Enduring Identity Verification
Learn how to access identity information from an enduring access flow.
Before being able to access a user's identity information, they must go through our OAuth 2 Flow (unless you are using a Personal App, in which case you will be retrieving your own information). This will give you the user access token that you will need to call the endpoints below.
This guide assumes you are retrieving account information from a bank provider - some data may not be present for non-bank providers.
Party Data
Party data is aggregated across all of a user's connected accounts, and consists of data that is specific to the user who logged in, rather than any one account. This data is suitable for most identity verification needs (name, address, date of birth).
By making a GET request to the https://api.akahu.io/v1/parties endpoint with the required authorisation, you will receive the user's party data.
Account-Specific Data
Account-specific data is information specific to a single account and it's holder(s). This can be used to show that a given person owns a bank account.
By making a GET request to the https://api.akahu.io/v1/accounts endpoint with the required authorisation, you will receive the user's account data.
For the purposes of identification, the main account attributes you should be looking at here are account.formatted_account (the formatted NZ bank account number), and account.meta.holder (the name of the legal account holder, as presented by the bank).
You may also notice account.meta.address, which is the address that the account is registered to. We recommend that you don't use this as it is not reliable across banks (in particular, ASB does not provide this field), and instead use addresses from the /party endpoint.
For more details about the exact format of account data you can see our Account Model reference.
Updated about 2 years ago