Multi-Bureau Fetch
POST
/api/v1/services/multi-bureau/fetch
Multi-Bureau Credit Report Fetch
Description
Key Benefits
Use Cases
Lending & NBFCs
Fintech & Neo-Banks
Insurance & Verification
Technical Implementation
Authentication
All requests to the Finpass API must be authenticated using a combination of X-API-Key and X-API-Secret headers. These credentials are environment-specific and must not be mixed across sandbox and production.Obtain API Credentials: Register on the Finpass platform to receive your Include in Every Request: Pass both headers with every API call as shown below. Keep Credentials Secure: Never expose your Different credentials are issued per environment: Sandbox: Used for testing and integration; no real bureau data is returned. Production:
1.
X-API-Key and X-API-Secret.2.
3.
X-API-Secret in client-side code, logs, or version control.https://api.finpass.ai — returns live bureau data; requires production credentials.Authentication Headers
| Header | Required | Description |
|---|---|---|
X-API-Key | Yes | Your unique Finpass API key for identifying the calling application. |
X-API-Secret | Yes | Your secret credential used alongside the API key for request authentication. |
Content-Type | Yes | Must be set to application/json for all requests. |
Request Parameters
Request Headers
| Header | Required | Description |
|---|---|---|
X-API-Key | Yes | Finpass-issued API key for the calling application. |
X-API-Secret | Yes | Finpass-issued secret paired with the API key. |
Content-Type | Yes | Set to application/json. |
Request Body
| Parameter | Type | Required | Description |
|---|---|---|---|
pan | string | Yes | The Permanent Account Number (PAN) of the individual whose credit report is being fetched. Must be a valid 10-character alphanumeric PAN (e.g., HDFPK7601L). |
name | string | Yes | Full legal name of the individual as it appears on official documents. Used for identity matching at the bureau. |
mobile_number | string | Yes | 10-digit mobile number of the individual (without country code). Used for identity verification and bureau matching. |
consent | string | Yes | Explicit user consent flag. Must be "Y" to indicate the individual has consented to their credit data being pulled. Requests with "N" will be rejected. |
gender | string | Yes | Gender of the individual. Accepted values: "male", "female". Required by certain bureaus for identity matching. |
bureaus | array | Yes | List of bureaus from which credit data should be fetched. Accepted values: "equifax", "experian", "cibil", "crif". At least one bureau must be specified. |
Example Request
{
"pan": "HDFPK7601L",
"name": "Ashok Kumar",
"mobile_number": "9876543210",
"consent": "Y",
"gender": "male",
"bureaus": [
"equifax",
"experian",
"cibil",
"crif"
]
}Process Response
Response Parameters
| Parameter | Type | Description |
|---|---|---|
status | string | Overall status of the API request. "success" indicates data was retrieved; "error" indicates a failure. |
status_code | integer | HTTP-compatible status code for the response (e.g., 200, 400, 401, 500). |
message | string | Human-readable message describing the outcome of the request. |
data | object | Root data object containing bureau-specific credit report results. |
data.equifax | object | Credit report data returned by Equifax (present only if "equifax" was included in the request). |
data.experian | object | Credit report data returned by Experian (present only if "experian" was included in the request). |
data.cibil | object | Credit report data returned by CIBIL (present only if "cibil" was included in the request). |
data.crif | object | Credit report data returned by CRIF High Mark (present only if "crif" was included in the request). |
data.equifax.score | integer | Credit score as reported by Equifax. |
data.equifax.report | object | Detailed credit report object from Equifax, including accounts, inquiries, and payment history. |
data.experian.score | integer | Credit score as reported by Experian. |
data.experian.report | object | Detailed credit report object from Experian, including accounts, inquiries, and payment history. |
data.cibil.score | integer | Credit score as reported by CIBIL (TransUnion). |
data.cibil.report | object | Detailed credit report object from CIBIL, including accounts, inquiries, and payment history. |
data.crif.score | integer | Credit score as reported by CRIF High Mark. |
data.crif.report | object | Detailed credit report object from CRIF High Mark, including accounts, inquiries, and payment history. |
request_id | string | Unique identifier for the API request. Use this for debugging and support escalations. |
timestamp | string | ISO 8601 timestamp indicating when the response was generated. |
Example Successful Response
{
"status": "success",
"status_code": 200,
"message": "Credit reports fetched successfully.",
"request_id": "fp_req_9a3f72bc1e4d",
"timestamp": "2024-11-15T10:32:45Z",
"data": {
"equifax": {
"score": 748,
"report": {
"name": "Ashok Kumar",
"pan": "HDFPK7601L",
"accounts": [],
"inquiries": [],
"payment_history": []
}
},
"experian": {
"score": 731,
