API Hub Sandbox User Guide
Notice: Repository Migration
The Postman collection is no longer actively maintained in Confluence.
The Postman collection and related resources have been migrated to GitHub and are now maintained there. To ensure you are using the most up-to-date version, please refer to the GitHub repository:
https://github.com/Nebras-Open-Finance/postman
Future updates, fixes, and new additions to the Postman collection will be made exclusively in the GitHub repository.
Version | 1.1 |
|---|---|
Publication Date | Nov 20, 2024 |
Classification | Public |
1. Introduction
The API Hub Sandbox contains one or more ‘Model LFIs’, where each Model LFI has:
A fully functioning set of API resources (e.g. Authorization Server, Resource Server, etc) aligned to the published https://openfinanceuae.atlassian.net/wiki/spaces/OF/pages/6258951 which will behave exactly the same as an LFI’s production APIs in the API Hub.
Synthetic sample data for a number of fictitious Users (e.g. user names and passwords, accounts, transactions, etc).
This API Hub Sandbox therefore acts as a testing environment for TPPs, so that they can a) test their applications prior to being licensed and/or without accessing any real customer accounts and b) demonstrate their conformance to the Open Finance Standards as set out in the https://openfinanceuae.atlassian.net/wiki/spaces/OF/pages/124583943.
The API Hub Sandbox also acts as a reference implementation for LFIs so that they can compare their own API integration with the API Hub, thereby speeding up such integration activity.
2. Pre-Requisites
Developers must firstly make themselves familiar with all aspects of the https://openfinanceuae.atlassian.net/wiki/spaces/OF/pages/6258951.
In order to access the API Hub Sandbox, the LFI or TPP must nominate and onboard a Primary Business (PBC) and Primary Technical (PTC) contacts to the Open Finance Trust Framework (OFTF) Sandbox. Once onboarded, this allows the PTC to create the following artefacts within the OFTF Sandbox in order to simulate a TPP application:
Application
Application Transport Key & Certificate
Application Signing Key & Certificate
Detailed information about how to create the Application and Certificates is covered in the https://openfinanceuae.atlassian.net/wiki/spaces/TFDocsv4/pages/183468280/Trust+Framework+User+Documentation#5.-TPPs-Quick-Access-Guide
3. Accessing the API Hub Sandbox
The API Hub Sandbox is typically accessed by a TPP using their own client application.
The API Hub Sandbox is being continually updated to support more API sets and functionality. Please use the latest version here: https://openfinanceuae.atlassian.net/wiki/spaces/OF/pages/997556225 , which contains updates resulting from service desk tickets and Open Product functionality.
4. Using Postman
4.1 Introduction
The API Hub Sandbox does not in itself have a GUI. While developers can connect their own TPP applications directly to the API Hub Sandbox (because it behaves exactly the same as an LFI’s production endpoints in the API Hub), the starting point is to use Postman to connect and test out all of the APIs.
4.2 Setting up Postman
Download and install https://www.postman.com/
Download the Postman Collection from the latest version of the API Hub Sandbox (see https://openfinanceuae.atlassian.net/wiki/spaces/OF/pages/195788812/API+Hub+Sandbox+User+Guide#3.-Accessing-the-API-Hub-Sandbox )
Register your TPP client in the API Hub Sandbox, see https://openfinanceuae.atlassian.net/wiki/spaces/OF/pages/820772865.
Request a Postman Environment file:
Once your TPP client is successfully registered (step 3 above), please refer to https://openfinanceuae.atlassian.net/wiki/spaces/OF/pages/195788812/API+Hub+Sandbox+User+Guide#4.4-Downloading-Environment--through--Postman to obtain the Postman Environment file.
Import the Postman Collection and Environment File into Postman
Configure the OFTF Transport Certificates in Postman
Go to
Settings > Certificates > Add CertificateEnter the Host URL as below (please note this example is for Al Tareq Model LFI 1, and over time we may create additional Model LFIs)
Import the Transport Certificate (CRT file) from the OFTF Sandbox, see section 2 above
Import your Transport Key (KEY file) the Private Key which will have stored locally
Set the following general Postman settings
Go to
Settings > GeneralSet
SSL certificate verification: OFFSet
Automatically follow redirects: ON
Select the required environment file, which contains the server host definitions. Make sure you use the correct (latest) environment.
Edit your environment to add the
_clientId,kid-local, andpem-localas follows:_clientId- the Client ID of your application from the OFTF SandboxInsert the
Client IDvalue from the OFTF Sandbox into the Postman_clientidvariable of your environmentkid-local- the Key Id (KID) of theOFP UAE CLIENT SIGNINGcertificate created for your application from the OFTF SandboxThe KID is then inserted into the
kid-localfield of the altaraq-sandbox environmentpem-local- the Private Key of your Signing Certificate.
This is the OFTF Signing Certificate Private Key that you created when you created the Signing Certificate CSR.
The Signing Ley needs to be represented as a single line to be included in the Postman environment.
To achieve this in MacOS and Linux, the tr (translate) command can be used as follows, which removes the newline characters.tr -d '\n' < 98863a9e-ae4f-4593-a894-714cbbc91ffb-opf_uae_client_signing.key > single-line-opf_uae_client_signing.key
The single line Client Key can then be copied and pasted from the file into the postman environment as the pem-local variable:
4.3 Using the Postman Collection
Once your Postman Environment has been updated, you’re ready to run the Postman Collection against the API Hub Sandbox.
