Our APIs have been implemented based on the OAuth 2.0 industry-standard protocol to guarantee secure and authenticated transmission of data. Moreover, we perform API penetration tests regularly to ensure APIs security. Finally, only data that is approved by customer is accessible from the APIs.

Once you register your application on our API banking platform, the Client ID as well as the Client Secret are generated. Your Client ID is available under "My apps" section however, the Client Secret is stored encrypted, therefore we cannot retrieve it for you. In case you forget the Client Secret you may regenerate it.

Yes, access tokens have an expiration. If the token is expired, a relevant error message will be returned through a 400 error response. You will then need to request a new access token.

The “Client Credential” and “Authorization Code” grant types are supported.