Document toolboxDocument toolbox

Signing and encryption

This release of the OIDC Provider from BankID supports signing of the following data elements:

A pair of statically configured assymmetric keys are used according to details returned by the Jwk endpoint. OIDC Clients must validate signatures as part of ID Token validation and and validation of responses from Userinfo to ensure that they are not tampered with after being issued by the OIDC Provider from BankID 

Signing and encryption of request elements and/or encryption of response elements may be added as future options.