Getting started

APIs enable your applications to directly integrate to Arab Bank's banking services. By following the steps provided on this page, you will learn everything you need to know about banking APIs, and you will be able to successfully make your first API call by the completing the steps provided in this guide. Below are the necessary steps to follow in order to integrate succesfully with Arab Bank.

  1. Register with us
  2. Obtain an API key for your app
  3. Authentication and Authorization
  4. Test against the Sandbox

 

What are banking APIs?

Banking APIs expose a range of data to third-party financial service solution providers including payment initiators, account aggregators, and other emerging fintechs. These APIs are designed and documented in accordance with PSD2 and Open Banking regulations.

The broad categories of APIs include:

  • Account access APIs which allow access to account information, balance, and transactions to support the AISP use case.
  • Payment APIs which allow one time payment submission to support the PISP use case.
  • Open data API which allow access to non-customer specific information, including ATM/branch locations and banking product details.

Arab Bank's APIs are build in a RESTful architectural style with data being represented in JSON format. Thus, our APIs are platform and programming language agnostic; they can be consumed by web apps, mobile apps, and by other APIs.

The utility and application of these APIs is only limited to your creativity and innovative ideas!

 

Creating an account

We need to know who you are before you can begin using our APIs. Register on the developer portal to start.

  1. Go to the registration page.
  2. Fill in your details.
  3. Submit.

After submission, you will recieve a confirmation email that will be used to confirm your Arab Bank developer account, then you may proceed to use our APIs.

 

Obtaining an API Key

Similarly to how a password is required to authenticate a user, the API key is required to authenticate your app to use our APIs. Follow the steps below to obtain your key.

  • Once you are logged in to your developer account, click on My Apps.
  • On the My Apps page, you will have an option to request an API key by creating a new app.
    1. Click on the "Add a new App" button
    2. Provide an App name and a Callback URL*
    3. Choose the API product(s) you wish to affiliate with you app
    4. Click on "Create App"
  • You will recieve a confirmation email and the app will be approved by Arab Bank within one working day. You will have your key to our APIs once your app is approved.
  • Once approved, click on the app to view all the details including the API key and secret.

*Enter your website URL as the Callback URL, if you don't have one, enter "localhost".

 

Authentication, authorization, and consent

Security is of uttermost importance when it comes to banking APIs. In order to comply with Open Banking and PSD2 requirements, our API and user authentication is based on OpenID Connect, which is based on OAuth 2.0

Some of our APIs only require an API key to be consumed, these are typically the Open Data APIs. Some APIs allow you to access customer-specific information such as account information. Some APIs allow you to modify customer data and perform banking transactions such as the payment initiation and submission APIs. The latter two will require user consent, and are naturally protected by various levels of authentication mechanisms. Read the below guides to gain an in-depth practical understanding of our API security.  

It is important to follow and apply the steps in the technical guide above to be able to use our transactional APIs.

 

Explore APIs through the Sandbox

The only thing left to do is to start experimenting with our APIs. You can do this in the sandbox environment that is specifically designed for this purpose. In this environment you can access dummy account data, so you can safely try out all the functionalities of our APIs. The good news is that the sanbox APIs are identical to our production APIs, the only difference is the data being returned through the API. Also, authentication and authorization have been simulated in the sandbox for your convenience.

 

Still got questions?

If you still have questions, you will probably find a relevant answer on our FAQ Page. Alternatively, you can post your questions on the forum where you will be answered by API experts as well as developers from the community!