Public
Documentation Settings
No Environment
Double Column
cURL - cURL
Basiq API 3.0
Introduction
Authenticate
Institutions
Users
User Consent
Connections
Jobs
Accounts
Transactions
Affordability
Events
Other
Clean Up

Basiq API 3.0

We know how hard it can be to start developing with API's so at Basiq we have improved the experience by providing a beta template known as a Postman Collection.
In under 10 minutes you will have access to Basiq's full suite of products using our Sandbox environment!

We hope you find it useful and we always welcome feedback. Enjoy!

For full API Documentation see https://api.basiq.io

See also the Get started with Basiq guide:

https://api.basiq.io/docs

Authenticate

When working with Basiq APIs your application will need to complete the authentication process first before you can access any of the available resources.

The authentication process is fairly straightforward and simply requires you to exchange your API key for a token which is valid for one hour. Once you obtain the token, you can call any of the available API services by simply including the token in the Authorization header of each request.

POSTAuthenticate

https://au-api.basiq.io/token

API reference: https://api.basiq.io/reference/authentication

Exchange your API key for a token - this token is valid for one hour. Include the token in the Authorization header of each API request.

Scope

Requests from your server to Basiq should include a token with scope=SERVER_ACCESS, which grants full access to the Basiq API.

Requests from your client should have a CLIENT_ACCESS token. This token has restricted access and only allows the creation or update of a connection. If an attacker intercepts a request and steals your CLIENT_ACCESS token, the risk is mitigated as they will not be able to get your users' data.

A CLIENT_ACCESS token only grants access to the following requests:

  • Get Institutions
  • Get Institution Details
  • Check Job Status
  • Get User Consents - also requires a userId bound to token

Best practice

The token lasts for one hour. You should cache this token for global use: do not re-authenticate separately for each user or connection, etc., as this will cause trouble as your app scales.

HEADERS
Authorization

Basic XXXXXX

Replace XXXXXX with your API Key here

Content-Type

application/x-www-form-urlencoded

basiq-version

3.0

Bodyurlencoded
scope

SERVER_ACCESS

For requests from your server side

scope

CLIENT_ACCESS

For requests from the client, e.g., Create Connection

userId

{{user-id}}

For retrieving User Consents and User Connections

Institutions

Under the hood, Basiq connects to the internet banking portals of more than 70 different institutions - with more released every month across both Open Banking and Web connectors.

For transparency and to allow you to manage the user experience, we expose all details relating to the maturity, availability, performance, and data points returned by each bank's website in the /institutions endpoint.

GETGet Institutions

https://au-api.basiq.io/institutions

API reference: https://api.basiq.io/reference/institutions

Returns a list of all available institutions.

HEADERS
Authorization

Bearer {{access-token}}

Accept

application/json

Loading