Open Banking API
The Revolut Open Banking API is the gateway for third-party providers to interact with Revolut customers and products.
You can take advantage of the Open Banking API to build your banking applications whether you are
- A regulated third party provider that wants to get account and transaction information of Revolut customers and initiate different types of payments, or
- An innovative service provider that is looking to seamlessly integrate Revolut functions into your own applications.
To get started using the Open Banking API, check the user guide.
You can test the Open Banking API in Postman:
Authentication
Get Access token
Certificates
You must use the following certificates to request the access token.
- transport.pem: The transport certificate you converted to *.pem format in Convert certificates
- server.key: The server certificate you generated in step Generate CSR certificate
Headers
Content-Type: application/x-www-form-urlencoded
Parameters
grant_type: Must be set toclient_credentialsto get the access token.scope: Must be set toaccounts.
Example
In case you are using a self-signed certificate or a certificate not known by standard Certificate authorities, do not forget to use the -k or --insecure cURL option.
curl -k --cert transport.pem --key server.key \
--location -X POST 'https://oba-auth.revolut.com/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
-d 'grant_type=client_credentials' \
-d 'scope=accounts' \
curl -k --cert transport.pem --key server.key \
--location -X POST 'https://oba-auth.revolut.codes/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
-d 'grant_type=client_credentials' \
-d 'scope=accounts' \
Response
The response contains the following JSON object:
{
'access_token':'<access token>',
'token_type':'Bearer',
'expires_in':2399
}
What's next
Use this access token as the authentication bearer for all subsequent requests to the API, as described in the Tutorials section. You can also refresh the token before it expires.
Authorization
Each Open Banking API must contain an authorization header in the following format to make a call: Bearer <yourAccessToken>.
Before you start, ensure that you've got an access token with the correct scope using the /token endpoint. You need to get the authorization code first and exchange it for an access token.
For more information, see Tutorial: Get account and transaction information and Tutorial: Initiate your first payment as examples.
x-jws-signature
Open Banking API Payment requests additionally require a JSON Web Signature (JWS) which needs to be added to the header of the request. The JWS signature must be obtained using the full content of the payload.