Introduction
This guide is designed to assist TPP developers in their onboarding, implementation, testing and usage of the Dedicated Interface for the selected ASPSP.
Getting started
Introduction
The UK Open Banking API provides access to financial data for Third Party Provider (TPP) developers and Account Servicing Payment Service Providers (ASPs). This API allows TPPs and ASPSs to securely access customer financial information and initiate payments on their behalf, with their consent. This provides customers with greater control over their financial data and allows for the development of innovative financial services and products. The API is regulated by the UK's Open Banking Implementation Entity (OBIE) to ensure that it meets the necessary security and data protection standards.
Please refer to Open Banking Specification more details.
Certificates
TPPs regulated / authorised in the UK must use certificates issued by OBIE. No need to do anything else. Certificates active on the OBIE system can automatically be used with a Dedicated Interface.
Well Known Endpoints
Each Dedicated Interface has a published .well-known
endpoints file which specifies values such as Supported Tokens and Signing Algorithms.
Each supported environment will have its own .well-known
endpoints file.
You can find the .well-known
endpoints file URL via the ASPSP's developer portal Home Page (Select the ASPSP HOME tab, then select the relevant API and environment).
Registering your application using DCR
You must register your application using DCR (follow the steps below)
Prerequisites:
You must have registered as a TPP on the OB Directory.
The TPP must have a software statement created on the OB Directory.
Any scopes requested by the TPP must have been authorised by OBIE and must be found in the OBIE issued software statement supplied in the registration request object.
The TPP must use an OB issued (OBWAC) transport certificate for MTLS.
The TPPs registration request object must be signed by an OB issued signing certificate (OBSEAL).
In order to access our Open Banking APIs you need to use Dynamic Client Registration (DCR) and register your application. Doing so will provide you with client credentials that will be used any time the TPP accesses our Authorisation Server.
Open Banking DCR v3.2:
For DCR we have implemented the POST /register
endpoint as found in v3.2 of the Open Banking Dynamic Client Registration specification.
You can create as many unique Apps as you require. An App is linked to a specific environment, so you must ensure you have selected the correct environment (Production or Sandbox) when creating a software statement with the OB Directory.
For the full registration URL please refer to the registration_endpoint
claim found in the .well-known
endpoint.
Security Model
The following list describes the supported claim
values for this Dedicated Interface (these are also defined in the .well-known
endpoint) :
Claim Type
Supported Value(s)
Response Type(s)
'code id_token'
Grant Type(s)
'authorization_code', 'client_credentials', 'refresh_token'
Scope(s)
'openid', 'accounts', 'payments', 'fundsconfirmations'
ID Token Signing Algorithm
'PS256'
Request Object Signing Algorithm(s)
'PS256'
Token Endpoint Auth Signing Algorithm(s)
'PS256'
You're good to go
After successfully following the above steps, your application will now have been registered with this Dedicated Interface.
To find out how you can start making API requests (including an explanation of our Authentication Flow) follow the steps found in the APIs & Specification tab at the top of this page.
Last updated