|Step 1 - Sign in|
Follow the steps below to sign in to the WSO2 Open Banking live demo:
- Go to the Home page and click Try Developer Portal > App (Sandbox).
The API Store with the available APIs you can try appears.
- Click Sign in in the upper right corner and sign in with your wso2.com account details.
Step 2 - Create an application
Follow the steps below to create an application with which you can subscribe to APIs:
Step 3 - Subscribe to an API
Click Applications on the WSO2 Open Banking live demo to view all the applications.
WSO2 Open Banking comes with a sample application named
DefaultApplication, which has a service-level agreement (SLA) with unlimited access, by default.
- Click Add Application.
Enter a name for the application and click Add to create an application.
If you like you can select an SLA via the Per Token Quota dropdown, e.g., 50PerMin. If you do not select an SLA, the default SLA, which is unlimited will be applied
After the application is created, the application details page appears.
Follow the steps below to subscribe to an API via an application:
Step 4 - Generate an application access token
Click APIs to view all available WSO2 Open Banking APIs.
- Click the
PaymentsAPI v1.0.0 API.
- Select the application that you created from the Applications drop-down. If you did not create an application, select
- Click Subscribe.
A message appears to confirm that you have successfully subscribed to the API. Click View Subscriptions.
The Subscriptions tab of the Application Details page appears.
Follow the steps below to generate the application access token and the security keys with which you can create a user access token:
- Click Sandbox Keys tab on the Application Details page.
Enter the required information.
This determines the credentials used to generate the access token. There are two types of grant types available in the WSO2 Open Banking live demo:
- Client Credentials: This relates to the Client Credentials grant type and is applicable when consuming the API as an application.
- Code: This relates to the Authorization Code grant type and is applicable when consuming the API as a user.
This is the URL used by TransacPro to receive the authorization code sent from the ABC Bank.
Scopes enable fine-grained access control to API resource based on user roles. Select payments :
This defines the access token's validity period after which it requires regeneration. You can keep the default value, which is
If you set the validity period to a minus value, e.g., -1, the token never expires
Click Generate Keys.
This generates an access token, consumer key, and consumer secret, which you can use in token generation API calls.
Step 5 - Consume an API
Now that you have your access token, follow the steps below to invoke the
PaymentsAPI API and post payments:
Click APIs on the WSO2 Open Banking live demo and click PaymentsAPI API.
- Select the application you used to subscribe to the
PaymentsAPI API from the Try dropdown. The previously generated access token appears by default.
- Click POST /payment-initiation to expand the
POST /payment-initiation API resource.
- Enter the application access token you generated in Step 4 to the Authorization : Bearer field.
- Enter the sample values given in the UI to
Click Try it out. A 201 response appears upon a successful API invocation.
PaymentID that is returned from the API call so that you can use it for other API invocations.
Follow the steps below to generate a user access token using the client key and the client secret:
- Copy the URL shown below and update the placeholders as follows:
<client-ID> : Replace this with the
consumer key that you generated in Step 4, e.g.,
<riderect-URL> : Replace this with the
Callback URL that you used when generating the kes in Step 4, e.g.,
- Paste the updated
URL on your browser to navigate to the ABC Bank's open banking system.
- When prompted, sign in using your wso2.com credentials.
This is the first factor of Strong Customer Authentication (SCA).
- Enter the verification code that you received via SMS to the mobile number that you gave at the time of signing up to wso2.com.
This serves as the second factor of SCA.
After the authentication process is complete, you are directed to the customer consent approval process.
Click Approve to perform the transaction.
After the consent process is approved, the authorization code appears.
Copy the cURL command shown below and update the placeholders as follows:
<client-ID>:<client-secret> : Replace the
<client-secrent> with the consumer key and the
consumer secret you generated in Step 4 respectively. Make sure to keep the colon (:) separator between them.
<client-ID> : Again, replace the
<authorization-code> : Replace this with the
authorization code, e.g., 2b602c70-6a6e-3e96-9132-8570aaad4458.
<redirect-URL> : Replace this with the
Callback URL that you used to generate the keys, e.g.,
You can only use the authorization code once.
curl -v -X POST --basic -u <client-ID>:<client-secret> -H "Content-Type: application/x-www-form-urlencoded;charset=UTF-8" -k -d "client_id=<client-ID>&grant_type=authorization_code&code=<authorization-code>&redirect_uri=<redirect-URL>" https://api-openbanking.wso2.com/TokenAPI/v1.0.0/
curl -v -X POST --basic -u fAIwK4n9QKKHIoGOv1DF6eUOkiMa:2Ui34DIx7LfIiXtrUCCpkoUqKDUa -H "Content-Type: application/x-www-form-urlencoded;charset=UTF-8" -k -d "client_id=fAIwK4n9QKKHIoGOv1DF6eUOkiMa&grant_type=authorization_code&code=ff105634-e437-3567-955d-0bcaee3603d8&redirect_uri=https://openbanking.wso2.com/authenticationendpoint/authorize_callback.do" https://api-openbanking.wso2.com/TokenAPI/v1.0.0/
Paste the updated cURL command in the command prompt to generate the user access token with the consented privileges.
> POST /TokenAPI/v1.0.0/ HTTP/1.1
> Host: api-openbanking.wso2.com
> Authorization: Basic ZkFJd0s0bjlRS0tISW9HT3YxREY2ZVVPa2lNYToyVWkzNERJeDdMZklpWHRyVUNDcGtvVXFLRFVh
> User-Agent: curl/7.51.0
> Accept: */*
> Content-Type: application/x-www-form-urlencoded;charset=UTF-8
> Content-Length: 197
< HTTP/1.1 200 OK
< Server: nginx/1.12.1
< Date: Fri, 15 Sep 2017 05:30:23 GMT
< Content-Type: application/json
< Transfer-Encoding: chunked
< Connection: keep-alive
< X-Frame-Options: DENY
< Cache-Control: no-store
< Access-Control-Allow-Origin: *
< Access-Control-Allow-Methods: POST
< X-Content-Type-Options: nosniff
< Pragma: no-cache
< X-XSS-Protection: 1; mode=block
< Access-Control-Allow-Headers: authorization,Access-Control-Allow-Origin,Content-Type,SOAPAction
Now, try out other API resources of the
|APIs used by users When accessing the following API resources, use the user access token you generated.|
APIs used by applications
When accessing the following API resources, use the access token you generated using the
Client Credentials grant type and the
payments : payments scope in Step 4.