After the user has returned to you via your `merchant_return_url`, you retrieve the `transaction_id` from the `trxid` query parameter and the `entrance_code` from the `ec` query parameter appended to your `merchant_return_url`.
Use the `entrance_code` to rejoin your consumer to the state you have kept. Now retrieve the `merchant_reference` which you received in the transaction call and send these three elements to make a status request.
The status must be requested within 30 seconds after the user is redirected from the bank to the merchant's return URL, otherwise the response will contain no user data for successful transactions. In this case, the response will include a `notice` and `notice_code` field to indicate this.
Personal information will only be returned once by this call. If you need the information a second time, you will have to make a new iDIN request for the consumer.
## Request
### Parameters
| Parameter | Description |
| merchant_token | a guid string that is unique and private to you as a merchant. Do not share this key, keep it safe. Example `3c01abeb-b031-4fea-9f2d-c55c283cd78e` |
| transaction_id | The public identifier of the transaction. |
| merchant_reference | The private reference of the transaction as provided by the Status response. |
## Response
### Parameters
Only those values that are available will be represented in the response.
| Parameter | Description |
| status | Either `open`, `success`, `cancelled`, `failure`, `expired`. If the status is `open`, then the information was not yet available. Please try again after a few more seconds or fail. If the status is `success` then you can expect the requested information to be present. A status of `cancelled` means that the user has cancelled the flow. |
| bin | When identity was requested, this will be a consistent identifier for this user. If identity was not requested, then this will differ every single time. `/[a-zA-Z]{6,6}.*/` Up to 256 characters. You should store this identifier, as, in the case of a dispute, it will be needed. |
| gender | male, female or unspecified |
| initials | Initials of the user. Up to 20 characters. |
| last_name | Last name of the user. Up to 200 characters |
| last_name_prefix | Name prefix of the user. Up to 10 characters. |
| street | Up to 43 characters. |
| house_number | `/[0-9]{1,5}/` |
| house_number_suffix | Up to 6 characters. |
| postal_code | `/[0-9]{4}[a-zA-Z]{2}/` |
| city | Up to 24 characters. |
| country | 2 letter identifier of the country. |
| date_of_birth | 1970-01-01 |
| 18y_or_older | Is the current user 18 years or older at this moment. Boolean |
| telephone_number | The phone number is unverified. `/[0-9 ()+-]{1,20}/` |
| email_address | The email address is unverified. Up to 256 characters. |
The following parameters are returned for an expired successful transaction.
| Parameter | Description |
| notice | The transaction was successful, but the data was not retrieved within 30 seconds. |
| notice_code | 2000 |
### Response codes
| HTTP Status | Description |
| 200 | Successful request. |
| 400 | Invalid request. See message for details. |
| 403 | Authorization required. |
| 404 | The transaction could not be found. |
| 500 | Server error. See message for details. |
| 503 | Service unavailable. See message for details. |