The Postman Collection contains a number of steps in order, which will walk you through each of the API flows in the API Standards.
The Authorization Flow supports the following test users:
Banking API version 1.2: username: mits / password: mits
Banking API version 2.0: username: mario@biz.bix / password: PIX
Banking API version 2.1: username: omar.farsi@testmail.ae / password: PIX
Insurance: username: mits / password: mits
Banking Version 1.2 | ||
Username | Password | Account details |
mits | mits | "AccountId": "100004000000000000000002""SchemeName": "AccountNumber""Identification": "10000109010102""AccountType": "Corporate""Name": "Luigi International" |
mits | mits | "AccountId": "100004000000000000000003""SchemeName": "AccountNumber""Identification": "10000109010103""AccountType": "Retail""Name": "Mario International" |
mits | mits | "AccountId": "100004000000000000000005""SchemeName": "IBAN""Identification": "10000109010105""AccountType": "Retail""Name": "Spectrum" |
Banking Version 2.0 | ||
Username | Password | Account details |
PIX | "AccountId": "100004000000000000000004""SchemeName": "AccountNumber""Identification": "10000109010104""AccountType": "Corporate""Name": "Luigi PrePaid Card" | |
PIX | "AccountId": "100004000000000000000006""SchemeName": "AccountNumber""Identification": "10000109010106""AccountType": "Corporate""Name": "Peach Charge Card" | |
PIX | "AccountId": "100004000000000000000007""SchemeName": "IBAN""Identification": "10000109010107""AccountType": "Retail""Name": "Bowser Other" | |
PIX | "AccountId": "100004000000000000000008""SchemeName": "IBAN""Identification": "10000109010108""AccountType": "Corporate""Name": "Toadstool Current" | |
PIX | AccountId": "100004000000000000000009""SchemeName": "AccountNumber""Identification": "10000109010109""AccountType": "Retail""Name": "Yoshi Savings" | |
PIX | "AccountId": "100004000000000000000010""SchemeName": "IBAN""Identification": "10000109010110""AccountType": "Corporate""Name": "Koopa Credit Card" | |
PIX | "AccountId": "100004000000000000000011""SchemeName": "IBAN""Identification": "10000109010111""AccountType": "Retail""Name": "Daisy PrePaid Card" | |
Banking Version 2.1 | ||
Username | Password | Account details |
PIX | "AccountId": "2_1_100004000000000000000001""SchemeName": "AccountNumber""Identification": "10901010157""AccountType": "Retail""Name": "Omar Al-Farsi" | |
PIX | "AccountId": "2_1_100004000000000000000002""SchemeName": "AccountNumber""Identification": "10000109010103""AccountType": "Corporate""Name": "Mario International" | |
PIX | "AccountId": "2_1_100004000000000000000003""SchemeName": "IBAN""Identification": "10000109010105""AccountType": "Retail""Name": "Spectrum" | |
Insurance | ||
Username | Password | Policy details |
mits | mits | "InsurancePolicyId": "10000000-0000-0000-0000-000000000001""Type": "employment""PolicyNumber": "P1000000000000001" |
mits | mits | "InsurancePolicyId": "10000000-0000-0000-0000-000000000002""Type": "employment""PolicyNumber": "P0000000000000002" |
mits | mits | "InsurancePolicyId": "20000000-0000-0000-0000-000000000001""Type": "health""PolicyNumber": "P2000000000000001" |
mits | mits | "InsurancePolicyId": "20000000-0000-0000-0000-000000000002""Type": "health""PolicyNumber": "P2000000000000002" |
mits | mits | "InsurancePolicyId": "30000000-0000-0000-0000-000000000001""Type": "home""PolicyNumber": "P3000000000000001" |
mits | mits | "InsurancePolicyId": "30000000-0000-0000-0000-000000000002""Type": "home""PolicyNumber": "P3000000000000002" |
mits | mits | "InsurancePolicyId": "40000000-0000-0000-0000-000000000001""Type": "life""PolicyNumber": "P4000000000000001" |
mits | mits | "InsurancePolicyId": "40000000-0000-0000-0000-000000000002""Type": "life""PolicyNumber": "P4000000000000002" |
mits | mits | "InsurancePolicyId": "50000000-0000-0000-0000-000000000001""Type": "motor""PolicyNumber": "P5000000000000001" |
mits | mits | "InsurancePolicyId": "50000000-0000-0000-0000-000000000002""Type": "motor""PolicyNumber": "P5000000000000002" |
mits | mits | "InsurancePolicyId": "60000000-0000-0000-0000-000000000001""Type": "renters""PolicyNumber": "P6000000000000001" |
mits | mits | "InsurancePolicyId": "60000000-0000-0000-0000-000000000002""Type": "renters""PolicyNumber": "P6000000000000002" |
4.4 Downloading Environment through Postman
Navigate to Postman Environment folder from the collection
Then go to Get/environment endpoint
Add value of client_id which you will get from Admin Portal
Then click on the send button.
Then Navigate to the 3 dots at the Right hand side corner
Click on Save response to file
By clicking on Save, Postman Environment will get downloaded successfully