Introduction
Open Banking API
The Cyrexa Open Banking API is the gateway for third-party providers to interact with Cyrexa clients and products.
Clients can use the Open Banking API to develop banking applications, whether they are:
- Regulated third-party providers that want to get account and transaction information of Cyrexa clients and initiate different types of payments.
- Innovative service providers looking to integrate Cyrexa functions into their applications seamlessly.
The Open Banking API can be tested in Postman:
Authentication
Get Access token
Headers
Content-Type: application/x-www-form-urlencoded
Parameters
- grant_type: Must be set to client_credentials to get the access token.
- scope: Must be set to accounts.
Example
When using a self-signed certificate or a certificate not known by standard Certificate authorities, the -k or —insecure cURL option should be used.
Response
The response contains the following JSON object:
What’s Next
This access token serves to authenticate the bearer for all subsequent requests to the API. It can be refreshed before it expires.
Authorization
Each Open Banking API must contain an authorization header in the following format to make a call:
Bearer <yourAccessToken>
Before starting, users must ensure they have an access token with the proper scope using the /token endpoint. An authorisation code must be obtained so it can be exchanged for an access token.
x-jws-signature
Open Banking API Payment requests additionally require a JSON Web Signature (JWS). The signature needs to be added to the header of the request. The JWS must be obtained using the full content of the payload.