Introduction¶
The CrediCONNECT Rest API replaces the previous CrediCONNECT SOAP interface. The previous generation of the CrediCONNECT interface (web service) will not be further developed but will remain in operation for existing system customers. The web service is scheduled to be decommissioned at the end of 2027.
Scope / Non-objectives¶
This functional/technical specification describes the various business cases that can be handled with the API and also contains examples of queries and responses to assist developers with implementation.
However, this specification does not address the issue of data protection. Compliance with data protection regulations is the responsibility of the user of the interface. The use of Creditreform's services is governed by the current contractual agreements and general terms and conditions.
Furthermore, no recommendations are made for the use of the various services, nor are any statements made on commercial issues such as prices, etc. The products and services are explained and prices are set by the responsible customer advisors at the district offices.
Business cases¶
Click here for a description of the business cases.
The overview of resources also lists the functions of the interface with the associated resources.
Authentication and Login¶
Authentication for the CrediCONNECT API is based on OAuth 2.0. OAuth 2.0 is a standardized authorization framework that enables secure and controlled access to protected resources.
Access to the API requires that the client or application is registered and approved in Creditreform’s Identity Provider (IdP) in advance. During this registration process, the necessary credentials and the assigned permissions (scopes) are defined and granted.
To access the API, the client must obtain an access token from the authorization server (IdP). This token must be included in every API request using the HTTP header:
The access token is valid for a limited period of time and contains the permissions assigned to the client. Requests without a valid token will be rejected.
All communication is performed exclusively over HTTPS to ensure confidentiality and integrity of the transmitted data.
To gain access, please contact your customer consultant.
Versioning¶
| Version of Rest API | History | Version of specification | Change |
|---|---|---|---|
| 3.0.4 | Creation of the API and the specification |
3.1 | 02-2026 |