Access to Sandbox
KBC Ireland is inviting all Third parties, developers and Open Banking enthusiasts to test their applications using our APIs in the Sandbox. The process to access the Sandbox is explained below.
1. Register to access the Developer Portal
The first step in getting access to detailed information on our APIs and get access to the Sandbox is to register your details.
You can start the process here
Once your registration is approved you will receive an email from firstname.lastname@example.org
which will have the activation link for your KBC Ireland Developer Portal account
On the activation page you will be required to setup your user name and password to access the developer portal.
On successful creation of a user name and password you can access the portal.
2. Add and Manage Applications
Add a New Application
You can add a new application by logging into the portal and accessing the functionality available under the ‘Publish’ option on the dashboard.
Publish > Apps (on the top left of the page) > Add Application (button on the right).
You will be asked to provide the following information:
||This is a unique name of your application. This application name will appear on some of the screens in the authorisation flow.
||This is a short description of the application.
||The environment, which the application will access. Note: access to production is not yet enabled. Keep an eye on our updates to find out the release dates for our APIs on production.
||This is the password you will use to complete the consent authorisation flow. The user name is set by default to the client ID of the application. The client ID will be available after the application is successfully registered.
||You will have to select the APIs, which your application will access.
||Provide the callback URL to your application. If there are multiple URL(s) then separate them using commas (,).
||This is the scope for your application. You can add either or all of the following values – accounts, payments, fundsconfirmations. In case of multiple roles separate them using spaces. Note – using any other values apart from the ones specified may result in your application not being registered properly.
Manage your Application
Retrieve Application Credentials
Once you have registered your application you can retrieve the client ID and secret by navigating to the list of applications and choose ‘Edit’ from the list of options available for the chosen application.
Delete an Application
You can also delete your application by navigating to the list of applications and then choose ‘Delete’ from the list of options available for the chosen application.
3. Test Your Applications
Detailed Documentation – Swagger Definition
You can access detailed documentation of our APIs here. These can be accessed after you have registered on the developer portal. Your application will need certificates to use the APIs in Sandbox. The process to obtain certificates is explained below.
Security is important to us. To access our APIs in Sandbox your application will need to use two certificates - network certificate and signing certificate. After you have registered your application and received the credentials for the application you will need to send in a certificate signing request (CSR). There will be an API made available for you to request certificates. Once you send us the CSR we will create the certificates and share it with you. These certificates should be used by your application to use the relevant APIs.
Details of the API are available on our portal.
When you register a new application you will be asked to enter a password for a test user (note – user name is set to client ID of the application). This will be the user you can use in the consent authorisation journey. The user will be linked to a set of dummy accounts, which have transactional data on it.
You can access the list of accounts once you successfully complete an AIS or a PIS consent authorisation journey from your application.
Our APIs follow the oAuth framework and the end to end journey will involve a web redirect from your application into our authorisation endpoint.
KBC Ireland will support the redirect method of authorisation. The sandbox will support the web redirect method. Your application will receive an authorisation code, which should be used to retrieve access tokens.
Authorisation Server Details (Sandbox)
Information needed to interact with our authorisation server on the Sandbox is available here.
Note – we will monitor the usage of our APIs by your applications on the Sandbox.
4. Additional Information
The following documents provide additional information, which will guide you in setting up your test environment to integrate with the APIs in the Sandbox.
Access to Production
KBC Ireland is live in production with its PSD2 Accounts Access APIs. You can now register your applications if you have a valid eIDAS certificate set (QWAC and QSEAL). More details can be found here.