Simon Redfern edited this page Aug 21, 2018 · 56 revisions

Welcome to the OBP-API wiki!

Application registration

OBP protected resources use OAuth. You can use one of our sandboxes (register here) to test. You will get a consumer key and consumer secret for the calls requiring OAuth authentication.


The best way to get started with OBP and OAuth is probably to fork one of our Starter SDKs. They take care of the basic OAuth flow.

Direct Login / JWT

For hackathons and highly trusted applicaitons we offer a "direct login" using JWT. See this direct login documentation page or the SDK page for a code example

We're sometimes asked about OAuth 1 and 2. So far we stick with OAuth 1.0a because it's stable (RFC) is used by the likes of Twitter and Mastercard and according to the lead author of OAuth is more secure than OAuth2. For more info, see OAuth 2 and the road to hell or this stack overflow article

Customer Logins

For the general sandbox see:

You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.