Getting started

Here's what you need to understand and use the banking APIs. Either follow the steps on this page or navigate to the topic of your interest using the navigation menu on the left.


What are banking APIs?

Banking APIs expose a range of data to third-party financial service solution providers including payment initiators, account aggregators, and other emerging fintechs. These APIs are designed and documented to support upcoming PSD2 and Open Banking regulations.

The broad categories of APIs include:

  • account access APIs to allow access to account information, balance, and transactions to support the AISP use case
  • payment APIs to allow one time payment submission to support the PISP use case
  • open data API to allows access to non-customer specific information, including as ATM locations and banking product details


How does one use banking APIs?

Banking APIs can be consumed by mobile apps, web apps, and by other APIs. These APIs are built in a RESTful architectural style with data represented in JSON. Therefore, these APIs are platform agnostic when it comes to app development.

Security is paramount for banking APIs; a trusted relationship must be built between the API provider and the developer. As a third-party app provider, you need to go through following steps to use these APIs:

  1. Register as a developer on this portal (registration will be complete after verification)
  2. Create an app to consume will consme the banking APIs (demo flow only, does not create a new app for demo user log-in) 
  3. Subscribe to one or more digital products, each of which is a set of APIs grouped based on the consumption need of the third-party developer
  4. Obtain app credentials that include a client ID and secret for each app
  5. Use the app credentials to authenticate
  6. Try the APIs using the sandbox. When an API is configured to have authorization completed( i.e. to present an access token), you will see a button titled "OAuth 2.0 Set". Clicking on this button will start the OAuth flow and consent app flow.
  7. Make API calls from the app



Before you begin integrating the APIs into your app, you should have a good understanding of your use case(s) and which APIs you'd like to use. You will also have to present necessary information and documents as part of your app creation process.

Key information to be presented during registration:

  • Developer type (TPP, AISP, PISP)
  • FCA license or equivalent

Note: The information required during registration is demo flow only. It does not register a new user.


Register with us

Click on the register button on the left top side of the portal.


Check out the API catalogue

APIs are grouped into API products, each with a subset of the API endpoints exposed as part of the banking APIs. Check out the products, API signatures, parameters, and response structure to understand the APIs from a functional perspective.

Check out the API catalogue


Understand authentication, authorization, and consent

As part of this solution, there are multiple banking APIs that are available for your use. Some of the APIs, such as the accounts API and the branch locator API, are read-only, whereas some APIs can modify data and perform banking transactions, such as the payments API.

Due to the secure nature of these APIs, they are protected by various authentication mechanisms based on the level of access.

Check out how authentication, authorization, and consent work


Create an app

An app is an entry point to use the APIs. App credentials are required to make every call. Create one or more apps using these steps.

How to create an app


Use the sandbox

The sandbox we've provided hosts sample data and enables you to run these APIs on the sample data. This way you can get the APIs to work, understand the request and response structure so that you can integrate them into your app after thoroughly understanding the APIs. Remember to review the documentation of each API and try them before you start using them. For your convenience, authentication, authorization, and consent has been simulated in the sandbox.

More on the sandbox