Versions Compared

Version Old Version 4 New Version Current
Changes made by

Heikki Henriksen

Kristoffer Kristoffer (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space PDOIDC and version master

...

A major benefit of the OIDC Provider is to simplify integration of the BankID service compared to the legacy integration option with BankID Server. The xID service, being a companion to BankID, offers zero- and one-click user experiences for applications that do not require the high security level offered by BankID. The Vipps service offers 2-factor login and signup. The  The Fraud Data service offers risk scoring for the authenticated user. The TINFO service provides additional information on the end-user, given that the end-user has consented. The AML service offers a dataset enabling merchants to fulfill anti-money laundering requirements. The PSD2 service supports various AISP and PISP use-cases under PSD2, including support for end-user consent and dynamic linking. In contrast to the Fraud Data and TINFO services, note that the PSD2 service does not implement any associated Resource Server. PSD2 resources are made availble to AISP/PISPs over an API decided by each ASPSP.. The Sign Document service offers digital signing of documents using BankID.

BankID is part of Vipps AS. Vipps AS also offers "Logg inn med Vipps" based on the OIDC standard. The service is a substitute for usernames and passwords providing zero- and one-click user experiences for applications that do not require the high security level offered by BankID. More information about the service can be found here: https://www.vipps.no/produkter-og-tjenester/bedrift/innlogging-og-identifisering/logg-inn-med-vipps/ with more technical documentation here: https://github.com/vippsas/vipps-login-api

Gliffy
size1200
nameOIDC Intro

...

  • OAuth2 clients in OAuth vocabulary
  • Relying Party in OIDC vocabulary
  • Merchant in BankID vocabularyASPSPs or TPPs in PSD2 vocabulary.

OIDC Clients use Scopes and Claims to request access to services. Identity Providers return ID Tokens containing assertions about the end-user and (optionally) Access Tokens to gain subsequent access to Value-Added Services. Consent handling is a key feature of the OIDC Provider that puts the end-user in control of delegating rights to an OIDC Client to access any Value-Added Service on behalf of the end-user. 

Live example clients are available to test and get familiar with the OIDC Provider and its supported services. Developers may visit Vipps AS GitHub for source code examples.