The Bisnode RiskGuardian Credit Information Person API contains individuals’ risk and credit information. The available data varies between countries due to local legislation and data sources. This data can help you do more reliable business when financial assessments of private individuals are necessary.

At the moment, Danish data is available but shortly we will add Swedish, Finnish and Norwegian data.

Authentication

 To use the Credit Information B2C REST API - v1, you need a client ID and a secret. Bisnode uses OAuth2 for authentication. More information here.

 Get started

You'll need 3 things to get started.

• Bisnode ID (contact api-support@bisnode.com for one if you don't have it yet)
• Sandbox API Key (you need to be logged in with your Bisnode ID to get it)
• Subscribe to the API (you need to be logged in with your Bisnode ID to subscribe)

Key Features

Person data available through an API

Provides you with high quality risk and credit data.

• High quality credit information for profitable decisions
• Avoid credit losses by doing business with the right customers
• Get stable customers that you know can pay on time
• Get new insights by combining your own customer data with Bisnode consumer data

How to use the API

This guide is intended to help you get going with your integration against the Bisnode Credit Information B2C API. It serves as a complement to the  Endpoint Reference  and aims to bring a high level understanding of the key concepts of the platform. 

For questions and support, please contact Bisnode at api-bisnode@bisnode.com

Search Denmark

Consumer search lets you search for a person by entering the national identification number (CPR-number) or name and date of birth. The response contains name, address, date of birth and “personId”.

Credit information Denmark

If you already have done a consumer search, you have retrieved a “personId”. Please use the personId as input, and not the CPR-number.

If you like to do verification and credit check in the same request and know the person’s CPR-number (“nationalIdentificationNumber”), you can use that as an input.

Changes and versioning

API version is provided in the base of the requested URL in the form of "v1", "v2" etc. Only major version numbers are used.

API versions are raised only on breaking (i.e. backwards incompatible) changes in the API. Fields may be added but will never be removed during an API version lifecycle. When developing your application, take care to ensure that your application is able to handle additional fields.

How to test

Test data available in sandbox:

Authentication 

Authentication using OAuth2

Bisnode's newest APIs use OAuth2 for authentication. For all API requests, you need to supply an access token in order to authenticate yourself. To obtain such an access token you need to submit your CLIENT_ID and CLIENT_SECRET to Bisnode's authentication endpoint at https://login.bisnode.com/as/token.oauth2. The access token is then passed along in the Authorization header to all API requests. Follow the instructions below to learn how to do this.

Get and Use the Access Token

Step 1. Get the Access Token

To get an access token you need to make a POST request to https://login.bisnode.com/as/token.oauth2 using the following HTTP header: Content-Type: application/x-www-form-urlencoded and the following request body: grant_type=client_credentials&scope=credit_data_persons. The request must be authenticated using HTTP Basic authentication and your CLIENT_ID and CLIENT_SECRET.

Example in cURL

curl -X POST \
     -H "Content-Type: application/x-www-form-urlencoded" \
     -d 'grant_type=client_credentials&scope=credit_data_persons' \
     -u "$CLIENT_ID:$CLIENT_SECRET" \
     https://login.bisnode.com/as/token.oauth2

Example response

{
  "access_token": "eyJhb....seAtPCCQ",
  "token_type": "Bearer",
  "expires_in": 7199
}

Step 2. Use the Access Token

Supply your access token with all requests to the API using the HTTP Authorization header: Authorization: Bearer <your access token here> You should reuse the access token for multiple calls to the API. See the next section on recommended usage.

Example in cURL - search for company

curl -X POST \
     -H "Authorization: Bearer eyJhb...seAtPCCQ" \
     -H 'Content-Type: application/json' \
     -d '{"nationalIdentificationNumber": "234324234"}' \
     https://api.bisnode.com/credit-data-persons/v1/persons/dk

Reusing the Access Token

After you have fetched an access token you should save it and use it for subsequent calls to the API. There is no limit on the number of calls it can be used for, but it will expire after a certain time.

We recommend that you use the expires_in field to determine when to request a new access token. It specifies the number of seconds the token will be valid for. Because of possible delays in network communication as well as delays between checking the timestamp and transmitting the actual API request, it is a good idea to request a new token a few seconds before it is about to expire. This minimizes the risk of accidentally using an expired token.

The following pseudo code illustrates how to use the authentication endpoint together with the API.

function make_authorized_api_request():
    token = get_cached_access_token()
    if token == null or is_soon_to_be_expired(token):
        token = get_new_access_token()
        save_to_cache(token)
    make_api_call(token)


function get_new_access_token():
    token = get_token_from_auth_endpoint()
    token.expiration_timestamp = now().add_seconds(token.expires_in)
    return token


function is_soon_to_be_expired(token):
    # Add time margin to avoid token expiring during call
    if now().add_seconds(60) >= token.expiration_timestamp:
        return true
    return false