BankID Authentication

Description

BankID Authentication integrates Norway's national digital identity system as a primary login method for the Meander mobile app. Users authenticate via the BankID app or SMS one-time password, after which Meander receives a verified identity token that can enrich the user's profile, including potential personnummer retrieval for membership system synchronisation. This feature covers the full OAuth/OIDC redirect flow, token exchange, and fallback handling when BankID is unavailable.

User Flow

Click to expand

Analysis

Business Value

All four workshop organisations identified BankID as a preferred authentication method, citing trust, familiarity, and the critical side-effect that Vipps/BankID login can return personnummer to membership systems that currently lack it for many users. This significantly reduces manual admin overhead for organisations and improves data quality. BankID is the de facto standard for high-trust digital identity in Norway, and its presence signals platform credibility to prospective organisations evaluating Meander.

Implementation Notes

Integration uses an established Norwegian BankID OIDC provider (e.g., Criipto or BankID Norge). The Flutter client initiates the flow via a secure in-app browser (flutter_secure_browser or app_links for redirect handling). The backend exchanges the authorisation code for an identity token, extracts the verified national identity, and either creates or links a Meander user account. Token storage follows the same JWT pattern as email/password login. Fallback to email/password must be clearly presented if BankID is unavailable. Cost implications (monthly fee) are shared across organisations.