Person resource

Introduction

Three variants of the resource is available, where the first and second requires that the individual is first identified with BankID at the highest level of assurance.

Identifying the individual via the BankID IDP in the OIDC Provider from BankID
Identifying the individual via data embedded in a BankID SDO that is the result of an individual signing a document with BankID in the legacy way via BankID Server.
Assessment of individuals (based on query parameters) without any associated identification with BankID

The first variant is associated with a regular end-user OIDC Flows whereas the second and third variant uses the Client Credential Flow.

An advantage of using variant 1 and 2, where the end user is identified using BankID, is that the response from the AML service will be enriched with information about that strongly confirmed identity.

API documentation

See the Person API documentation for further details about the API.

See also the Person API expands overview.

Note that the old legacy Person API is still available in a deprecated stage until all existing customers have finished migration to the new API.

How to query the resource

Specify the individual

There are multiple methods for how to specify the individual to query information about.

Method	Description
BankID OIDC authenticated individual	The name and ssn is fetched from the session associated to the access token in the request
BankID signature of individual	The name and ssn is picked from the BankID SDO that is included as a request parameter
Query parameters about name and ssn	The following query parameters must be included firstName lastName ssn countryOfSsn
Query parameters about name and birthdate	The following query parameters must be included firstName lastName dateOfBirth Note that the Norwegian national registry source is not supported by this variant because ssn is a required input parameter against that source

Using the "expand" parameter

By default, only a basic minor dataset with a few key information elements is returned. To select more data, the expand parameter must be provided in the request. Se Person API expand parameter documentation.

Example

/person?expands=address.postal,aml

request postal address and aml search result

Scopes

The scope aml_person/basic is a general requirement for the resource.

In addition, the scope aml_person/NO_NATIONAL_REGISTRY is required in order to receive information from the Norwegian national registry source, and the scope aml_person/OFAC is required in order to trigger AML search against The Office of Foreign Assets Control (OFAC) sanction list.

The "matchMode" parameter

Read more about "Exact mode or Fuzzy mode" in the product literature.

Response elements

The following dataset is offered:

Information	JSON path	Details	Source
Key information	keyInformation	Personal data about the individual under assessment.	Norwegian National Registry
BankID Identity	identity	Name, common name, and ssn of the individuals BankID certificate	BankID
Postal Address	address.postal	Address form Postal registry	Posten
National Address	address.national	Address from national registries	Norwegian National Registry
Historic Address	address.historic	List of historic addresses	Norwegian National Registry
Number of residents	address.postal.numberOfResidents address.national.numberOfResidents	Type of housing, and number of residents on the given address.	Property register
AML	aml	Lists of possible PEP and Sanction results for the individual.	EU commission UN Security council Trapets OFAC
PDF report	links.reports	Link to a signed PDF report containing the complete result set.

Empty nodes

Note that if a particular response element is requested (typically through expand parameter), but no information could be found in the source, and empty JSON node is returned to dictate that a search has been done.

Test data

Example test persons have been prepared in the test environment (Current).

LATEST CURRENT (OIDC)