For Data Recipients

Complete the following sections to use the Open Banking API as a Data Recipient.

1. Optionally, determine which Data Providers a Data Recipient is registered to

Get an access_token by passing your client credentials to the /Token endpoint. Then call the /Providers endpoint and pass the access_token. You'll receive a list of Data Providers who are registered to the Data Recipient.

This step is optional and is not required to authorize.

2. Authorize with a Data Provider

Initiate the authorization process with the Data Provider by calling the /Authorize endpoint.

If the request is successful and the customer provides consent, you'll receive a 302 response at the redirect_uri, an authorization code and the original state

If the request is not successful or the customer declines to provide consent, you'll receive an error, error_description, and the original state.
&error_description=The user denied the access

3. Exchange the authorization code for an access token

Call the /Token endpoint and use authorization_code as the grant_type.

If the request is successful, you'll receive an access token:

  "access_token": "{access_token}",
  "token_type": "Bearer",
  "expires_in": 300,
  "refresh_token": "{refresh_token}"

4. Start receiving your data

Use the access_token to call the Data Access endpoints

and start receiving your data.

For example, to get customer account data, call the /Accounts endpoint and pass the access_token:

5. Get a refresh token

When your access_token expires, call the /Token endpoint and use refresh_token as the grant_type. If the request is successful, you'll receive a new access_token.