Redirects the flow to Arab Bank's Login and Consent Application where a two-factor authentication is initiated. Upon successful authentication access_token or authorization code is returned as query parameters passed to the callback URL. /authorize

  • Name
  • client_id
    TPPs MUST provide this value and set it to the client id issued to them.
  • redirect_uri
    Callback URL defined with your registered App. This MUST be a valid, absolute URL that was registered during Client App Registration.
  • nonce
    A nonce value, random string
  • response_type
    OAuth 2.0 requires that this parameter is provided. Value is set to ‘code id_token’ or ‘code’. The values for these parameters MUST match those in the Request Object, if present.
  • state
    TPPs MAY provide a state parameter. A Unique ID to maintain state between asynchronous requests at the Client.
  • scope
    The scopes MUST be a subset of the scopes that were registered during Client app registration. At a minimum the scope parameter MUST contain openid. Other valid scopes are: accounts, payments
  • request
    The parameter MUST contain a JWS that is signed by the TPP. The JWS payload MUST consist of a JSON object containing a request object as per OpenID Connect Core 6.1.Example Payload.

    The request object MUST contain a claims section that includes as a minimum an openbanking_intent_id that identifies the intent id for which this authorisation is requested

Request Body

Basic Auth

OAuth 2.0

Custom Token


Make a request and see the response.

Make a request and see the response.

Resource Summary


This is the place where EventTypes description lies.

Sample Error Messages & Error Codes.

This is where error messages sample and description lies.
This is the place where HTTP Status Codes.