Skip to main content


Important information

From May 1 2024 it will no longer be possible to initiate an auth or sign request using SSN. Only animated QR-code or autostart on same device will be allowed due to new BankID requirements.

API V2 will remain operational until the 1st of February 2025 but requires the use of autostart or animated QR.

API V3 supports this new functionality from BankID. We strongly recommend that you use API V3 for new implementations or migrate existing implementations.

IDkollen provides a JSON/REST API for authenticating and signing with BankID.

The API is only accessible with SSL and a unique key provided by IDkollen. The key is private and should not be shared with a third party. The API should only be called from a server application, not directly from the client.

When signing up you will receive API keys for IDKollens staging and live environment.

EnvironmentURLCallback IPBankID environment

Usage flow

  1. The user initiates an authentication via the partner's interface.
  2. The partner calls IDkollen's API with the secret key to get to initiate an authentication.
  3. IDkollen sends response to partner with information about the initiated authentication.
  4. The partner uses the information to launch BankID on the users device.
  5. The user identifies him- or herself with BankID.
  6. The partner fetches the result or gets it via their callback endpoint.

Staging environment (test)

Please note that the Staging environment only works with Test BankID:


To initiate requests to the API a secret key is needed. To request a secret key, contact All API endpoints are authenticated using Basic Auth, where the "username" is the API key (account ID) and the "password" is the secret key.

Authorization: Basic ${ base64(accountId + ':' + secretKey) }

More information

For more information about error messages and how the BankID API works in general, please refer to the BankID Relying Party Guidelines.

If you have any questions, please contact us at