Contents
Introduction
Three variants of the resource is available, where the first and second requires that the individual is first identified with BankID at the highest level of assurance.
- Identifying the individual via the BankID IDP in the OIDC Provider from BankID
- Identifying the individual via data embedded in a BankID SDO that is the result of an individual signing a document with BankID in the legacy way via BankID Server.
- Assessment of individuals (based on query parameters) without any associated identification with BankID
The first variant is associated with a regular end-user OIDC Flows whereas the second and third variant uses the Client Credential Flow.
An advantage of using variant 1 and 2, where the end user is identified using BankID, is that the response from the AML service will be enriched with information about that strongly confirmed identity.
API documentation
See the Person API documentation for further details about the API.
See also the Person API expands overview.
Note that the old legacy Person API is still available in a deprecated stage until all existing customers have finished migration to the new API.
How to query the resource
Specify the individual
There are multiple methods for how to specify the individual to query information about.
| Method | Description |
|---|---|
| BankID OIDC authenticated individual | The name and ssn is fetched from the session associated to the access token in the request |
| BankID signature of individual | The name and ssn is picked from the BankID SDO that is included as a request parameter |
| Query parameters about name and ssn | The following query parameters must be included
|
| Query parameters about name and birthdate | The following query parameters must be included
Note that the Norwegian national registry source is not supported by this variant because ssn is a required input parameter against that source |
Using the "expand" parameter
By default, only a basic minor dataset with a few key information elements is returned. To select more data, the expand parameter must be provided in the request. Se Person API expand parameter documentation.
Example
/person?expands=address.postal,aml | request postal address and aml search result |
Scopes
The scope aml_person/basic is a general requirement for the resource.
In addition, the scope aml_person/NO_NATIONAL_REGISTRY is required in order to receive information from the Norwegian national registry source, and the scope aml_person/OFAC is required in order to trigger AML search against The Office of Foreign Assets Control (OFAC) sanction list.
See also Scopes and Claims.
The "matchMode" parameter
Read more about "Exact mode or Fuzzy mode" in the product literature.
Response elements
The following dataset is offered:
| Information | JSON path | Details | Source |
|---|---|---|---|
| Key information | keyInformation | Personal data about the individual under assessment. | Norwegian National Registry |
| BankID Identity | identity | Name, common name, and ssn of the individuals BankID certificate | BankID |
| Postal Address | address.postal | Address form Postal registry | Posten |
| National Address | address.national | Address from national registries | Norwegian National Registry |
| Historic Address | address.historic | List of historic addresses | Norwegian National Registry |
| Number of residents | address.postal.numberOfResidents address.national.numberOfResidents | Type of housing, and number of residents on the given address. | Property register |
| AML | aml | Lists of possible PEP and Sanction results for the individual. | EU commission UN Security council Trapets OFAC |
| PDF report | links.reports | Link to a signed PDF report containing the complete result set. |
Empty nodes
Note that if a particular response element is requested (typically through expand parameter), but no information could be found in the source, and empty JSON node is returned to dictate that a search has been done.
Test data
Example test persons have been prepared in the test environment (Current).