/
Client authentication
Client authentication
- Frode Nilsen (Unlicensed)
- Kristoffer Kristoffer (Unlicensed)
- Heikki Henriksen
Owned by Frode Nilsen (Unlicensed)
Last updated: 12 Apr 2019 by Kristoffer Kristoffer (Unlicensed)Version comment
Analytics
Loading data...
OIDC Clients must authenticate with the OIDC Provider for the Token and Introspect Endpoints. Among the standardized authentication methods the following are currently supported by the OIDC Provider from BankID:
- OIDC
client_secret_basicaccording to OAuth2 using the HTTP Basic authentication scheme - OIDC
client_secret_postaccording to OAuth2 by including the Client Credentials (client_idandclient_secret) in the request body
Support for the OIDC authentication schemes private_key_jwt and client_secret_jwt may be added as future option.
OIDC Clients requesting access to VAS-services that uses the OIDC Provider for authorization must in addition authenticate with VAS-Servers using Access Tokens from the OIDC Provider. The type of Access Token and also the scheme for passing such tokens to VAS-servers are specific for each of the supported kinds of Value Added Services.
, multiple selections available,
Related content
Client authentication
Client authentication
More like this
Core concepts
Core concepts
More like this
REST API
REST API
More like this
Consent handling
Consent handling
More like this
Core concepts
Core concepts
More like this
Message flow details
Message flow details
More like this