Home

Simon Redfern edited this page Mar 12, 2016 · 47 revisions

Welcome to the OBP-API wiki!

Application registration

OBP protected resources use OAuth. You can use one of our sandboxes (register here) to test. You will get a consumer key and consumer secret for the calls requiring OAuth authentication.

OAuth

The best way to get started with OBP and OAuth is probably to fork one of our Starter SDKs. They take care of the basic OAuth flow.

Direct Login / JWT

For hackathons and highly trusted applicaitons we offer a "direct login" using JWT. See this direct login documentation page or the SDK page for a code example

We're sometimes asked about OAuth 1 and 2. So far we stick with OAuth 1.0a because it's stable (RFC) is used by the likes of Twitter and Mastercard and according to the lead author of OAuth is more secure than OAuth2. For more info, see OAuth 2 and the road to hell or this stack overflow article