Authentication

Open Bank Project offers multiple authentication methods:

  • OAuth 1.0a
  • Direct Login

Direct Login

First you must create an account on Open Bank Project. Then, register a new application which gives you a consumer-key. You use your consumer key when generating a Direct Login token.

http

POST /my/logins/direct HTTP/1.1
Host: api.openbankproject.com
Accept: application/json
Authorization: DirectLogin username="username", password="password", consumer_key="yourConsumerKey"

curl

curl -i -X POST https://api.openbankproject.com/my/logins/direct -H 'Accept: application/json' -H 'Authorization: DirectLogin username="username", password="password", consumer_key="yourConsumerKey"'

wget

wget -S -O- https://api.openbankproject.com/my/logins/direct --header='Accept: application/json' --header='Authorization: DirectLogin username="username", password="password", consumer_key="yourConsumerKey"'

httpie

http POST https://api.openbankproject.com/my/logins/direct Accept:application/json Authorization:'DirectLogin username="username", password="password", consumer_key="yourConsumerKey"'

python-requests

requests.post('https://api.openbankproject.com/my/logins/direct', headers={
    'Accept': 'application/json',
    'Authorization': 'DirectLogin username="username", password="password", consumer_key="yourConsumerKey"',
})

response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "token": "abc123"
}

Verify Authentication

You then use the token recieved from your DirectLogin request.

For example, make an authenticated request using your token.

Get your current user infomation:

http

POST /obp/v3.1.0/users/current HTTP/1.1
Host: YOUR-HOST
Accept: application/json
Authorization: DirectLogin token="abc123"

curl

curl -i -X POST https://YOUR-HOST/obp/v3.1.0/users/current -H 'Accept: application/json' -H 'Authorization: DirectLogin token="abc123"'

wget

wget -S -O- https://YOUR-HOST/obp/v3.1.0/users/current --header='Accept: application/json' --header='Authorization: DirectLogin token="abc123"'

httpie

http POST https://YOUR-HOST/obp/v3.1.0/users/current Accept:application/json Authorization:'DirectLogin token="abc123"'

python-requests

requests.post('https://YOUR-HOST/obp/v3.1.0/users/current', headers={
    'Accept': 'application/json',
    'Authorization': 'DirectLogin token="abc123"',
})

response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "user_id":"2ef35575-aae9-48fb-ad01-751755b3964f",
  "email":"Fred@example.com",
  "provider_id":"your-provider-id",
  "provider":"your-provider-name",
  "username":"fred",
  "entitlements":{"list":[]}
}