# Attributes reference
You use Norwegian BankID to verify the end-user's identity and obtain relevant personal details about them. This page summarises user information you can request and receive for the OIDC and the Authentication REST API protocols. We also support SAML 2.0, but this is not documented yet.
# OIDC scopes and claims
You can use the following scopes to request user information from an end-user using Norwegian BankID.
Include user data claims in Id token
By default, all claims listed in this table are returned in the UserInfo endpoint. In addition, you can configure user data claims to be returned in the Id token. You can set this up in the Dashboard > OIDC client (opens new window) under Advanced Security > Id Token User data. The right column shows the values required to include each claim in the Id token.
| Scope | Claim | Example | Description | "Id Token User Data" values |
|---|---|---|---|---|
profile | name | Kari Nordmann | The full name of the end-user. | StandardScopes or All |
given_name | Kari | The first name of the end-user. | StandardScopes or All | |
family_name | Nordmann | The surname of the end-user. | StandardScopes or All | |
birthdate | 1990-02-17 | The date of birth of the end-user. | StandardScopes or All | |
idp-id | idp_id | 9578-6000-4-1663921 | Personal identifier set by the identity provider. | StandardScopes or All |
nin | nin | 17029012345 | The national identity number (“fødselsnummer”) of the end-user. | All |
nin_issuing_country | NO | The issuing country of the national identity. Always “NO” for Norwegian BankID. | All | |
nin_type | BIRTH | The type of national identity number. Always “BIRTH” for Norwegian BankID. | All | |
nbid-extra | nbid_updated_at | 1606394130000 | Time when the end-user’s information was last updated, measured in seconds since epoch time. | Standard Scopes or All |
nbid_tid | 62c12db4-a6a3-42ad-8ab8-51a87e2a96ce | Norwegian BankID’s identifier for the transaction. Used for auditing and tracing purposes. | All | |
nbid_originator | CN=BankID Bankenes ID-tjeneste Bank CA 2, OU=988477052,O=Bankenes ID-tjeneste AS,C=NO;OriginatorId=9775; OriginatorName=Gjensidige Bank RA 1 | Issuer of the end-user certificate. | All | |
nbid_idp | BID | This value decides the flow type used during the transaction, either BID (BankID High), BIS (BankID Biometric) or BIM (BankID on Mobile). | All | |
nbid_auth_time | 1709206279 | Time when the end-user was authenticated, measured in minutes since epoch time | All | |
nbid_alternative_subject | 9578-6000-4-1663921 | Personal Identifier (PID / Serial Number) from associated Norwegian BankID certificate. | All | |
nbid_additional_cert_info | {"certValidFrom": 1554448774000, "serialNumber": "1055610", "keyAlgorithm": "RSA", "keySize": "2048", "policyOid": "2.16.578.1.16.1.12.1.1", "monetaryLimitAmount": "100000", "certQualified": true, "monetaryLimitCurrency": "NOK", "certValidTo": 1617607174000, "versionNumber": "3", "subjectName": "CN=Nordmann\\, Kari,O=TestBank1 AS, C=NO,SERIALNUMBER=9578-6000-4-877"} | Additional information about the end-user certificate, formatted as a JSON string. | All | |
nbid_subject_uuid | e6418f52-b90d-49ea-a448-a73d39f24ec7 | Norwegian BankID’s unique identifier for the user. | All |
See also Control the Norwegian BankID flow (acr_values and login_hint).
# OIDC response example
You can use the following scopes to request user information from an end-user using Norwegian BankID: This example shows the section with the user information attributes.
