance. Just imagine if someone else was given access to your bank account or your health records, if someone could impersonate you in context of the housing register or public services, or if someone could register for a credit loan in your name. Generally, the more sensitive a customer relationship is in nature, the more value should be placed on verifying end users' identity.

Tip

BankID Authentication allows you to verify the end user's identity with the highest security level according to Norwegian and EU legislation

Authenticating with BankID

BankID offers authentication both on the highest and substantial level of security. This product is widely used in the Norwegian market today - BankID is the assurance and is the preferred authentication method for public services, bank services, and a lot of other business segments and applications.

With over 4 million BankID end users, you can be sure that your customers have a secure authentication method when going forward with BankID.

Vipps Logg inn

...

Tip
iconfalse

BankID allows you to verify the end user's identity with the highest security level according to Norwegian and EU legislation

Using our APIs for Authentication

Using the approach outlined below will return the end user's identity in the form of an ID token. The information contained in this token may be used to match the user against an existing customer profile, and thus allowing the user to enter as his/her identity has been confirmed by BankID.

StepWhat you doEndpointMethodConsiderationsRemarks
1

Get the key properties of the OIDC provider

Openid-configurationGET

2Build the authorization URL, and redirect the user to the authorization endpointAuthorizeGETUse login hint to choose level of assurance.
In the callback, make sure to check for error and matching states.
This is where the end user interacts with the BankID IDP selector and gives credentials for authentication (see user experience for details)
3Exchange authorization code for tokensTokenPOSTCheck matching nonce

Use the ID Token to identify the user. For other services, such as electronic signing or digital onboarding, also note that you can...

4Fetch our public keys and use these to validate token signaturesJwkGET