Versions Compared

Version Old Version 4 New Version 5
Changes made by

Rajeev Walia

Chris Michael

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Expand
titleMENU
Table of Contents
stylenone

Version

1.01

Publication Date

23 Sep

Classification

Public

1. Introduction

...

In order to access the API Hub Sandbox, developers must be on-boarded onto the LFI or TPP must nominate and onboard a Primary Business (PBC) and Primary Technical (PTC) contacts to the Open Finance Trust Framework (OFTF) Sandbox and have the ability to create Applications under the OFTF Sandbox. Once onboarded, this allows developers the PTC to create the following artefacts within the OFTF Sandbox in order to simulate a TPP application:

  1. Client IDApplication

  2. Client Application Transport Key & Certificate

  3. Application Signing Key

  4. Signing Key ID (KID)

  5. & Certificate

Detailed information about how to create the OFTF artefacts Application and Certificates is covered in the Trust Framework User Documentation.

3. Setting up Postman

https://openfinanceuae.atlassian.net/wiki/spaces/TFDocsv4

3. Accessing the API Hub Sandbox

The API Hub Sandbox is typically accessed by a TPP using their own client application.

The API Hub Sandbox is being continually updated to support more API sets and functionality. Please use the latest version from the list below.

Version

Publication Date

Notes

API Hub Sandbox v1.1 2024.11.19

Contains additional api endpoints, features and fixes

API Hub Sandbox v1.1 2024.09.20

Initial release. No longer supported, please do not use.

4. Using Postman

4.1 Introduction

The API Hub Sandbox does not in itself have a GUI. While developers can connect their own TPP applications directly to the API Hub Sandbox (because it behaves exactly the same as an LFI’s production endpoints in the API Hub), the starting point is to use Postman to connect and test out all of the APIs.

Once downloaded and installed on a developer’s PC, the following instructions should be followed to setup Postman.

...

Download the latest Postman Collection (see section 4 below)

...

4.2 Setting up Postman

  1. Download and install https://www.postman.com/

  2. Download the Postman Collection from the latest version of the API Hub Sandbox (see https://openfinanceuae.atlassian.net/wiki/spaces/Internal/pages/251953153/API+Hub+Sandbox+User+Guide#3.-Accessing-the-API-Hub-Sandbox)

  3. Request a Postman Environment file:

    1. Once your TPP client is successfully registered, please raise a ticket on the Nebras Service Desk requesting your Postman Environment file. Please include your TPP Name and Client Id when raising the ticket.

    2. We will then respond on the ticket to send you a pre-configured Postman Environment file

  4. Import the Postman Collection and Environment File into Postman

    Postman Import.pngImage RemovedScreenshot 2024-11-20 at 09.51.23.pngImage Added

  5. Configure the OFTF Transport Certificates in Postman

    1. Go to Settings > Certificates > Add Certificate

    2. Enter the Host URL as below (please note this example is for Al Tareq Model LFI 1, and over time we may create additional Model LFIs)

    3. Import the Transport Certificate (CRT file) from the OFTF Sandbox, see section 2 above

    4. Import your Transport Key (KEY file) the Private Key which will have stored locally

      Add Certificate.png

  6. Set the following general Postman settings

    1. Go to Settings > General

    2. Set SSL certificate verification: OFF

    3. Set Automatically follow redirects: ON

      Postman Settings 1.png

      Postman Settings 2.png

  7. Load Select the altareq-sandbox required environment file, which contains the server host definitions. Make sure you use the correct (latest) evironmentenvironment.

    Load Environment.png

  8. Edit the altareq-sandbox your environment to add the _clientId, kid_local, and pem_local as follows:

    1. _clientId - the Client ID of your application from the OFTF Sandbox

      View Client ID.png

      Insert the Client ID value from the OFTF Sandbox into the Postman _clientid variable of the altareq-sandbox your environment

      Enter Client ID.png

    2. kid_local - the Key Id (KID) of the OFP UAE CLIENT SIGNING certificate created for your application from the OFTF Sandbox

      View Key ID.png

      The KID is then inserted into the kid_local field of the altaraq-sandbox environment

      Enter Key ID.png

    3. pem_local - the Private Key of your Signing Certificate.
      This is the OFTF Signing Certificate Private Key that you created when you created the Signing Certificate CSR.
      The Signing Ley needs to be represented as a single line to be included in the Postman environment.
      To acheive this in MacOS and Linux, the tr (translate) command can be used as follows, which removes the newline characters.

      Code Block
      tr -d '\n' <  98863a9e-ae4f-4593-a894-714cbbc91ffb-opf_uae_client_signing.key >  single-line-opf_uae_client_signing.key

The single line Client Key can then be copied and pasted from the file into the postman environment as the pem-local variable:

...

4.

...

The latest Postman files can be downloaded here

  • Postman Collection

    View file
    nameOpen Finance - CBUAE Sandbox v1.1 2024.09.20.postman_collection.json

  • Environment File

    View file
    namealtareq-sandbox.postman_environment-v1.0-240920.json

The above Postman Collection currently supports the following API endpoints:

Bank Data Sharing

  • GET/account-access-consents

  • GET/account-access-consents/{ConsentId}

  • PATCH/account-access-consents/{ConsentId}

  • GET/accounts

  • GET/accounts/{AccountId}

  • GET/accounts/{AccountId}/balances

  • GET/accounts/{AccountId}/beneficiaries

  • GET/accounts/{AccountId}/direct-debits

  • GET/accounts/{AccountId}/product

  • GET/accounts/{AccountId}/scheduled-payments

  • GET/accounts/{AccountId}/standing-orders

  • GET/accounts/{AccountId}/transactions

  • GET/accounts/{AccountId}/parties

  • GET/parties

Bank Service Initiation (Single Instant Payment)

  • GET/payment-consents

  • GET/payment-consents/{ConsentId}

  • PATCH/payment-consents/{ConsentId}

  • POST/payments

  • GET/payments

  • GET/payments/{PaymentId}

Bank Service Initiation (Single Future Dated Payment)

  • GET/payment-consents

  • GET/payment-consents/{ConsentId}

  • PATCH/payment-consents/{ConsentId}

  • POST/payments

  • GET/payments

  • GET/payments/{PaymentId}

Insurance Data

  • GET/insurance-consents

  • GET/insurance-consents/{ConsentId}

  • PATCH/insurance-consents/{ConsentId}

Please note, the above Postman Collection will be updated from time to time to include additional API endpoints as/when these are updated in the API Standards.

...

3 Using the Postman Collection

Once your Postman Environment has been updated, you’re ready to run the Postman Collection against the API Hub Sandbox.

...

Username

Password

Account details

mits

mits

Code Block
"AccountId": "100004000000000000000002"
"SchemeName": "AccountNumber"
"Identification": "10000109010102"
"AccountType": "Corporate"
"Name": "Luigi International"

mits

mits

Code Block
"AccountId": "100004000000000000000003"
"SchemeName": "AccountNumber"
"Identification": "10000109010103"
"AccountType": "Retail"
"Name": "Mario International"

mits

mits

Code Block
"AccountId": "100004000000000000000005"
"SchemeName": "IBAN"
"Identification": "10000109010105"
"AccountType": "Retail"
"Name": "Spectrum"

...