Skip to content

API Versions

The BankID APIs are versioned. This means that we can introduce new features and improvements without breaking existing implementations.

The BankID APIs are versioned using a simple integer. The version used is included in all tokens as api_ver from version 2.

We are continuously improving our APIs and adding new features. Please ensure that you are using the latest and most secure version of our APIs.

Default version

The default version of the BankID APIs is 1.

We recommend that you always use the latest version of the BankID APIs which is currently 3.

Available versions

All versions contain all the changes from previous versions.

Version Changes
1 Initial version of the BankID APIs. No backwards incompatible changes.
2 - Added api_ver claim to tokens.
- Changed amr claim from a String to an array of Strings. E.g. from "BID" to ["bid"]
3 - Uses an ECDSA signing key with a full certificate chain to sign all tokens.
- Make sure your system can handle validation of these signatures and certificates.
- More than one ACR value is supported in acr_values authorize param
- token_type value has been capitilized to Bearer in token response

How to enable a new version

Tip

You can also make a request to support to set the default version for your OIDC Client, without the need to include it in the authorize request.

To enable a new version you need to include the version in the authorize request using:

api_version=[version]

Example:

GET [authorize_url]?client_id=myclient-bankid-prod&scope=openid&api_version=2