{
"family_name": "Kari",
"given_name": "Nordmann",
"birthdate": "1990-02-17",
"nin": "17029012345",
"nin_type": "BIRTH",
"nin_issuing_country": "NO",
"nbid_tid": "1ebe3243-ec47-42fe-9f3b-8f323e1e0d53",
"nbid_auth_time": "1709206572",
"nbid_alternative_subject": "9578-6000-4-877",
"nbid_originator": "CN=BankID - TestBank1 - Bank CA 3,OU=123456789,O=TestBank1 AS,C=NO;OrginatorId=9980;OriginatorName=BINAS;OriginatorId=9980",
"nbid_updated_at": "1708682096000",
"nbid_additional_cert_info": "{\"certValidFrom\":1606394130000,\"serialNumber\":\"1407572\",\"keyAlgorithm\":\"RSA\",\"keySize\":\"2048\",\"policyOid\":\"2.16.578.1.16.1.12.1.1\",\"monetaryLimitAmount\":\"100000\",\"certQualified\":true,\"monetaryLimitCurrency\":\"NOK\",\"certValidTo\":1669466130000,\"versionNumber\":\"3\",\"subjectName\":\"CN=Nordmann\\\\,Kari,O=TestBank1 AS,C=NO,SERIALNUMBER=9578-6000-4-877\"}",
"nbid_subject_uuid": "e6418f52-b90d-49ea-a448-a73d39f24ec7",
"nbid_idp": "BID",
"sub": "6NZrmEFWVaQij7tQgDSlsG6H6nBpVbZneQKZMrkJbls="
}
# Authentication REST API attributes
The Signicat Authentication REST API supports the following request and response attributes for Norwegian BankID:
| Attribute | Sub-field | Example | Description |
|---|---|---|---|
name | Kari Nordmann | The full name of the end-user. | |
firstName | Kari | The first name of the end-user. | |
lastName | Nordmann | The surname of the end-user. | |
dateOfBirth | 1990-02-17 | The date of birth of the end-user. | |
idpId | 9578-6000-4-1663921 | Personal identifier set by the identity provider. | |
nin | value | 17029012345 | The national identity number (“fødselsnummer”) of the end-user. |
issuingCountry | NO | The issuing country of the national identity. Always “NO” for Norwegian BankID. | |
type | BIRTH | The type of national identity number. Always “BIRTH” for Norwegian BankID. | |
nbidUpdatedAt | 1708682096000 | Time when the end-user’s information was last updated, measured in milliseconds since epoch time. | |
nbidTid | 62c12db4-a6a3-42ad-8ab8-51a87e2a96ce | Norwegian BankID’s identifier for the transaction. Used for auditing and tracing purposes. | |
nbidOriginator | CN=BankID Bankenes ID-tjeneste Bank CA 2, OU=988477052,O=Bankenes ID-tjeneste AS,C=NO;OriginatorId=9775; OriginatorName=Gjensidige Bank RA 1 | Issuer of the end-user certificate. | |
nbidIdp | BID | This value decides the flow type used during the transaction, either BID (BankID High), BIS (BankID Biometric) or BIM (BankID on Mobile). | |
nbidAuthTime | 1709207560 | Time when the end-user was authenticated, measured in seconds since epoch time | |
nbidAlternativeSubject | 9578-6000-4-1663921 | Personal Identifier (PID / Serial Number) from associated Norwegian BankID certificate. | |
nbidAdditionalCertInfo | {"certValidFrom": 1554448774000, "serialNumber": "1055610", "keyAlgorithm": "RSA", "keySize": "2048", "policyOid": "2.16.578.1.16.1.12.1.1", "monetaryLimitAmount": "100000", "certQualified": true, "monetaryLimitCurrency": "NOK", "certValidTo": 1617607174000, "versionNumber": "3", "subjectName": "CN=Nordmann\\, Kari,O=TestBank1 AS, C=NO,SERIALNUMBER=9578-6000-4-877"} | Additional information about the end-user certificate, formatted as a JSON string. | |
nbidSubjectUuid | e6418f52-b90d-49ea-a448-a73d39f24ec7 | Norwegian BankID’s unique identifier for the user. |
# Authentication REST API response example
The response example below shows the section with the user information attributes.
{
"id": "58126fb8-c5e2-...",
"accountId": "a-sdge-...",
"authenticationUrl": "https://<YOUR_SIGNICAT_DOMAIN>/broker/sp/external-service/login?messageId=21b064c3-28b...",
"status": "SUCCESS",
"provider": "nbid",
"subject": {
"id": "opuc4kyFUWPkfdmfYTzjS89u6ZCWLHWLZfPR5hpBW24=",
"idpId": "9578-6000-4-1663921",
"name": "Kari Nordmann",
"firstName": "Kari",
"lastName": "Nordmann",
"nin": {
"value": "17029012345",
"issuingCountry": "NO",
"type": "BIRTH"
},
"nbidAuthTime": "1709207560",
"nbidUpdatedAt": "1708682096000"
}
}