eCBSV Technical Information

Recommended Technical Expertise:

To Access Permitted Entity Registration and Enrollment:

  • SSA will provide an OpenID Connect and OAuth 2.0 solution for authentication and authorization to SSA’s Verification application programming interface (API). To access eCBSV, permitted entities must:

    • Implement the required OpenID Connect/OAuth 2.0 configurations.
    • Assign and manage all end-user permissions, which will be provided as attributes in the OpenID Connect assertion.
    • Obtain API keys from SSA according to industry best practices.
  • Entities wishing to enter into an agreement with SSA to use eCBSV are required to complete the OpenID Connect (OIDC) technical specifications before attempting to complete the eCBSV Online Registration.

To Submit and Obtain SSN Verifications:

  • SSN Verifications will be provided via an application programming interface (API).
  • The Verification API will verify that the number holder’s SSN, name, and date of birth matches or does not match the data in the Social Security Administration’s records.
  • The Verification API will return a verification response of “yes” or “no.” If our records show that the SSN holder is deceased, the API will return a death indicator.
  • Permitted entities will have the ability to submit individual or multiple verification requests to the Verification API for real-time results.
  • The Verification API will return an error message if the service is unavailable or the transaction cannot be processed.
  • eCBSV services will not be available if your company does not have a current/valid signed agreement in place or if your company exceeds your selected tier level for the 365-day period.
  • eCBSV services will not be provided without successful authentication and authorization.
  • See technical specifications for calling the API.

To Access the External Testing Environment:

  • SSA will provide an External Testing Environment (ETE) for the eCBSV service so that clients in development can connect to this test environment and perform interface testing of their software with the eCBSV service.
  • To register, you will need to provide the ODIC Issuer URL and if necessary, the optional Dynamic Client Registration Authorization Header Credentials, for your TEST environment. Upon successful registration, we will return the ETE OAuth Client ID.
  • SSA recommends that entities set up and configure an independent test environment to connect to SSA’s ETE.
  • The test environment must replicate the Production environment, including network connectivity, network security, and SSN Verifications to ensure proper handling of the responses returned to the client software.
  • The ETE should not be used for high volume performance testing.
  • View the technical specifications for accessing and testing ETE and ETE test cases.