Sign agreements and order certificates
Before you can start integrating with Signicat's implementation of Norwegian BankID in production, you must sign an agreement with Signicat and obtain the needed access.
Prerequisites
To obtain merchant credentials, you need to provide Signicat with the following details:
- Your organisation contact information: Name, mail and phone number.
- Your organisation number (Norwegian, Swedish or Danish organisation number). If you do not have an organisation number, you need in any case to get registered in a Norwegian bank, since only Norwegian banks issue Norwegian BankID certificates.
- Contact information for the signer in your organisation: Name, mail and phone number.
- Contact information for those who have the permit to revoke/block the certificate: Name, mail and phone number (up to 2).
- The display name that you want in the Norwegian BankID client (for example your company name). This will be the name that the end-user sees when authenticating to your service.
- The bank that should issue the certificate. It must be your main Norwegian bank.
- If a national identity number is required, you need to provide legal proof/documentation reference to a Norwegian law that you are eligible to retrieve this.
Signicat will fill in the rest of the needed information for the agreement.
The signer must be someone that holds either a Norwegian BankID, a Swedish BankID or a MitID user that is allowed to sign according to Brønnøysund Register Centre and the Certificate of Incorporation. If not, there should be a power of attorney.
Order certificates
Merchant certificate
Before you can integrate with Norwegian BankID in production, you must obtain a merchant certificate (BrukerstedsBankID) from Norwegian BankID. A merchant certificate is a business certificate that can represent an organisation. A business certificate is intended to ensure communication and identification to and from organisations. The certificate does not hold any personal information.
A merchant certificate will be generated and stored in the Norwegian BankID infrastructure. It is Norwegian BankID that manages the merchant certificate for you.
User certificate types
User certificates are “Banklagret”, which means that they are stored centrally in the Norwegian BankID infrastructure. It is possible to use a “Banklagret” BankID from any computer. PersonBankID is defined by Norwegian BankID as a type of a client certificate. It is a personal BankID which can be used both for authentication and signature.
Sign an agreement with Signicat
Signicat presents an offer and information about needed steps you must follow to have a fully functional eID solution running through Signicat. To get help with this, please contact Signicat.
You will sign the agreement electronically.
Installation
Normally, an onboarding manager will have the role as technical responsible in the Norwegian BankID agreement. This person will receive instructions from the bank or Norwegian BankID on how to connect to Norwegian BankID. When the necessary details are received, they will be installed on your account in Signicat's system and made available for you from your unique customer-specific configuration. When the configuration is set up in test, you may verify your merchant certificate by sending calls to the Norwegian BankID authentication or signature service, using test users.
Credentials
Sandbox credentials
This will usually be Signicat's test credentials for use in Signicat's test environments. It may only be used to authenticate test users (not real live persons).
Production credentials
Credentials for production represent your business in the Norwegian BankID and Signicat production environments. A certificate will be issued by your bank and stored in the Norwegian BankID infrastructure. It may only be used to authenticate real live persons (not test users).