Skip to content

Upcoming Changes

Announcement - April 2025

There are important changes for BankID on the OpenID Connect platform in 28th of October 2025.

  • Additional security requirements for all clients
  • API Version 4 is standard for all Clients

By the end of the year, we are also removing the experimental Consent service that provides additional userdata.

Review all changes

It is recommended to review the full list of updates below with your relevant technical teams.

Additional Security Requirements

Security requirements for integrating BankID on the OpenID Connect platform will be updated to:

API Version 4 standard for all Clients

All clients will be forced to use minimum API Version 4. API Versions 1 to 3 will no longer be available.

In summary, the changes are related to:

Read all changes here.

Test your integration

You can already use API Version 4, to see the changes in action. Just add the parameter api_version=4 to the Authorize Request.

The experimental Consent service that provides unverified user data (email, address, phone), exposed through the Userinfo endpoint, will be discontinued by the end of 2025.

This means it will no longer be possible to collect:

  • email
  • address
  • phone
  • nnin

from end-users using the Userinfo integration.

Profile information such as full name, birthdate and potentially NNIN will still be available in the ID Token.

For those using the nnin scope to trigger user consent, we require you to acquire this consent from the user yourself, and instead use scope nnin_altsub to always get the NNIN in the ID token - if you are legally eligible to receive NNIN.

New Data Sharing solutions coming soon!

Stay tuned for more information regarding new data sharing solutions from BankID BankAxept AS!