Authentication¶
The Danish CVR Registry API requires HTTP Basic Authentication for all requests.
Obtaining Credentials¶
Credentials Required
You must obtain valid credentials from the Danish Business Authority before using the API.
How to Request Access¶
-
Email the CVR Support Team:
-
Include in your request:
- Your organization name
- Your organization ID (leave out if working as private)
- Contact information
-
Inform if you require access to beneficial owners
-
Wait for approval - Processing may take up to 3 weeks.
Setting Up Authentication¶
Environment Variables (Recommended)¶
Store your credentials as environment variables for security:
Configuration Files¶
For applications, use configuration files with environment variable substitution:
.env Files¶
Create a .env file for local development:
# .env file (do not commit to version control)
CVR_USERNAME=your_username_here
CVR_PASSWORD=your_password_here
Add .env to your .gitignore:
Testing Authentication¶
Verify your credentials work correctly:
curl -u "$CVR_USERNAME:$CVR_PASSWORD" \
-X POST "http://distribution.virk.dk/cvr-permanent/virksomhed/_search" \
-H 'Content-Type: application/json' \
-d '{"size": 1}'
Expected Response¶
A successful authentication returns company data:
{
"took": 16,
"timed_out": false,
"_shards": {
"total": 6,
"successful": 6,
"skipped": 0,
"failed": 0
},
"hits": {
"total": 2194982,
"max_score": 1.0,
"hits": [
{
"_index": "cvr-v-20220630",
"_type": "_doc",
"_id": "...",
"_score": 1.0,
"_source": {
"Vrvirksomhed": {
"cvrNummer": 12345678,
"navne": [...]
}
}
}
]
}
}
Authentication Errors¶
HTTP 401 - Unauthorized¶
<html>
<head><title>401 Authorization Required</title></head>
<body>
<center><h1>401 Authorization Required</h1></center>
<hr><center>nginx</center>
</body>
</html>
Common Causes: - Incorrect username or password - Expired credentials
Solutions: - Verify credentials with CVR support team - Check environment variables are set correctly - Ensure no special characters are causing encoding issues
Security Best Practices¶
Never Commit Credentials
Never store credentials directly in your code or commit them to version control.
✅ Do This¶
- Use environment variables
- Store in secure credential management systems (AWS Secrets Manager, Azure Key Vault, etc.)
- Use configuration files with environment variable substitution
- Implement credential rotation procedures
❌ Don't Do This¶
- Hardcode credentials in source code
- Store credentials in configuration files without environment variables
- Share credentials via email or chat
- Use the same credentials across multiple environments
Credential Management in Production¶
from azure.keyvault.secrets import SecretClient
from azure.identity import DefaultAzureCredential
def get_cvr_credentials():
credential = DefaultAzureCredential()
client = SecretClient(vault_url="https://your-vault.vault.azure.net/",
credential=credential)
username = client.get_secret("cvr-username").value
password = client.get_secret("cvr-password").value
return username, password
IP Restrictions¶
Network Access
The CVR API may have IP-based restrictions. Ensure your production systems can access the API endpoint from their network locations.
If you encounter network connectivity issues:
- Check if your organization's firewall blocks HTTP (non-HTTPS) traffic
- Verify the API endpoint is accessible from your deployment environment
- Consider using a proxy or VPN if required by your network policies
Next Steps¶
Once authentication is working:
- Quick Start Guide - Try basic queries
- API Reference - Learn about available endpoints
- Query Examples - See practical query patterns