Skip to content

Upcoming Changes

Announcement - April 2025

There are important changes for BankID on the OpenID Connect platform in October 2025.

  • Additional security requirements for all clients
  • API Version 4 for all Clients

By the end of the year, we are also removing the experimental Consent service that provides additional userdata.

Review all changes

It is recommended to review the full list of updates below with your relevant technical teams.

Additional Security Requirements

Security requirements for integrating BankID on the OpenID Connect platform will be updated to:

API Version 4 for all Clients

All clients will be updated to use API Version 4.

In summary, the changes from todays default API Version are related to:

Find all API Version changes here.

Test your integration

You can already activate API Version 4, to see the changes in action. Just add the parameter api_version=4

The experimental Consent service that provides unverified user data (email, address, phone), exposed through the Userinfo endpoint, will be discontinued by the end of 2025.

This means it will no longer be possible to collect:

  • email
  • address
  • phone
  • nnin

from end-users using the Userinfo integration.

Profile information such as full name, birthdate and potentially NNIN will still be available in the ID Token.

For those using the nnin scope to trigger user consent, we require you to acquire this consent from the user yourself, and instead use scope nnin_altsub to always get the NNIN in the ID token - if you are legally eligible to receive NNIN.

New Data Sharing solutions coming soon!

Stay tuned for more information regarding new data sharing solutions from BankID BankAxept AS!