"report": {
"name": "Ashok Kumar",
"pan": "HDFPK7601L",
"accounts": [],
"inquiries": [],
"payment_history": []
}
},
"cibil": {
"score": 762,
"report": {
"name": "Ashok Kumar",
"pan": "HDFPK7601L",
"accounts": [],
"inquiries": [],
"payment_history": []
}
},
"crif": {
"score": 719,
"report": {
"name": "Ashok Kumar",
"pan": "HDFPK7601L",
"accounts": [],
"inquiries": [],
"payment_history": []
}
}
}
}Possible Error Responses
400 Bad Request
401 Unauthorized
422 Unprocessable Entity
500 Internal Server Error
{
"status": "error",
"status_code": 400,
"message": "Invalid request payload. 'consent' must be 'Y' to proceed.",
"request_id": "fp_req_7b2c91ae5d3f"
}"Y", invalid PAN format, or no bureaus specified).Integration Best Practices
Security Recommendations
X-API-Key and X-API-Secret must only be used server-side. Never embed them in mobile apps, browser JavaScript, or public repositories.X-API-Key / X-API-Secret pairs for sandbox and production environments to prevent accidental live data access during testing.request_id values for every API call to enable rapid debugging and audit trail maintenance.User Experience Guidelines
500-level errors. Do not retry 400 or 401 errors without resolving the underlying issue.Code Samples
cURL
Python
Node.js
Java
Related APIs
Compliance and Legal Considerations
consent field must always be "Y", and the platform must maintain a verifiable consent audit trail including timestamp, consent text version, and user identification.Request
Header Params
Body Params application/jsonRequired
Responses
Request Request Example
Shell
JavaScript
Java
Swift
curl --location --request POST 'https://api.finpass.ai/api/v1/services/multi-bureau/fetch' \
--header 'X-API-Key: LG8zVXK1MZv1jP6i4l6QZQ2nD9kLTvFWipV_anPvacE,M5RwMtvbYGqAGZpG8d223xkEq1298kjcGGpJ7s7_' \
--header 'X-API-Secret: M5RwMtvbYGqAGZpG8d223xkEq1298kjcGGpJ7s7_' \
--header 'Content-Type: application/json' \
--data-raw '{
"pan": "FPVPR1234W",
"name": "Priya Yadav",
"mobile_number": "7023579104",
"consent": "Y",
"gender": "male",
"bureaus": [
"experian",
"equifax",
"cibil",
"crif"
]
}'Response Response Example
{
"doc_id": "mbureau_69ae8e48_a31e0a6bc31f2a32156a71fb",
"pan": "ABCDE1234F",
"results": {
"equifax": {
"success": true,
"message": "equifax report fetched successfully",
"credit_report_link": "",
"data": {
"client_id": "credit_report_v2_SAMPLE12345",
"pan": null,
"id_number": "ABCDE1234F",
"id_type": "pan",
"mobile": "9000000000",
"gender": "male",
"name": "Rahul Sharma",
"credit_score": "785",
"credit_report": {
"InquiryResponseHeader": {
"ClientID": "CLIENT12345",
"CustRefField": "REF10001",
"ReportOrderNO": "24830000001",
"ProductCode": [
"IDCR"
],
"SuccessCode": "1",
"Date": "2026-03-01",
"Time": "12:30:10"
},
"InquiryRequestInfo": {
"InquiryPurpose": "00",
"TransactionAmount": "0",
"FirstName": "Rahul",
"InquiryAddresses": [
{
"seq": "1",
"AddressType": [
"H"
],
"AddressLine1": "Sample Street 21",
"City": "Mumbai",
"State": "MH",
"Postal": "400001"
}
],
"InquiryPhones": [
{
"seq": "1",
"PhoneType": [
"M"
],
"Number": "9000000000"
}
],
"DOB": "1995-06-15",
"Gender": "M"
},
"CCRResponse": {
"Status": "1",
"CIRReportDataLst": [
{
"CIRReportData": {
"IDAndContactInfo": {
"PersonalInfo": {
"Name": {
"FullName": "RAHUL SHARMA",
"FirstName": "RAHUL",
"MiddleName": ""
},
"DateOfBirth": "1995-06-15",
"Gender": "Male",
"Age": {
"Age": "30"
}
},
"IdentityInfo": {
"PANId": [
{
"seq": "1",
"ReportedDate": "2025-01-01",
"IdNumber": "ABCDE1234F"
}
]
}
},
"RetailAccountDetails": [
{
"seq": "1",
"AccountNumber": "XXXXXX1234",
"Institution": "HDFC BANK",
"AccountType": "Credit Card",
"OwnershipType": "Individual",
"Balance": "1200",
"PastDueAmount": "0",
"Open": "Yes",
"HighCredit": "25000",
"LastPaymentDate": "2026-02-10",
"DateReported": "2026-02-28",
"DateOpened": "2023-04-10",
"CreditLimit": "100000",
"AccountStatus": "Current Account"
}
],
"RetailAccountsSummary": {
"NoOfAccounts": "1",
"NoOfActiveAccounts": "1",
"NoOfWriteOffs": "0",
"TotalPastDue": "0",
"TotalCreditLimit": "100000",
"TotalBalanceAmount": "1200"
},
"ScoreDetails": [
{
"Type": "ERS",
"Version": "4.0",
"Name": "ERS4.0",
"Value": "785",
"ScoringElements": [
{
"type": "RES",
"code": "703",
"Description": "Total Utilization"
}
]
}
],
"EnquirySummary": {
"Purpose": "ALL",
"Total": "1",
"Past30Days": "0",
"Past12Months": "1"
}
}
}
]
}
}
}
},
"experian": {
"success": true,
"message": "experian report fetched successfully",
"credit_report_link": "https://example.com/sample-credit-report.pdf",
"data": {
"client_id": "credit_report_experian_SAMPLE",
"name": "Rahul Sharma",
"mobile": "9000000000",
"pan": "ABCDE1234F",
"credit_score": "790",
"credit_report": {
"CreditProfileHeader": {
"ReportDate": 20260301,
"ReportTime": 123000,
"Version": "V2.4",
"ReportNumber": 123456789
},
"CAIS_Account": {
"CAIS_Summary": {
"Credit_Account": {
"CreditAccountTotal": "1",
"CreditAccountActive": "1",
"CreditAccountDefault": "0",
"CreditAccountClosed": "0"
},
"Total_Outstanding_Balance": {
"Outstanding_Balance_All": "1200"
}
}
}
}
}
}
},
"message": "Multi bureau fetch completed",
"status_code": 200,
"success": true
}