Fortuna Compliance API Help
Fortuna Compliance provides KYC and regulatory compliance services for the Danish gambling market, including identity verification, CPR validation, PEP screening, ROFUS checks, SAFE reporting, and audit history.
Getting started
- Obtain your API key from the admin portal.
- Authenticate every request with the
X-Api-Keyheader. Requests without a valid key return401 Unauthorized. - Explore the API using the interactive documentation at /docs or the OpenAPI JSON at /openapi/v1.json.
Help topics
| Topic | Description |
|---|---|
| Brokers | Discover which identity and CPR providers are available for your account |
| Identity verification | Start and retrieve end-user authentication flows (MitID, BankID, eIDAS) |
| CPR lookup and validation | Retrieve CPR records and validate customer-provided data |
| PEP screening | Check persons against the Financially Exposed Persons register |
| ROFUS checks | Self-exclusion, CSRP, marketing permission, and combined evaluation |
| SAFE reporting | Submit sessions, jackpots, and end-of-day reports for DGA compliance |
| Audit records | Query the audit trail for all compliance operations |
Common patterns
All endpoints (except /health, /docs, and /openapi) require the X-Api-Key header. The key determines which features and brokers are available to your requests.
Most request bodies include an audit object with an externalReference field — set this to your own tracking ID (such as a customer ID or session ID) so you can look up activity later via the audit endpoint.