Quick Start
Welcome to the Quick Start guide for the Ockto Open Banking APIs. This guide will walk you through the steps required to connect to our services.
» AuthorisationCopied!
Ockto uses API key authentication to initialise a session, and a bearer JWT to authenticate any subsequent request made to our APIs. All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without an authorisation token will also fail. Authorisation on our sandbox, acceptance and production environments is done using request signing. An initial signed call allows you to obtain a valid JWT token for use in subsequent calls. The Authorisation guide will take you through the 3-step process for implementing request signing. Note that the Postman Collections tab provides additional resources for getting started with request signing.
Authorisation» Consent flowCopied!
After a JWT is generated, an end user session is orchestrated by a logical sequence of API calls. These calls allow you to retrieve the available banks, initiate a consent and eventually retrieve the data after the user has authenticated the consent. This sequence is explained in more detail here:
Consent flow» Bank coverageCopied!
View the banks we support via our interfaces:
Bank coverage» Requesting an API keyCopied!
To get you started we will provide you with an API key to access the Sandbox environment. If you don't have an API key already, you can request an API key by sending a request via the Contact sales button in the navigation menu. We will come back to you within 1-2 working days.
Contact us