# Finnish Bank eIDs (FTN)
Integration with OIDC
You can integrate to FTN for authentication using either our REST API or OIDC. If you decide to use OIDC, note that the steps to get started differ slightly from the other ID methods. Follow the instructions in Integration details below.
Signicat supports all eIDs of Finnish banks within the framework of the Finnish Trust Network (FTN). Through one agreement with Signicat, a customer will get access to all these eIDs plus Mobiilivarmenne. The default setup for an FTN customer is that all banks and Mobiilivarmenne are shown to the end user as login options. If a customer wants to limit the number of options, specific eIDs and Mobiilivarmenne may be removed from the menu shown to end users.
The TUPAS protocol that was previously in use for the Finnish bank eIDs is obsolete. Banks offer their eID services through OIDC or SAML2 interfaces. A Signicat FTN customer does not need any agreements nor specific technical integration towards the banks; one agreement with Signicat and one integration towards Signicat’s API is sufficient. The personal data returned is the same for all eIDs.
The bank eIDs are of various types. When the end user has selected the eID to use from the menu displayed by Signicat, the user is redirected to the selected bank’s (or Mobiilivarmenne) user interface. All eIDs supported by Signicat for FTN are “strong electronic identification” according to Finnish regulations, meaning they are Finnish eID level 2, which corresponds to eIDAS level substantial. Signicat is a licenced broker in FTN for “strong electronic identification”.
FTN eIDs may be used for onboarding and for issuing a new eID at the same or a lower assurance level. Special pricing applies. Please contact Signicat support if you have such needs for your service.
The following banks are members of the Finnish Trust Network:
- OP Bank Group
- Danske Bank
- Säästöpankki (Savings Bank)
- POP Bank
- Bank of Åland
# Signicat's identification principles for FTN
# Integration details
FTN requires Full Message-Level Encryption (MLE) as well as Transport-Layer Encryption (TLS). The tabs below detail the steps required to set up an integration with MLE, which differ depending on whether you're using OIDC or the REST API.