diff --git a/app/controllers/api/v1/registrant/auth_controller.rb b/app/controllers/api/v1/registrant/auth_controller.rb
index 5de962437..e1bd37b1e 100644
--- a/app/controllers/api/v1/registrant/auth_controller.rb
+++ b/app/controllers/api/v1/registrant/auth_controller.rb
@@ -26,9 +26,12 @@ module Api
         private
 
         def eid_params
-          [:ident, :first_name, :last_name].each_with_object(params) do |key, obj|
+          required_params = [:ident, :first_name, :last_name]
+          required_params.each_with_object(params) do |key, obj|
             obj.require(key)
           end
+
+          params.permit(required_params)
         end
 
         def create_token(user)
diff --git a/app/models/registrant_user.rb b/app/models/registrant_user.rb
index db851eb6a..da5ddc9f7 100644
--- a/app/models/registrant_user.rb
+++ b/app/models/registrant_user.rb
@@ -30,48 +30,56 @@ class RegistrantUser < User
       return false if issuer_organization != ACCEPTED_ISSUER
 
       idc_data.force_encoding('UTF-8')
+      user_data = {}
 
       # handling here new and old mode
       if idc_data.starts_with?("/")
-        identity_code = idc_data.scan(/serialNumber=(\d+)/).flatten.first
-        country       = idc_data.scan(/^\/C=(.{2})/).flatten.first
-        first_name    = idc_data.scan(%r{/GN=(.+)/serialNumber}).flatten.first
-        last_name     = idc_data.scan(%r{/SN=(.+)/GN}).flatten.first
+        user_data[:ident] = idc_data.scan(/serialNumber=(\d+)/).flatten.first
+        user_data[:country_code] = idc_data.scan(/^\/C=(.{2})/).flatten.first
+        user_data[:first_name] = idc_data.scan(%r{/GN=(.+)/serialNumber}).flatten.first
+        user_data[:last_name] = idc_data.scan(%r{/SN=(.+)/GN}).flatten.first
       else
         parse_str = "," + idc_data
-        identity_code = parse_str.scan(/,serialNumber=(\d+)/).flatten.first
-        country       = parse_str.scan(/,C=(.{2})/).flatten.first
-        first_name    = parse_str.scan(/,GN=([^,]+)/).flatten.first
-        last_name     = parse_str.scan(/,SN=([^,]+)/).flatten.first
+        user_data[:ident] = parse_str.scan(/,serialNumber=(\d+)/).flatten.first
+        user_data[:country_code] = parse_str.scan(/,C=(.{2})/).flatten.first
+        user_data[:first_name] = parse_str.scan(/,GN=([^,]+)/).flatten.first
+        user_data[:last_name] = parse_str.scan(/,SN=([^,]+)/).flatten.first
       end
 
-      u = where(registrant_ident: "#{country}-#{identity_code}").first_or_create
-      u.username = "#{first_name} #{last_name}"
-      u.save
-
-      u
+      find_or_create_by_certificate_data(user_data)
     end
 
-    def find_or_create_by_api_data(api_data = {})
-      return false unless api_data[:ident]
-      return false unless api_data[:first_name]
-      return false unless api_data[:last_name]
+    def find_or_create_by_api_data(user_data = {})
+      return false unless user_data[:ident]
+      return false unless user_data[:first_name]
+      return false unless user_data[:last_name]
 
-      estonian_ident = "EE-#{api_data[:ident]}"
+      user_data.each { |k, v| v.upcase! if v.is_a?(String) }
+      user_data[:country_code] ||= "EE"
 
-      user = find_or_create_by(registrant_ident: estonian_ident)
-      user.username = "#{api_data[:first_name]} #{api_data[:last_name]}"
+      find_or_create_by_certificate_data(user_data)
+    end
+
+    def find_or_create_by_mid_data(response)
+      user_data = { first_name: response.user_givenname, last_name: response.user_surname,
+                    ident: response.user_id_code, country_code: response.user_country }
+
+      find_or_create_by_certificate_data(user_data)
+    end
+
+    private
+
+    def find_or_create_by_certificate_data(opts = {})
+      return unless opts[:first_name]
+      return unless opts[:last_name]
+      return unless opts[:ident]
+      return unless opts[:country_code]
+
+      user = find_or_create_by(registrant_ident: "#{opts[:country_code]}-#{opts[:ident]}")
+      user.username = "#{opts[:first_name]} #{opts[:last_name]}"
       user.save
 
       user
     end
-
-    def find_or_create_by_mid_data(response)
-      u = where(registrant_ident: "#{response.user_country}-#{response.user_id_code}").first_or_create
-      u.username = "#{response.user_givenname} #{response.user_surname}"
-      u.save
-
-      u
-    end
   end
 end
diff --git a/test/models/registrant_user_test.rb b/test/models/registrant_user_test.rb
index 112b4dbeb..86ab5591a 100644
--- a/test/models/registrant_user_test.rb
+++ b/test/models/registrant_user_test.rb
@@ -20,6 +20,19 @@ class RegistrantUserTest < ActiveSupport::TestCase
     assert_equal('JOHN SMITH', user.username)
   end
 
+  def test_find_or_create_by_api_data_creates_a_user_after_upcasing_input
+    user_data = {
+      ident: '37710100070',
+      first_name: 'John',
+      last_name: 'Smith'
+    }
+
+    RegistrantUser.find_or_create_by_api_data(user_data)
+
+    user = User.find_by(registrant_ident: 'EE-37710100070')
+    assert_equal('JOHN SMITH', user.username)
+  end
+
   def test_find_or_create_by_mid_data_creates_a_user
     user_data = OpenStruct.new(user_country: 'EE', user_id_code: '37710100070',
                               user_givenname: 'JOHN', user_surname: 'SMITH')