Hopp til hovedinnhold
HalsenID
Create account

HalsenID

Identitet du eier.
Tilgang du styrer.

HalsenID

Identity you own.
Access you control.

One account for the services you use across the Halsen ecosystem. BankID-verified, protected by two-factor, and entirely under your control — you decide who gets access and can revoke it whenever you want.

Confirm your identity with BankID. Takes about a minute.

What HalsenID is

One identity,
many services.

HalsenID is an independent Norwegian identity provider built in Norway. You create the account once as an electronic ID (eID) and use it to sign in to every service in the ecosystem — no per-site password to memorise, and no service that owns your data.

  • An account of your own

    Your account belongs to you, not to a single service. If you stop using one partner, you keep your HalsenID.

  • Verified once

    We verify your identity with BankID when you create the account. After that you sign in with email, password and two-factor — no need to bother BankID every session.

  • You hold the keys

    Every time a partner asks for access you see exactly what they're asking for. You approve — and you can revoke the approval from your account any time.

How it works

Three steps from first time
to every time.

One setup, then you're ready. Every sign-in afterwards is email, password and a six-digit code from your authenticator app — usually under fifteen seconds.

  1. Verify with BankID

    You sign in with BankID once to prove who you are. We fetch your name and date of birth — nothing else. Your national ID number is encrypted immediately and only used for KYC against partners that require it.

  2. Set up email, password and two-factor

    Scan a QR code with Google Authenticator, 1Password or Authy. You'll get ten recovery codes to print or paste into your password manager — in case your phone goes missing.

  3. Sign in — everywhere

    When you visit a HalsenID-connected service, click “Sign in with HalsenID.” You see what the partner is asking for, you approve — and you're in.

Where it's used

Today on halsenpay.no
— soon at partners.

HalsenID is the identity layer underneath HalsenPay. As we open the protocol to partners, the same account will work across multiple Norwegian services.

More partners are coming. If you run a Norwegian service and are evaluating HalsenID — see “For companies” below.

Security

Built to last.
Designed to be safe.

Security isn't a setting — it's a stack of habits. Here's every layer you move through when you sign in.

  • BankID verification

    Your identity is verified by Stø (formerly BankID Norge) — the same standard Norwegian banks and the public sector use.

  • Argon2id hashing

    Your password is never stored in cleartext. We use Argon2id, the winner of the Password Hashing Competition and current best practice.

  • Breach lookup

    When you choose a password we anonymously compare it against Have I Been Pwned — over 8 billion known leaked passwords.

  • Two-factor by default

    Every sign-in requires a six-digit code from your authenticator app. The code is generated locally on your phone, rotates every 30 seconds, and is never sent over SMS.

  • OAuth 2.0 + OIDC

    Partner access uses OpenID Connect — the international standard. You see exactly what's being asked for, and every approval is revocable.

  • Norwegian operations, GDPR

    Data is stored in the EU. We follow GDPR and the Norwegian personal-data act, and use providers with Standard Contractual Clauses where relevant.

For companies

Want to offer HalsenID
in your own platform?

HalsenID is built to be used by more than us. If you run a service that needs verified Norwegian identity — for KYC, account sign-in, or just to avoid building password handling yourself — you can offer HalsenID as a sign-in option via the HalsenPay platform.

  • OpenID Connect — no special integration

    HalsenID is a standards-compliant OIDC provider. If your library speaks OAuth 2.0, it speaks HalsenID.

  • Verified users from day one

    Every HalsenID is BankID-confirmed. You skip building a KYC flow yourself — we have it under the hood.

  • User-driven consent

    The user sees exactly what you're asking for and approves it themselves. You aren't on the hook for collecting “vague” consent — it's built into the flow.

  • No vendor lock-in

    You build on the OIDC standard. If you switch providers later, your users keep their accounts — we treat them as theirs, not ours.

Talk to us via HalsenPay

The integration is set up through the HalsenPay dashboard. You can test in sandbox before anything goes live.

For companies

Want to offer HalsenID in your own platform?

Questions and answers

What people
tend to wonder.

  • Is HalsenID free to use as an individual?
    Yes. You pay nothing to create or use HalsenID. Partners that integrate HalsenID may pay us a fee — that's not something you as a user need to worry about.
  • What kind of identity provider is HalsenID?
    HalsenID is a Norwegian identity provider — a private-sector identity service that offers eID-based sign-in via OpenID Connect and OAuth 2.0. It's not the same as ID-porten (the public sector's sign-in portal) or BankID (the Norwegian banks' identification standard). HalsenID uses BankID to verify you once at registration, then acts as your own sign-in account across Halsen and partner services.
  • What's the difference between HalsenID and BankID?
    BankID verifies that you are you when you register — it's an identification layer owned by the Norwegian banks. HalsenID is a sign-in service on top of it: one account for many services, protected by password and two-factor. You use BankID once, HalsenID every day.
  • What happens if I lose my phone?
    You got ten recovery codes when you set up two-factor. Use one of them to sign in, then generate a new set from the account settings. If you lost the codes too, you can re-verify your identity with BankID — the same check as when you created the account.
  • What data do you store about me?
    Name, date of birth, national ID number (encrypted), email, password hash, your 2FA factors, your recovery codes (hashed), and which partners you've granted access to. It's all openly visible in your account under “Data about you.”
  • Can I delete my account?
    Yes. You can delete your HalsenID account whenever you want from account settings. We delete all personal data immediately; encrypted transaction trails in HalsenPay and partner services follow their own retention rules.
  • Which countries can use HalsenID?
    Today registration requires a Norwegian BankID, so HalsenID is primarily for Norwegian citizens and residents. We're evaluating Sweden (BankID), Denmark (MitID) and Finland (Suomi.fi) over time.

Ready?

Identity you own.
Access you control.

Create your HalsenID account with BankID. Takes about a minute, and you keep the account for as long as you want it.