Enable BankID in your services
To get you started with BankID identification through E-Ident, Nets will need a merchant certificate and some configuration setting information from you. The configuration settings are supplied in the setup dialogue with support.
More information about BankID:
Merchant certificate
Nets through the Signing and Identification Services are resellers of BankID merchant certificates, and this can be ordered either separately or together with E-Ident and/or E-Signing. When ordering a merchant certificate through Nets, you will receive an information letter asking you to complete a form with information needed to create a BankID “brukerstedsavtale” with BankID Norge. Note: In this form you need to specify if you are allowed to handle SSN.
The form shall be returned to our support and based on the form Nets will register this order at BankID. After the registration you will be asked to confirm and sign the order. When the order is signed with BankID Norge, it will be sent to your bank for processing. Your bank may use up to 10 business days for processing the order. Nets will then receive activation information for your BankID merchant certificate from your bank. The merchant certificate will be activated and connected to your configuration.
In cases where you use another reseller, the BankID activation link and code must be sent to Nets without activating it. Contact Nets support to get contact details of receiver of the link and code.
Test merchant certificate
Nets will set you up with a common test merchant certificate if nothing else have been agreed.
Test users
Test users are available
here.
Information about the end user
| Birth date |
birthdate Requires scope=profile | DOB | |
| Distinguished name |
dn Requires scope=cert | DN | The distinguished name from the end user's certificate. Example: "CN=Olsen\\, Ole,O=TestBank1 AS,C=NO,SERIALNUMBER=9578-6000-4-201091" |
| Common name | cn Requires scope=cert |
CN | The common name from the end user's certificate. Example: "Olsen, Ole" |
| Personal identifier |
no_bid_pid |
NO_BID_PID | Norwegian BankID personal identifier. |
| Norwegian SSN |
no_ssn Requires scope=ssn |
NO_SSN | |
| End user certificate | certificate Requires scope=cert | CERTIFICATE | The end user's certificate. |
Handling of SSN
All companies that are allowed to handle social security numbers (SSN) can get this in return from a BankID identification. The end user will always enter his SSN credentials through a log in. The SSN is returned as default to those allowed to handle SSN. This can be turned off using the
returnssn identification parameter described below.
Note: Remember to specify that you want to process SSN when ordering your BankID merchant certificate and giving Nets your E-Ident configuration details.
Controlled return of SSN
All customers that are allowed to retrieve SSN have been configured with this in E-Ident. However, not every customer actually needs the SSN each time a user identifies himself. In some cases it is only needed the first time the user is logging in, and for later logins the BankID PID (personal identification) can be used. To turn off the retrieval of SSN and the SSN request to BankID, the customer can add a parameter to the identification request. This is the returnssn parameter. If this is set to false, E-Ident will not request the SSN from BankID and not return it to the customer. Read more about the optional eID specific identification request parameters for respectively OIDC and SAML.
This parameter can be used with BankID (NO) and BankID on mobile (NO).
User experience
BankID client
Step 1 (enter SSN):
Step 2 (enter OTP):
Step 3 (enter password):
IFRAME sizes
The recommended and minimum IFRAME sizes from BankID are:
- Large screen (Desktop/tablet): 396px (w) by 280px (h) (recommended) / 370px (w) by 204px (h) (minimum)
- Small screen (Smartphone) (only minimum sizes): 320px (w) by 350px (h) (portrait) / 480px (w) by 200px (h) (landscape)
CSS file adjustment
The BankID client should be styled with CSS to display properly. The default styling has CSS rule that set the proper sizes. Styling can be overridden either by setting av style URL in the customer configuration at Nets or by sending a style parameter when starting the identification. The default CSS styling sets width and height to 100%. The client will then expand to fill the container (iframe), regardless of the container size.
When overriding styling, the sample CSS below will produce the same effect as the default styling.
#nobankid_index_html {
height: 100%;
overflow-y: hidden; /* make sure no scroll bar is shown */
}
#nobankid_index_html .iframe,
#nobankid_index_html .iframe .ipage {
height: 100%;
}
#nobankid_index_html .iframe .ipage .main {
height: 100%;
min-height: 200px;
}
Read more about CSS styling and download E-Ident default style here.
Error codes
BankID specific error codes can be found in BankID documentation at
https://confluence.bankidnorge.no/confluence/kiev-open/bankid-error-codes
