Resource servers¶
A default feature with the BankID OIDC Provider is that it employs Access tokens for accessing protected resources regarding the end user in question.
These protected resources are stored in resource servers which have different properties and features. This page is intended as an overview of these resource servers.
| Resource server | Description | APIs | User involvement | Comments |
|---|---|---|---|---|
| SignDoc | When performing electronic signing, this is where the order is created, stored, and retrieved after end user completes. | signdoc/pades signdoc |
The user interacts with BankID GUI for signing the documents. | Is triggered by including the sign scope in the authorize request. See Getting started for more on this. |
| Userinfo | Additional information about the authenticated end user. | userinfo | Consent for sharing each requested data point | For some scopes (email, address, phone) the user has to register data points with BankID the first time. nnin scope is always available given that you have legal basis for treating this. |
| AML | Datapoints related to the anti money laundering service | See AML API | None | |
| Fraud Data | Datapoints related to the fraud data service | securityData | None | Currently only available for issuing banks |
| Operational status | Operational status of BankID High | See operational status | None |