Identity Records

Look Up Identity Records

Returns Identity Records matching the supplied lookup parameters. Used by a Data User to locate an existing record for a returning customer before initiating re-identification.

At least one of mpxn or email must be supplied. Supplying both narrows results to records where both values match.

Results are scoped to the authenticated Data User — a Data User cannot look up records created by another Data User.

Note on email lookup: The register stores a one-way hash of the email address for lookup purposes. The plaintext email is never returned in responses. A match confirms a record exists for that address; the Data User should already hold the email in their own system.

GET

identity-records

Look Up Identity Records

curl --request GET \
  --url https://api.central.consent/v1/identity-records \
  --header 'Authorization: Bearer <token>'

{
  "response": {
    "resource": "/v1/identity-records?mpxn=1234567890123",
    "timestamp": "2026-03-24T09:00:00Z",
    "transaction-id": "tid_abc123def456abc123def456"
  },
  "identity-records": [
    {
      "ir": "ir_a3c5e7f9b1d3a3c5e7f9b1d3",
      "created-at": "2024-01-15T09:30:00Z",
      "pii-principal": {
        "mpxn": "1234567890123",
        "move-in-date": "2022-06-30"
      },
      "expressed-by": "data-subject",
      "has-email": true,
      "credentials": [
        {
          "credential-id": "cred_1a2b3c4d5e6f1a2b3c4d5e6f",
          "registered-at": "2024-01-15T09:35:00Z"
        }
      ]
    }
  ]
}

Authorizations

Authorization

string

header

required

JWT from GET /auth/token. Pass as Authorization: Bearer <token>. Expires after 7200s.

Query Parameters

mpxn

string

Filter by meter point identifier. Meter Point Administration Number (MPAN) or Meter Point Reference Number (MPRN).

Pattern: ^(?:[0-9A-HJ-NPR-Z]{2}[0-9]{8,10}|[0-9]{10})$

Example:

"1234567890123"

string<email>

Filter by customer email address. Matched against a stored hash — the plaintext is not retained in results.

Response

Matching identity records returned.

response

object

required

Show child attributes

identity-records

object[]

required

Show child attributes

Last modified on March 25, 2026

Create an Identity RecordCreates an Identity Record holding the person-property relationship for a consent or access registration. Returns an `ir` key that must be supplied as `record-metadata.identity-record-ref` when creating the linked AccessRecord. The Identity Record holds: - `pii-principal` — MPxN, move-in date, and optionally address. - `expressed-by` — whether the data subject or an authorised representative initiated the registration. - `principal-verification` — identity verification evidence (method, outcome, reference). Strongly recommended; null if no structured verification was performed. - `email` — stored as a one-way hash for future magic-link re-identification and lookup. Optional but required if magic-link re-identification is to be used. - `initiate-passkey-registration` — if `true`, the response includes a `passkey-registration-redirect` containing a short-lived URL to `id.central.consent`. Redirect the customer to this URL — the register completes the WebAuthn ceremony on its own origin, stores the public key, and redirects back with `?dar-passkey-token={token-ref}`. Call `GET /identity-records/{ir}/re-identify/{token-ref}` once to confirm. Supply `passkey-return-url` to control where the customer lands after the ceremony. Identity Records are scoped to the authenticated Data User and are never exposed to the unauthenticated `GET /access-records/{ak}` endpoint used by Data Providers.

Look Up Identity Records

curl --request GET \
  --url https://api.central.consent/v1/identity-records \
  --header 'Authorization: Bearer <token>'

{
  "response": {
    "resource": "/v1/identity-records?mpxn=1234567890123",
    "timestamp": "2026-03-24T09:00:00Z",
    "transaction-id": "tid_abc123def456abc123def456"
  },
  "identity-records": [
    {
      "ir": "ir_a3c5e7f9b1d3a3c5e7f9b1d3",
      "created-at": "2024-01-15T09:30:00Z",
      "pii-principal": {
        "mpxn": "1234567890123",
        "move-in-date": "2022-06-30"
      },
      "expressed-by": "data-subject",
      "has-email": true,
      "credentials": [
        {
          "credential-id": "cred_1a2b3c4d5e6f1a2b3c4d5e6f",
          "registered-at": "2024-01-15T09:35:00Z"
        }
      ]
    }
  ]
}

Documents

Identity Records

Re-identification

Authentication

Data Users

Data Providers

DCC

Webhooks

Look Up Identity Records

Authorizations

Query Parameters

Response