Documentation

Consume the accounts API

Last updated Nov 2, 2020

This article describes how you can consume the accounts API using the access token you generated earlier.


Introduction

There are two important things you must have done before continuing any further:

  1. Set up your client certificate correctly.
  2. Be in possession of an access token as a result of the hybrid flow. This access token represents user consent for account information access.

If you have not completed both of these steps, you should refer back to earlier articles to complete them:

Calling the accounts API

You can find all the endpoints you can consume in the Open Banking standard.

In this article, we will consume one API, the /accounts endpoint. The same principle applies to the other endpoints.

Note

The Postman collection in the ForgeRock sample project contains a sample of all the requests you can do using the access token.

Here is an example request:

curl -X GET \ https://rs.aspsp.dev-ob.forgerock.financial:443/open-banking/v1.1/accounts \ -H 'Accept: application/json' \ -H 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJ6aXAiOiJOT05FIiwia2lkIjoiRm9sN0lwZEtlTFptekt0Q0VnaTFMRGhTSXpNPSIsImFsZyI6IkVTMjU2In0.eyJzdWIiOiJkZW1vIiwiYXV0aF9sZXZlbCI6MCwiYXVkaXRUcmFja2luZ0lkIjoiOTllOTk0MDctZGViZi00MmJiLTgxNmMtZWMzYjY3OWQzNjA1IiwiaXNzIjoiaHR0cHM6Ly9hcy5hc3BzcC5kZXYtb2IuZm9yZ2Vyb2NrLmZpbmFuY2lhbDo4NDQzL29hdXRoMi9vcGVuYmFua2luZyIsInRva2VuTmFtZSI6ImFjY2Vzc190b2tlbiIsInRva2VuX3R5cGUiOiJCZWFyZXIiLCJhdXRoR3JhbnRJZCI6ImZkMWE1NmRjLWFjMWQtNDExYS1hYTUzLTU3MmNhNzEyM2M2ZCIsIm5vbmNlIjoiNWE2YjFhYzkzMmE5ZmI1MTY0MThkZDQ5IiwiYXVkIjoiODU5OTRjYTAtOWRiMy00NTA1LTkzNWItMDdkYzA3NWNiNzA3IiwibmJmIjoxNTE2OTY4NzA0LCJncmFudF90eXBlIjoiYXV0aG9yaXphdGlvbl9jb2RlIiwic2NvcGUiOlsib3BlbmlkIiwiYWNjb3VudHMiXSwiYXV0aF90aW1lIjoxNTE2OTY4NjcwMDAwLCJjbGFpbXMiOiJ7XCJpZF90b2tlblwiOntcImFjclwiOntcInZhbHVlXCI6XCJ1cm46b3BlbmJhbmtpbmc6cHNkMjpzY2FcIixcImVzc2VudGlhbFwiOnRydWV9LFwib3BlbmJhbmtpbmdfaW50ZW50X2lkXCI6e1widmFsdWVcIjpcIkEwOWIxYzE5Yi0wMDRlLTQzMjctODczMC1kNjU3MzkwYTBlYzlcIixcImVzc2VudGlhbFwiOnRydWV9fSxcInVzZXJpbmZvXCI6e1wib3BlbmJhbmtpbmdfaW50ZW50X2lkXCI6e1widmFsdWVcIjpcIkEwOWIxYzE5Yi0wMDRlLTQzMjctODczMC1kNjU3MzkwYTBlYzlcIixcImVzc2VudGlhbFwiOnRydWV9fX0iLCJyZWFsbSI6Ii9vcGVuYmFua2luZyIsImV4cCI6MTUxNjk3MjMwNCwiaWF0IjoxNTE2OTY4NzA0LCJleHBpcmVzX2luIjozNjAwLCJqdGkiOiIyNmZlNWFjOS01ZjNkLTQzNGUtOWY0OC0wOGVhMGQyZjBmODcifQ.y5Xc9LeUcit3C35lMSK9jX4XqYY7xtCd_V_Vvww6YW6ESbUbW2fEOpvVc1pFjrw1cumSrD3HgwUoOHDLUn_06w' \ -H 'Cache-Control: no-cache' \ -H 'Content-Type: application/json' \ -H 'Postman-Token: 18ea0f4e-d1c5-95bc-808c-e5e95c7c2c99' \ -H 'x-fapi-customer-ip-address: 104.25.212.99' \ -H 'x-fapi-customer-last-logged-time: Sun, 10 Sep 2017 19:43:31 UTC' \ -H 'x-fapi-financial-id: 0015800001041REAAY' \ -H 'x-fapi-interaction-id: 93bac548-d2de-4546-b106-880a5018460d' \ -H 'x-idempotency-key: FRESCO.21302.GFX.20' \ -d '{ "Data": { "Permissions": [ "ReadAccountsDetail", "ReadBalances", "ReadBeneficiariesDetail", "ReadDirectDebits", "ReadProducts", "ReadStandingOrdersDetail", "ReadTransactionsCredits", "ReadTransactionsDebits", "ReadTransactionsDetail" ], "ExpirationDateTime": "2017-05-02T00:00:00+00:00", "TransactionFromDateTime": "2017-05-03T00:00:00+00:00", "TransactionToDateTime": "2017-12-03T00:00:00+00:00" }, "Risk": {} }'

Here is the response we received from the code sample:

{ "Data": { "Account": [ { "AccountId": "22289", "Currency": "GBP", "Nickname": "Bills", "Account": { "SchemeName": "SortCodeAccountNumber", "Identification": "80200110203345", "Name": "Mr Kevin", "SecondaryIdentification": "00021" } }, { "AccountId": "31820", "Currency": "GBP", "Nickname": "Household", "Account": { "SchemeName": "SortCodeAccountNumber", "Identification": "80200110203348", "Name": "Mr Kevin" } } ] }, "Links": { "Self": "/accounts" }, "Meta": { "TotalPages": 1 } }

Conclusion

You should now have consumed the accounts API using the access token.


Copyright and Trademarks Copyright © 2020 ForgeRock, all rights reserved.