diff --git a/greg/tests/api/test_person.py b/greg/tests/api/test_person.py
index 8787731449a157f73a4a4ff1654aa6015e3b1479..cd958a8878099374d811c377294ea1462f390343 100644
--- a/greg/tests/api/test_person.py
+++ b/greg/tests/api/test_person.py
@@ -7,6 +7,8 @@ from rest_framework.reverse import reverse
 from rest_framework.status import HTTP_200_OK
 from rest_framework.test import APIClient
 
+from django.utils import timezone
+
 from greg.models import (
     Consent,
     Identity,
@@ -594,3 +596,40 @@ def test_person_consent_add_invalid_choice_fails(
     # No consent should have been added to the person
     consents_for_person = client.get(url).json()["results"]
     assert len(consents_for_person) == 0
+
+
+@pytest.mark.django_db
+def test_identity_post_fails_if_duplicate(client, person, person_foo):
+    response = client.get(
+        reverse("v1:person_identity-list", kwargs={"person_id": person.id})
+    )
+    results = response.json()["results"]
+    assert len(results) == 0
+
+    Identity.objects.create(
+        person=person_foo,
+        type=Identity.IdentityType.NORWEGIAN_NATIONAL_ID_NUMBER,
+        source="Test source",
+        value="12345678901",
+        verified_at=timezone.now() - datetime.timedelta(days=205),
+    )
+
+    data = {
+        "type": Identity.IdentityType.NORWEGIAN_NATIONAL_ID_NUMBER,
+        "source": "Test source",
+        "value": person_foo.fnr.value,
+    }
+    response = client.post(
+        reverse("v1:person_identity-list", kwargs={"person_id": person.id}),
+        data=data,
+    )
+
+    # The request should fail
+    assert response.status_code == status.HTTP_400_BAD_REQUEST
+
+    response = client.get(
+        reverse("v1:person_identity-list", kwargs={"person_id": person.id})
+    )
+    results = response.json()["results"]
+    # No national ID should have been added
+    assert len(results) == 0
diff --git a/gregui/api/serializers/identity.py b/gregui/api/serializers/identity.py
index 4d7929873769af5540755551ebf500d92e0a102e..6395cf12fd7cb53459451a2d5a22600b3336b4dc 100644
--- a/gregui/api/serializers/identity.py
+++ b/gregui/api/serializers/identity.py
@@ -48,9 +48,6 @@ class IdentitySerializer(serializers.ModelSerializer):
 
         Note: Get requests do not use this method, making it safe.
         """
-
-        # TODO Check for duplicate value
-
         # Prevent nin verification. (This will only trigger if someone is posting the
         # requests themselves. The frontend has its own setting disabling the button
         # used against this endpoint.)