Generates Access Token or Authrorization code depending on response_type.


GET /authorize is redirected to Consent Application where a two-factor authentication is initiated. Upon successful authentication access_token or authorization code is returned as query parameters passed to the redirect uri. /authorize

  • Name
  • client_id
    TPPs MUST provide this value and set it to the client id issued to them.
  • redirect_uri
    Redirect URI defined with your registered App. This MUST be a valid, absolute URL that was registered during Client Registration.
  • nonce
    A nonce value
  • response_type
    OAuth 2.0 requires that this parameter is provided. Value is set to ‘code id_token’ or ‘code’. The values for these parameters MUST match those in the Request Object, if present.
  • state
    TPPs MAY provide a state parameter. An Unique id to maintain state between asynchronous requests at the Client.
  • scope
    The scopes MUST be a sub-set of the scopes that were registered during Client Registration. At a minimum the scope parameter MUST contain openid. Other valid scopes are: accounts, payments
  • request
    The parameter MUST contain a JWS that is signed by the TPP. The JWS payload MUST consist of a JSON object containing a request object as per OIDC Core 6.1.

    The request object MUST contain a claims section that includes as a minimum

  • openbanking_intent_id that identifies the intent id for which this authorisation is requested

Request Body

Basic Auth

OAuth 2.0

Custom Token


Make a request and see the response.

Make a request and see the response.

Resource Summary


This is the place where EventTypes description lies.

Sample Error Messages & Error Codes.

This is where error messages sample and description lies.
This is the place where HTTP Status Codes.