This documentation explains how to authenticate your integration user using CONNECT Authenticate and how the provided token is utilized in service calls to Creditsafe Sweden REST APIs.
The Integration team is available to assist with any technical questions that may arise during development or post-launch. You can reach them at integration@creditsafe.se
We reserve the right to add new information, tags, or attributes to the service at any time without prior notice. However, we will not remove any existing elements without notifying you in advance. Please note that we do not guarantee the JSON response will be delivered in the same order for all requests.
Before using any of the APIs available for Sweden business data, there are a few important things to understand and confirm:
- Always ensure that you have read the development manual for the service you plan to use
- It will provide essential guidance on how to build the integration
- Contact integration support if you need clarification on any requirements
This documentation covers how to use CONNECT Authenticate specifically for making calls to local Swedish REST APIs. Below is the complete list of Creditsafe Swedish REST APIs that require a token from CONNECT Authenticate:
- GetDataUnits
- DateCheck Consumer
- DateCheck Company
- GetSignatory v2
- GetData
- SPAR Consumer search v2
For authentication to other Creditsafe web services not listed above, please refer to the specific development manual for those services.
If you plan to build integrations using other methods of the CONNECT service, you will need a specific Creditsafe CONNECT account. A Creditsafe sales manager or the Creditsafe integration support team can assist you with setting this up if needed.
An authentication token can be obtained by calling the Authenticate endpoint with your username and password in the request body. The username parameter is the User Key provided to you by Creditsafe.
The email-based usernames used for logging into Creditsafe websites are not the same as the username required for our APIs. If you're unsure of your User Key, please contact Creditsafe integration support for assistance.
The Authenticate endpoint generates a Bearer JWT (authentication token), which is necessary to access the SE web services listed earlier in this document.
- A successfully generated token is valid for one hour
- Copy the value of the
tokenfield from the JSON response - Include it as a REST header in all service calls:
Authorization: Bearer {token} - When your token expires, you can request a new one independently of the current token
- Multiple valid tokens can exist simultaneously
- Each token can be used with any of the supported services as long as it remains active
When an expired token is used in a call, a 403 HTTP Status (Token Expired) response will be returned. We recommend using one of the following strategies to refresh tokens:
Strategy 1: Reactive Refresh
- Catch the 403 Token Expired response and refresh the token when needed
- Once refreshed, repeat the latest call that was denied
Strategy 2: Proactive Refresh
- Track the timing of when the token was fetched
- Request a new token before the previous one expires
- This should be done approximately 55 minutes after the previous token was generated
- Generating new tokens too frequently can degrade overall performance
- Review the Sandbox Environment section to set up your development environment
- Check Requests and Responses for detailed API usage and examples
- Refer to Error Codes for troubleshooting common issues
- Review Token Metadata to understand the JWT token structure