Company Check
Company Check Request
The Company Check API enables merchants and partners to verify a company’s identity and assess its creditworthiness in a secure and automated way. This process combines BankID authentication for identity verification with an integrated credit score check, ensuring that businesses can make informed decisions before extending credit or services.
This guide explains how to initiate a company check request, handle user redirection to the BankID flow, receive real-time credit score results via callbacks, and securely validate the data with checksum verification.
Use Cases
- B2B Onboarding: Verify new business customers before granting access or services.
- Credit Risk Assessment: Check a company’s financial standing before extending credit or invoicing.
- Regulatory Compliance: Meet KYC (Know Your Customer) and AML (Anti-Money Laundering) requirements.
- Fraud Prevention: Confirm the identity of companies to reduce risk of fraudulent accounts.
Step 1: Initiate Company Check
Use this endpoint to start a company verification process through BankID, followed by an automatic credit score check.
Endpoint
POST https://demo-api.frontpayment.no/api/v1/connect/company/check
Authentication
Include a Bearer Token in the Authorization header. You can obtain this token from Front Payment.
Example:
Authorization: Bearer YOUR_FRONTPAYMENT_BEARER_TOKEN
Request Payload
Send the following JSON object in the request body:
{
"companyId": 123879056,
"callback": {
"success": "https://your-success-url.com/",
"failure": "https://your-failure-url.com/",
"callbackUrl": "https://example.com/callback"
}
}
Validation Rules
Make sure your request meets the following requirements:
| Field | Type | Description |
|---|---|---|
companyId |
number |
Required The organization number of the company to be verified. |
callback |
array |
Required This field accepts an array of urls. |
callback.success |
url |
Required The URL we will redirect the user to after a successful BankID verification. |
callback.failure |
url |
Required The URL we will redirect the user to after a failed or cancelled BankID verification. |
callback.callbackUrl |
url |
Required To receive real-time notifications after bank id verification state changes, you must provide a callback url. This is an server-to-server HTTP GET request. |
Response
A successful request returns 201 Created:
{
"status_code": 201,
"status_message": "OK",
"message": "Company Check Request Created Successfully",
"is_data": false,
"data": {
"url": "https://auth.current.bankid.no/",
"companyCheckUuid": "COMCHK1755071611"
}
}
If the API returns a 510 error, it indicates a server-side failure:
{
"status_code": 510,
"status_message": "Execution Exception Occurred",
"message": "somethingWentWrong",
"is_error": true,
"errors": "Array"
}
Step 2: User Flow
- Redirect the user's browser to the
urlreceived in the response. - The user completes the BankID verification on a secure page.
Step 3: Credit Check & Redirection
- Once verification succeeds, Front Payment performs an automatic credit check.
- Browser is redirected to:
- Success URL: If verification and credit check pass.
- Failure URL: If verification fails or credit is denied.
Note: These redirects do not contain credit result data.
Step 4: Notifications via Callback URL
After the BankID verification and credit check, Front Payment sends a server-to-server GET request to your callbackUrl.
Callback URL Parameters
When we call your callback URL, the following query parameters will be included:
| Parameter | Type | Description |
|---|---|---|
companyCheckUuid |
string |
The UUID you received when initiating the call. |
companyId |
string |
The verified company’s ID. |
companyType |
string |
The type/category of the company. |
companyName |
string |
The legal name of the company. |
score |
number |
The company’s credit score. |
riskLevel |
string |
The risk level based on the credit score. |
scoreMessage |
string |
Message providing context about the credit score. |
defaultProbability |
number |
Probability of default based on credit assessment. |
personalNumber |
number |
Personal number retrieved from BankID. |
contactPersonName |
string |
Full name of the contact person from BankID. |
contactPersonEmail |
string |
Email address of the contact person from BankID. |
createdAt |
number |
Unix timestamp of when the company check was created. |
checksum |
string |
Security hashing string for validation. |
Example:
https://your-callback-url.com/callback?companyCheckUuid=COM1234&companyId=23451&companyType=Lorem&companyName=Lorem&score=650&createdAt=1755764131&checksum=abcdef123456...
Checksum Verification
To ensure the callback data is secure and untampered, verify the checksum provided. Front Payment generates it using:
hash('sha256', concatenatedParameters + secretKey)
Example Verification (PHP Conceptual):
$getParameters = $_GET;
$receivedChecksum = $getParameters['checksum'];
$secretKey = ''; // Provided by Front Payment
$concatenatedValues = '';
foreach($getParameters as $key => $value) {
if ($key == 'checksum') break;
$concatenatedValues .= $value;
}
$hashedKey = hash('sha256', $concatenatedValues . $secretKey);
if (!hash_equals($hashedKey, $receivedChecksum)) {
return "Checksum verification failed.";
}
return "Callback successfully processed.";
By verifying the checksum, you can confirm the integrity and authenticity of the callback data.
Company Information Check
The Company Information Check API allows merchants and partners to retrieve the verification history and details of a specific company. By querying a company’s ID, you can access data such as past verification attempts, credit scores, risk levels, and contact information verified via BankID. This enables better decision-making for credit risk assessment, compliance, and onboarding.
Use Cases
- Audit Trails: Review past verification events and maintain a log for compliance.
- Credit Assessment: Understand previous credit ratings and risk levels before extending services.
- Compliance Reporting: Meet KYC and AML requirements with verifiable data records.
- Troubleshooting: Investigate previously initiated checks for support and debugging.
Endpoint
GET https://demo-api.frontpayment.no/api/v1/connect/company/details/{company_id}
Replace {company_id} with the numeric identifier of the company.
Authentication
Include a Bearer Token in the Authorization header. You can obtain this token from Front Payment.
Example:
Authorization: Bearer YOUR_FRONTPAYMENT_BEARER_TOKEN
Response
A successful response returns 200 OK with the company’s verification history.
Example Response
{
"status_code": 200,
"status_message": "OK",
"message": "companyRecordRetriveSuccessfully",
"is_data": true,
"data": [
{
"companyCheckUuid": "COMCHK1754819969",
"companyId": "920058272",
"companyType": "BRL",
"companyName": "FLØTNINGEN PARK II BORETTSLAG",
"score": "856",
"riskLevel": "Low",
"scoreMessage": "Good Credit Rating",
"defaultProbability": "0.44",
"personalNumber": "28038712383",
"contactPersonName": "Georg Bøe",
"contactPersonEmail": "[email protected]",
"createdAt": 1754819969
}
]
}
Field Descriptions
| Parameter | Type | Description |
|---|---|---|
companyCheckUuid |
string |
The UUID you received when initiating the call. |
companyId |
string |
The verified company’s ID. |
companyType |
string |
The type/category of the company. |
companyName |
string |
The legal name of the company. |
score |
number |
The company’s credit score. |
riskLevel |
string |
The risk level based on the credit score. |
scoreMessage |
string |
Message providing context about the credit score. |
defaultProbability |
number |
Probability of default based on credit assessment. |
personalNumber |
number |
Personal number retrieved from BankID. |
contactPersonName |
string |
Full name of the contact person from BankID. |
contactPersonEmail |
string |
Email address of the contact person from BankID. |
createdAt |
number |
Unix timestamp of when the company check was created. |
Notes
- The response array may contain multiple records if the company has undergone multiple checks.
- Ensure secure handling of all personal and company data to maintain compliance with privacy laws.
- For questions or demo access, contact nafees.faraz@frontpayment.no.
Check Invoice Fee
The Check Invoice Fee endpoint lets you query the invoice-fee settings for a specific company. By supplying the company’s ID, you can retrieve the applicable B2B and B2C invoice fees along with their corresponding VAT rates.
This endpoint is typically used when calculating invoice fees for orders tied to a specific company or when applying different billing rules depending on whether the customer is a business (B2B) or a consumer (B2C).
You will find the endpoint URL, authentication requirements, a sample response, and definitions of each field below.
Endpoint
GET https://demo-api.frontpayment.no/api/v1/connect/company/invoice-fee/{company_id}
Replace {company_id} with the numeric identifier of the company.
Authentication
Include a Bearer Token in the Authorization header. You can obtain this token from Front Payment.
Example:
Authorization: Bearer YOUR_FRONTPAYMENT_BEARER_TOKEN
Response
A successful response returns 200 OK with the company’s verification history.
Example Response
{
"status_code": 200,
"status_message": "OK",
"message": "companyInvoiceFeeRetriveSuccessfully",
"is_data": true,
"data": [
"companyUuid": "ORG1754819969",
"companyId": "920058272",
"companyType": "BRL",
"companyName": "FLØTNINGEN PARK II BORETTSLAG",
"B2BInvoiceFee": 5,
"B2BVatRate": "2",
"B2CInvoiceFee": 3,
"B2CVatRate": "2"
]
}
Field Descriptions
| Parameter | Type | Description |
|---|---|---|
companyUuid |
string |
Our Database unique UUID. |
companyId |
string |
The verified company’s ID. |
companyType |
string |
The type/category of the company. |
companyName |
string |
The legal name of the company. |
B2BInvoiceFee |
number |
The company’s B2B invoice fee. |
B2BVatRate |
string |
The company's B2B vat rate. |
B2CInvoiceFee |
number |
The company’s B2C invoice fee. |
B2CVatRate |
string |
The company's B2C vat rate. |