Skip to content
Migrating from NextAuth.js v4? Read our migration guide.

providers/bankid-no

Built-in sign in with BankID Norway integration.

BankIDNorwayProfile

See

Properties

acr

acr: string;

Uniform Resource Name for IDP option being used, including Level of Assurance (LoA).

Example
urn:bankid:bid;LOA=4

additionalCertInfo

additionalCertInfo: {
  certQualified: boolean;
  certValidFrom: number;
  certValidTo: number;
  keyAlgorithm: string;
  keySize: string;
  policyOid: string;
  serialNumber: string;
  subjectName: string;
  versionNumber: string;
};
certQualified
certQualified: boolean;
certValidFrom
certValidFrom: number;
certValidTo
certValidTo: number;
keyAlgorithm
keyAlgorithm: string;
keySize
keySize: string;
policyOid
policyOid: string;
serialNumber
serialNumber: string;
subjectName
subjectName: string;
versionNumber
versionNumber: string;

amr

amr: "BID" | "BIM" | "BIS";

Name of IDP option being used to authenticate the end-user. If the end-user is subject to authentication step-up, note that this value may differ from any amr value specified in the login_hint parameter of the authorize endpoint.

at_hash

at_hash: string;

aud

aud: string;

Always client_id

auth_time

auth_time: number;

Epoc time

azp

azp: string;

Equals client_id

bankid_altsub

bankid_altsub: string;

Personal Identifier (PID) / Serial Number) from associated BankID certificate.

birthdate

birthdate: string;

email?

optional email: string;

Only returned from the userinfo_endpoint

exp

exp: number;

family_name

family_name: string;

given_name

given_name: string;

iat

iat: number;

iss

iss: string;

jti

jti: string;

name

name: string;

nnin_altsub?

optional nnin_altsub: string;

Norwegian National Identity Number (fødselsnummer). It can be an alternative to sub. Requires nnin_altsub scope at the authorize endpoint.

Example
181266*****

originator

originator: string;

In case of BID or BIM, the issuer of the end user certificate is returned.

Example
CN=BankID Bankenes ID-tjeneste Bank CA 2,
OU=988477052,
O=Bankenes ID-tjeneste AS,*
C=NO;OrginatorId=9775;OriginatorName=Gjensidige Bank RA 1

session_state

session_state: string;

sid

sid: string;

sub

sub: string;

tid

tid: string;

Currently used as an input parameter for the securityData endpoint of the Fraud Data service

typ

typ: "ID";

updated_at

updated_at: number;

default()

default(config): OIDCConfig<BankIDNorwayProfile>

Setup

Callback URL

https://example.com/api/auth/callback/bankid-no

Configuration

import { Auth } from "@auth/core"
import BankIDNorge from "@auth/core/providers/bankid-no"
 
const request = new Request(origin)
const response = await Auth(request, {
  providers: [
    Auth0({
      clientId: AUTH_BANKID_NO_ID,
      clientSecret: AUTH_BANKID_NO_SECRET,
    }),
  ],
})

Resources

Notes

The BankID Norge provider comes with a default configuration. To override the defaults for your use case, check out customizing a built-in OAuth provider.

Help

If you think you found a bug in the default configuration, you can open an issue.

Auth.js strictly adheres to the specification and it cannot take responsibility for any deviation from the spec by the provider. You can open an issue, but if the problem is non-compliance with the spec, we might not pursue a resolution. You can ask for more help in Discussions.

Parameters

ParameterType
configOIDCUserConfig<BankIDNorwayProfile>

Returns

OIDCConfig<BankIDNorwayProfile>

Auth.js © Balázs Orbán and Team - 2024