This document explains how to integrate with Nordigen API to connect to your users’ bank accounts and access account information from bank PSD2 APIs. Nordigen API is a set of endpoints that allows you to integrate our Account Information solution with your system. All responses will be shown in JSON format. All endpoints require the Authorization token.
Before you start, please make sure you have acquired a token from the Nordigen's Open Banking Portal. If you are not a registered and authorised user of the Open Banking Portal
, please request access here
To jump start your integration, head straight to the Quickstart Guide
If you’re looking for Transaction Categorisation and Insights API documentation, click here
Account Information solution can access up to 24 months of transaction history as well as up to 90 days of continuous access to account information.
Our Account Information solution provides access to the following data:
- Account: account holder name, a list of account holder’s accounts (account number, IBAN)
- Transactions: date, merchant or counterparty (partner) name, description (info field), amount
- Balances: current and available
Our Account Information solution is available in all European Economic Area countries that are subject to PSD2 regulation. In all these countries Nordigen (Ltd. Nordigen Solutions) operates as an authorised AISP. You can see the full list ouf countries here.
To use Account Information, you are required to sign up to Nordigen's Open Banking Portal and acquire an access token.
Access tokens are used for client authentication and API request authorization. The access token is provided through the HTTP authorization header.
For every authenticated end user, you can update data 4 times per day. If you exceed the rate limit, you will receive an error. There are limits on accessing data.
The diagram below depicts an example of the customer journey for our clients' end users.
- You assign a unique reference number to each of your end users, which is later used to identify the respective end user. With the unique identifier assigned, the end user is then shown the first view, which is developed and hosted by you.
- The end user is shown which ASPSPs (Account Servicing Payment Service Provider, e.g. bank) they can link with the service. The list of available ASPSPs is retrieved from the Nordigen API and depends on ASPSPs Nordigen support within any given country.
- After the end user selects an ASPSP, the end user is taken to the second view, which contains a consent text. This view can be hosted by verified clients (passed manual KYC verification) and one can use Nordigen API to handle all consents.
- After the end user selects an ASPSP, the end user is taken to the second view, which contains a consent text. This view is hosted by Nordigen for non verified Nordigen clients.
- The end user is asked to provide their consent.
- When the end user has provided their consent, the end user is redirected to the third view, which states that Nordigen is transferring the end user to their ASPSP. This view is developed and hosted by Nordigen.
- The ASPSP provides an interface for the end user to link their account data. This view is developed and hosted by the ASPSP, therefore, neither you, nor Nordigen can influence the look and feel of this view. The ASPSP view depends on each ASPSP.
- After a successful authentication on the ASPSP site, the end user is redirected to the fifth view, developed and hosted by Nordigen, where they see a success message. At this point their access token is securely stored on the Nordigen side. The access token enables Nordigen to fetch bank account data from the respective ASPSP.
- As the final step, the end user is redirected back to the initial application view, developed and hosted by you. If necessary, you can ask the end user to link another ASPSP, or conclude the process.
- Once the end user has concluded the process, you are able to access the raw data via the Nordigen API.
Nordigen uses regulated open APIs applying data authentication as depicted in diagram.