Welcome to the Open Bank Project PSD2 sandbox.
This Open Bank Project PSD2 sandbox demonstrates a PSD2 API solution.
The API provides a secure avenue that allows bank account holders to access their banking data and services via approved third party applications, following the consent of both the bank and customer.
Use this sandbox to explore our PSD2 API catalogue (see the API Explorer link below), test an example API powered application (see the Sofi link below) and register for a developer key so you can start building your own applications. For more example customer logins, see the link below.
Create an account
First, create a free developer account on this sandbox and request a developer key. You will be asked to submit basic information about your app at this stage. Register here.
Connect your app
Use our SDKs to connect your app to the Open Bank Project APIs. You will need your developer key, which was provided to you when you created an account. See all available APIs on the API Explorer. Please make sure you are using the correct base URL.
Test your app using customer data
Once your app is connected, you can test it using test customer credentials. You can find a list of available customer logins for this sandbox here.
Access the user's list of accounts and account information such as the balance. Explore...
Access the list of branches and ATMs for the specified bank including geolocation and opening hours. Explore...
Access the transaction history and metadata of accounts. Explore...
Enrich transactions and counterparties with metadata including geolocations, comments, pictures and tags (e.g. category of spending). Explore...
Access the payers & payees of an account including metadata such as their aliases, labels, logos and home pages. Explore...
Enable account holders to grant fine-grained access to third-party users and applications. For instance, a business account might provide auditors with full read-only access whilst coworkers might only see the account balance. Explore...
Customer meetings, messages and video conferencing.
Enable customer meetings, messages and video conferencing for KYC and CRM operations (uses third party video streaming). Explore...
Step up authentication using the generic challenge / response mechanism for sensitive operations e.g. to progress a transfer, the user must supply a mobile TAN Explore...
Scala (liftweb)By OpenBankProject
Please make sure you are using the correct sandbox domain when using the SDKs. In doubt, drop us a line.
What is the correct base URL for this sandbox?
The base URL is
Please make sure you are using this in all your API calls
How should I login?
There are two ways to authenticate a user: OAuth and Direct Login. If you are using this sandbox for a hackathon, we recommend you use Direct Login to authenticate as it is easier than the OAuth workflow.
Where can I read the API documentation?
How much does it cost?
It is free to use our sandbox for testing. Using live data may be subject to charges depending on the bank. Contact us to learn more about pricing options.
I got a 404 error, what am I doing wrong
Avoid using trailing slashes, else, you would get a 404 error. Example:
.../obp/v1.4.0 200 OK
.../obp/v1.4.0/ 404 Not Found
- Double check parameters are spelt correctly (including http vs https etc.)
- Check your encoding (use UTF8)
- Avoid using trailing slashes, else, you would get a 404 error. Example:
How can I use OAuth?
To get started with OBP and OAuth we recommend you use (and fork) one of our OAuth Starter SDKs. Alternatively, for a walkthrough example with sample code, please see here. We use OAuth 1.0a. For deepish technical details of the flow see here
Note: You don't have to use OAuth for a hackathon - You can use Direct Login instead.
What are some customer logins I can use?
During the login, the user of your app will be asked for a customer username/password. You can find example login to test your Direct Login or OAuth flow here.
Who owns the IP of the code I create?
Of course, you do!