Cheat sheet for navigating the portal and for TPP access to developer documentation, sandbox and production APIs.


  1. Explore the API documentation

    All documentation of PSD2- and security Products is available from the API section of the portal. Here you will find an overview of all available APIs as well as full API documentation including Swagger/OpenAPI specifications.

    Explore our APIs

  2. Prepare certificates for sandbox access

    The sandbox is available to all registered TPPs or TPPs who are in the process of getting certified. To access sandbox, you need need a pair of eIDAS certificates (both QWAC and QSEAL) with all required TPP roles listed in the certificates. If you are a registered TPP, you can use the Production certificates. If your application has not yet been approved, you can use a set of Test certificates from a certified QTSP - or if this is not possible, you can get a generic test certificate with limited functinality from our PSD2 Support. In all cases, contact our PSD2 support prior to onboarding in order for us to ensure that your QTSP is known and has its CA certificates installed on our side.

  3. Onboarding to individual banks' APIs

    In order to enable access to production APIs, TPP should follow the steps in the TPP Enrollment Flow to onboard to individual banks' PSD2 APIs. Enrollment consists of a one-time request to a dedicated Enrollment API. Also familiarize yourself with the security model. Sandbox and Prod has different per bank endpoints. See full list of sandbox and production endpoint Provider Banks. The sandbox enables TPP to test the full onboarding and security solution, and if production certificates are used, it can be verified that same certificates will also work in production. You do not need to signup to the developer portal in order to access the sandbox- and production APIs - security is entirely based on eIDAS certificates and the enrollment API.

  4. Preparing for production access

    Production access is only available to licensed TPPs with a valid set of eIDAS production certificates (QWAC+QSEAL). Sandbox and production uses same security model and certificate validation mechanism in the enrollment API. Refer to the description of the Production Environment including the description of API endpoint schemas to access the production APIs.

All done!

You are signed up, registered, and ready to go.