The Bisnode RiskGuardian Credit Information Person API contains individuals’ risk and credit information. The available data varies between countries due to local legislation and data sources. This data can help you do more reliable business when financial assessments of private individuals are necessary.

At the moment, Danish data is available but shortly we will add Swedish, Finnish and Norwegian data.



 To use the Credit Information B2C REST API - v1, you need a client ID and a secret. Bisnode uses OAuth2 for authentication. More information here.


 Get started

You'll need 3 things to get started.

  • Bisnode ID (contact api-support@bisnode.com for one if you don't have it yet)
  • Sandbox API Key (you need to be logged in with your Bisnode ID to get it)
  • Subscribe to the API (you need to be logged in with your Bisnode ID to subscribe)


Key Features


Person data available through an API

Provides you with high quality risk and credit data.

  • High quality credit information for profitable decisions
  • Avoid credit losses by doing business with the right customers
  • Get stable customers that you know can pay on time
  • Get new insights by combining your own customer data with Bisnode consumer data


Refer to Docs for more details

Ready to start?

Get API Key


How to use the API


This guide is intended to help you get going with your integration against the Bisnode Credit Information B2C API. It serves as a complement to the  Endpoint Reference  and aims to bring a high level understanding of the key concepts of the platform. 

For questions and support, please contact Bisnode at api-bisnode@bisnode.com


Search Denmark

Consumer search lets you search for a person by entering the national identification number (CPR-number) or name and date of birth. The response contains name, address, date of birth and “personId”.

Credit information Denmark

If you already have done a consumer search, you have retrieved a “personId”. Please use the personId as input, and not the CPR-number.

If you like to do verification and credit check in the same request and know the person’s CPR-number (“nationalIdentificationNumber”), you can use that as an input.



Changes and versioning

API version is provided in the base of the requested URL in the form of "v1", "v2" etc. Only major version numbers are used.

API versions are raised only on breaking (i.e. backwards incompatible) changes in the API. Fields may be added but will never be removed during an API version lifecycle. When developing your application, take care to ensure that your application is able to handle additional fields.


How to test

Test data available in sandbox:


Country National Identification Number First name Last name c/o name Address Postal code Town Payment remark Status Payment remarks
DK 0101851001 Hans Hansen   Boulevarden 12 6800 Varde yes Active 3
DK 0506941008 Susan Holm Svensson   Boulevarden 101 A 1 0002 6800 Varde yes Active 1
DK 0712614382 Karin Henriksen   Industrivænget 2 st th 9000 Aalborg yes Active 1
DK 0707614285 Jens  Mortensen   Boulevarden 101 1 mf 6800 Varde no Active (guardian) 0
DK 1312814362 Janne  Mortensen   Industrivænget 2 st tv 9000 Aalborg yes Active 1
DK 0705614857 Tage Olsen Larsen Boulevarden 14 6800 Varde yes Active 1
DK 0709614290 Grethe Roland   Industrivænget 10 st tv 9000 Aalborg no Active 0
DK 0709614096 Bettina Christiansen   Svinget 17 9000 Aalborg no Active 0
DK 0708614815             n/a Name- and address protected 0
DK 0702614074 Tove Andreasen         n/a The person is missing (70) 0
DK 0301811004 Erik Jensen         n/a Person has left the country (80) 0
DK 0703614116 Jytte Henningsen         n/a Person is deceased (90) 0
DK 0308811018 Pia Hansen         n/a Without permanent address in Denmark (03) 0
DK 0707614293 Lars Henriksen   Svinget 50 9000 Aalborg yes IdentityStop 1
DK 0701614046 Hanne Frederikke Sofie Larsen   Boulevarden 14 6800 Varde no IdentityStop 0
DK 1301814026 Karina Larsen   Boulevarden 14 6800 Varde yes IdentityStop 2
DK 0709614401 Ove Brammer   Pr Caroline Amlg 2 9000 Aalborg no IdentityStop 0




Authentication using OAuth2

Bisnode's newest APIs use OAuth2 for authentication. For all API requests, you need to supply an access token in order to authenticate yourself. To obtain such an access token you need to submit your CLIENT_ID and CLIENT_SECRET to Bisnode's authentication endpoint at https://login.bisnode.com/as/token.oauth2. The access token is then passed along in the Authorization header to all API requests. Follow the instructions below to learn how to do this.


Get and Use the Access Token

Step 1. Get the Access Token

To get an access token you need to make a POST request to https://login.bisnode.com/as/token.oauth2 using the following HTTP header: Content-Type: application/x-www-form-urlencoded and the following request body: grant_type=client_credentials&scope=credit_data_persons. The request must be authenticated using HTTP Basic authentication and your CLIENT_ID and CLIENT_SECRET.

Example in cURL
curl -X POST \
     -H "Content-Type: application/x-www-form-urlencoded" \
     -d 'grant_type=client_credentials&scope=credit_data_persons' \
Example response
  "access_token": "eyJhb....seAtPCCQ",
  "token_type": "Bearer",
  "expires_in": 7199
Step 2. Use the Access Token

Supply your access token with all requests to the API using the HTTP Authorization header: Authorization: Bearer <your access token here> You should reuse the access token for multiple calls to the API. See the next section on recommended usage.

Example in cURL - search for company
curl -X POST \
     -H "Authorization: Bearer eyJhb...seAtPCCQ" \
-H 'Content-Type: application/json' \
-d '{"nationalIdentificationNumber": "234324234"}' \ https://api.bisnode.com/credit-data-persons/v1/persons/dk

Reusing the Access Token

After you have fetched an access token you should save it and use it for subsequent calls to the API. There is no limit on the number of calls it can be used for, but it will expire after a certain time.

We recommend that you use the expires_in field to determine when to request a new access token. It specifies the number of seconds the token will be valid for. Because of possible delays in network communication as well as delays between checking the timestamp and transmitting the actual API request, it is a good idea to request a new token a few seconds before it is about to expire. This minimizes the risk of accidentally using an expired token.

The following pseudo code illustrates how to use the authentication endpoint together with the API.

function make_authorized_api_request():
    token = get_cached_access_token()
    if token == null or is_soon_to_be_expired(token):
        token = get_new_access_token()

function get_new_access_token():
    token = get_token_from_auth_endpoint()
    token.expiration_timestamp = now().add_seconds(token.expires_in)
    return token

function is_soon_to_be_expired(token):
    # Add time margin to avoid token expiring during call
    if now().add_seconds(60) >= token.expiration_timestamp:
        return true
    return false


API Console

Production Endpoints

Production URLs:

Sandbox Endpoints

Sandbox URLs:

Get Access

Please find the complete reference of the API below. In future releases it will also be possible to try the API out directly from your browser.