Getting your Verification Report
Fetch the account verification report and interpret the name-match affinity result.
Authorization
Use the access_token from step 2 and the id from step 1 (or flow_id from the callback) to fetch the report.
Fetch the report
GET https://api.finx-s.qwist.cloud/rest/account-verifications/{id}
Authorization: Bearer {access_token}
Response:
{
"id": "a9c2e4f8-1b3d-4e7a-9f2c-8d1e3b5a7c9e",
"provided": {
"name": "Maria Müller",
"iban": "DE89370400440532013000"
},
"matched": {
"name": "Maria Müller",
"affinity": "VERY_HIGH"
},
"account": {
"name": "Girokonto",
"type": "Giro account",
"owners": ["Maria Müller"],
"iban": "DE89370400440532013000",
"currency": "EUR"
}
}Understanding the affinity score
The affinity field indicates how closely the provided.name matches the best account holder name found at the bank.
| Affinity | Meaning | Example |
|---|---|---|
VERY_HIGH | Exact match (case-insensitive) | "Maria Müller" vs "Maria Müller" |
HIGH | Minor deviations only | "Müller, Maria" vs "Maria Müller" or "Hans Muller" vs "Hans Müller" |
MEDIUM | Partial similarity | "Maria Schmidt" vs "Maria Müller" |
LOW | No meaningful match | "Thomas Wagner" vs "Maria Müller" |
Recommended decision logic
VERY_HIGHorHIGH→ Accept as verified.MEDIUM→ Flag for manual review.LOW→ Reject or require alternative identification.
Using readout data
If you passed "ACCOUNTS" or "TRANSACTIONS" in the readout parameter during step 1, you can also fetch account and transaction data using the same access token via the standard /rest/accounts/ and /rest/transactions endpoints.
Error handling
The nrich API uses standard HTTP status codes and returns a structured error object in the response body.
Error response structure
{
"error": {
"code": 1000,
"group": "client",
"description": "Request body doesn't match input schema.",
"data": {
"redirect_uri": ["Not a valid URL."]
}
}
}| Field | Description |
|---|---|
code | nrich-specific numeric error code. |
group | Error category: client, user, bank, general, or connectivity. |
description | Short human-readable summary. |
data | Field-level validation details (on 400 errors). |
HTTP status codes
| Code | Meaning | What to do |
|---|---|---|
200 OK | Success. | Parse the response body. |
400 Bad Request | Invalid or missing parameters. | Check error.data for the specific field. |
401 Unauthorized | Token missing or expired. | Refresh using your refresh_token and retry. |
403 Forbidden | Valid token, insufficient scope. | Verify your credentials have the required scopes. |
404 Not Found | Resource not found or not yet created. | Confirm the ID is correct; some resources only exist after the user completes the flow. |
423 Resource Locked | Resource temporarily locked during migration. | Retry with exponential backoff (seconds → minutes). |
500 Internal Server Error | Unexpected server error. | Retry with backoff; contact support if it persists. |
Implement 423 retry logic
423can occur after system updates. Your application must handle it with incremental backoff - do not surface it directly to users.
Common nrich error codes
| Code | Group | Description |
|---|---|---|
1000 | client | Invalid request - check data for field details |
1002 | client | Entity not found |
1008 | client | Resource busy - implement retry with backoff |
10000 | user | Login credentials are invalid |
10001 | user | PIN is invalid |
10004 | user | TAN is invalid |
10007 | user | PIN change required at the bank |
20000 | bank | Processing at the bank not possible |
20003 | bank | Bank under maintenance |
30000 | general | Processing at nrich not possible |
30005 | general | Task has expired |
40000 | connectivity | Bank not supported |
