Read/Write APIs

The Open Banking Read/Write API Specifications will enable Account Servicing Payment Service Providers (ASPSPs, e.g. Banks and Building Societies) to develop API endpoints to an agreed standard so that Account Information Service Providers (AISPs) and Payment Initiation Service Providers (PISPs) can build web and mobile applications for Payment Service Users (PSUs, e.g. personal and business banking customers).

These specifications are now in the public domain (see below), so that any developer can access them to build their end points and applications. However, use of these in a production environment is limited to approved/authorised ASPSPs, AISPs and PISPs. Approval and authorisation is managed by the Financial Conduct Authority in the UK (FCA, see https://www.fca.org.uk/) and other relevant competent authorities across the EU.

Approved/authorised organisations should then enrol with Open Banking to use the Open Banking Directory. This will provide digital identities and certificates which enable organisations to securely connect and communicate via the Open Banking Security Profile in a standard manner and to best protect all parties. Further details regarding the Open Banking Directory and enrolment processes will be published here when available.

Version 1.0.0 of the Read/Write API specifications are available below. Future versions of these specifications will also be published here when available.

Security Profile

Defines how Read/Write APIs are secured using Mutual TLS, OAuth 2.0 and Open ID Connect.

Account and Transaction API

Access to account information, balances and transactional history.

Payment Initiation API

Initiation of payments from personal and business current accounts.

Support

We will shortly be launching an online forum to provide help and support. In the meantime, if you have any questions, please email enquiries@openbanking.org.uk.