Getting started

Access tokens

All requests made to the Open Banking API requires an access token. Access tokens are valid for one hour. An access token belongs to a certain product and scope only. See the information of the variable SCOPE in the section "Variables and constants used in this guide" below.

We use OAuth2 with client credentials for authentication which is a well-known standard. Please use a library for authenticating with us instead of coding it yourself.

Variables and constants used in the guide

Name	Description
AUTH_HOST	The token URL. For production, use `https://auth.openbankingplatform.com/connect/token`
CLIENT_ID	The Client ID of the application you created in the Developer Portal.
CLIENT_SECRET	The secret that was generated when you created an application. If you did not save that value, you need to generate a new secret.
SCOPE	The scope is a combination of private/corporate scope and API scope, separated with a space. For example, an access token for making requests to the AIS API for private accounts has `scope` set to `"accountinformation private"`. Transactions from Swedish Bankgirot can also be included by appending the `"bankgiroinformation"` scope.

Endpoint

POST AUTH_HOST

javascript

Request headers

Content-Type: "application/x-www-form-urlencoded"

javascript

Request body

client_id=CLIENT_ID&client_secret=CLIENT_SECRET&grant_type=client_credentials&scope=SCOPE

javascript

Result

accessToken = response.data.access_token;

javascript

Good to know List banks

​Variables and constants used in the guide

​Endpoint

​Request headers

​Request body

​Result

Variables and constants used in the guide

Endpoint

Request headers

Request body

Result