Skip to main content

Response examples and parameters

You use iDIN to verify the end-user's identity and obtain relevant personal details about them. This page shows examples of response data with property description per supported protocol.

Scopes and claims mapping

ScopeOIDC claimExampleDescription
idp-ididp_idNLRABOtestdata8de...The Bank Identification Number (BIN). BIN is service provider-specific persistent identifier of a user and can be used to re-authenticate the user. BIN consists of two parts:
  • Prefix: two-letter country code of the issuing Bank (ISO 3166-1) followed by four-letter (alphabetic) bank identifier (ISO 9362)
  • Bank specific identifier: must be transportable as a string of max 1020 chars
gendergender1Biological sex of user. Allowed values:
  • 0(= unknown).
  • 1 (= male).
  • 2 (= female).
  • 9 (= not specified)
profilenameConcatenated full name of the user. Custom format: <initials> <family_name>
profilefamily_namede VriesLast name of user with prefixes.
idin-nameidin_preferred_last_nameVries-JansenLast name as preferred by user without prefixes.
idin-nameidin_legal_last_nameVriesLegal last name of user without prefixes. Maximum of 200 characters without numbers.
idin-nameidin_partner_last_nameJansenLast name of user's registered partner.
idin-nameidin_legal_last_name_prefixdePrefix of user's legal last name (i.e. "Tussenvoegsel" in Dutch).
idin-nameidin_preferred_last_name_prefixdePrefix of user's preferred last name.
idin-nameidin_partner_last_name_prefixdePrefix of partner's last name.
idin-nameinitialsVJInitials, defined as the first letter of each of the user's first names. Maximum of 24 capitalized letters.
date-of-birthbirthdate19750725Date of birth. Format is YYYYMMDD in NEN-ISO 8601.
eighteen-or-oldereighteen_or_oldertrueBoolean field to determine whether user is 18 years old or older.
"formatted": "Pascalstreet 19, 0000AA, Maastricht, NL",
"street_address": "Pascalstreet 19",
"locality": "Maastricht",
"postal_code": "0000AA",
"country": "NL"
Residential address of user.
formatted value is a field obtained concatenating multiple attributes. See the same field in the Authentication REST API tab for details.
phonephone_number+31203051900Phone number (mobile or landline) of user.
emailemailinfo@equensworldline.nlEmail address of user.

iDIN does not have a firstName attribute.

Age verification

The scopes date-of-birth and eighteen-or-older are mutually exclusive. Choose either of them when sending a request.

Response example

This section shows a response example for the UserInfo endpoint.

Scopes: openid,profile,idp-id,email,address,phone,gender,date-of-birth,idin-name.


"idp_id": "NLRABOtestdata8de3695d048d9da76b7c09d5a800b51897441e8ae3210731a058e",
"name": "VJ de Vries",
"family_name": "de Vries",
"gender": "1",
"birthdate": "19750725",
"email": "",
"formatted": "Pascalstreet 19, 0000AA, Maastricht, NL",
"street_address": "Pascalstreet 19",
"locality": "Maastricht",
"postal_code": "0000AA",
"country": "NL"
"phone_number": "+31203051900",
"idin_legal_last_name": "Vries",
"idin_legal_last_name_prefix": "de",
"idin_preferred_last_name": "Vries-Jansen",
"idin_partner_last_name": "Jansen",
"idin_preferred_last_name_prefix": "de",
"idin_partner_last_name_prefix": "de",
"initials": "VJ",
"sub": "VsQFCIOdsM-brFXDGQhMyMfnlkQyeb8pNfkxq6VFppY=",
"idp_issuer": "idin"

IdP discovery

When authenticating end-users with iDIN, you can restrict which providers/banks to include in the authentication process. You can achieve this with additional parameters that vary depending on the authentication protocol of your integration.

You can view the list of iDIN issuers active in your Signicat account at https://<YOUR_ACCOUNT_DOMAIN>.com/broker/authn/idin/issuers, where <YOUR_ACCOUNT_DOMAIN> is the domain you registered in the Dashboard Domain management.

Example with OIDC

With OIDC, you specify which iDIN issuer to show with the idin_idp parameter in the ACR values. For example, to only display Currence Issuer, pass the following query parameter in your authorization request:


Learn more about IdP discovery (provider) functionality in the respective protocol documentation: