HomeGuidesAPI ReferenceChangelog
Log InChangelog
Guides
Changelog
Start typing to search…
These docs are for v2025.11.00. Click to read the latest docs for v2025.12.00.

Subject (sub)

Definition

SubjectId is the unique identifier of the person who owns a wallet.
It is derived from the digital signature returned by the authentication provider (e.g., BankID, ItsMe).

Uniqueness Rules

  • Per person + per Wallet Provider: Same person always receives the same SubjectId with the same Wallet Provider.
  • Across Wallet Providers: Same person receives a different SubjectId when onboarding with a different Wallet Provider.
  • Re-onboarding: SubjectId does not change, even if the wallet is deleted and re-created.
  • Multiple devices: All devices onboarded under the same person and Wallet Provider share the same SubjectId.

Lifecycle

  • Created: Generated at successful onboarding via the authentication provider.
  • Persistent: Remains the same across reinstallations, re-onboarding, and multiple devices (within one Wallet Provider).
  • Reissued: If a wallet is deleted and re-onboarded with the same Wallet Provider, the same SubjectId is reissued.

Relationship to Other Identifiers

  • SubjectId vs. FixedSDKId

    • SubjectId = identity of the person within one Wallet Provider.
    • FixedSDKId = identity of a specific device onboarding instance.
    • One SubjectId may have many FixedSDKIds.

  • SubjectId vs. PaymentInstrumentId

    • SubjectId = identifies the person/wallet owner.
    • PaymentInstrumentId = identifies a specific card, account, or voucher stored in that wallet.

Typical Use Cases

  • User lookup: Wallet Providers use SubjectId to manage all wallets/devices for one person.
  • Event handling: Included in wallet events for correct user association.
  • Multi-device support: Same SubjectId across devices ensures one user identity with multiple devices.
  • Fraud protection: SubjectId is unique per Wallet Provider, preventing cross-provider identity correlation.

Key Rules to Remember

  1. SubjectId is derived from the authentication provider signature.
  2. It is stable across re-onboardings for the same person and Wallet Provider.
  3. It changes when the same person onboards with a different Wallet Provider.
  4. It is the used identity of a wallet owner in all APIs and events.

Updated 5 months ago