diff --git a/lb-common/overlay/etc/hiera/data/group.yaml b/lb-common/overlay/etc/hiera/data/group.yaml
index 480249c..869a354 100644
--- a/lb-common/overlay/etc/hiera/data/group.yaml
+++ b/lb-common/overlay/etc/hiera/data/group.yaml
@@ -820,3 +820,31 @@ sunet_frontend:
         letsencrypt_server: 'acme-c.sunet.se'
         haproxy_imagetag: '20230228-stable'
         frontendtools_imagetag: '20230228'
+
+      'bankidp':
+        haproxy_volumes:
+          - "/etc/ssl/certs/infra.crt:/etc/ssl/certs/infra.crt:ro"
+          - "/opt/frontend/config/ssl/infra_haproxy.crt:/opt/frontend/config/ssl/infra_haproxy.crt:ro"
+        site_name: 'bankid-idp.sunet.se'
+        frontends:
+          'tug-lb-1.sunet.se':
+            ips: ['37.156.192.86', '2001:6b0:60:c0::86']
+          'sthb-lb-1.sunet.se':
+            ips: ['37.156.192.87', '2001:6b0:60:c0::87']
+        backends:
+          default:
+            'bankid-idp-app1.sunet.se':
+              ips: ['192.36.171.75']
+              server_args: 'ssl  alpn h2  crt /opt/frontend/config/ssl/infra_haproxy.crt  verify required  ca-file /etc/ssl/certs/infra.crt  check check-alpn http/1.1'
+            'bankid-idp-app2.sunet.se':
+              ips: ['89.45.237.145']
+              server_args: 'ssl  alpn h2  crt /opt/frontend/config/ssl/infra_haproxy.crt  verify required  ca-file /etc/ssl/certs/infra.crt  check check-alpn http/1.1'
+            'bankid-idp-app3.sunet.se':
+              ips: ['89.46.20.114']
+              server_args: 'ssl  alpn h2  crt /opt/frontend/config/ssl/infra_haproxy.crt  verify required  ca-file /etc/ssl/certs/infra.crt  check check-alpn http/1.1'
+        allow_ports:
+          - 443
+          - 80
+        letsencrypt_server: 'acme-c.sunet.se'
+        haproxy_imagetag: '20230228-stable'
+        frontendtools_imagetag: '20230228'