Authentication-based signing

1. What is changing

We are moving from a signature using the authentication in BankID Server to the new BankID OIDC authentication, NBID OIDC.

As for a normal authentication, not all information, data fields, will be present in the ltvsdo and in the authentication token inside the ltvsdo.

2. Who is affected

You are affected if you use Norwegian BankID authentication based signatures through Signicat.

3. What this means for you

3.1 Data fields in the ltvsdo

Some data fields will no longer be available in the ltvsdo.

The ltvsdo will not include every field that existed in the old one.

3.2 Data fields in the authentication token inside the ltvsdo

Some data fields will no longer be available in the authentication token inside the ltvsdo.

The new authentication token inside the ltvsdo will not include every field that existed in the old one. For example, certain certificate details or older types of unique identifiers are no longer part of the new BankID standard.

3.3 You may need to update your system

If your system depends on fields that are not provided in the new solution, you will need to update it to use the newer fields.

For example, if you use a unique ID that no longer exists, you can switch to another unique ID field that is still available in the new solution.

4. Time to live and deadlines

To ensure you do not experience any loss of signing sessions, please make the necessary updates to start utilising the new Norwegian BankID connection before your session TimeToLive expires. The default TimeToLive values are 30 days for Enterprise and 45 days for Express.

This means that if you have not configured a custom TimeToLive value, you should complete the changes by

• Enterprise, 1 March 2026
• Express, 14 February 2026