RB Authorization

Download OpenAPI 2.0 specification (swagger)

API URL : https://api.raiffeisen.sk/rbsandbox/auth/oauth/v2
- Toggle All

/authorize

Show/Hide
List Operations
Expand Operations

The authorization endpoint is used to interact with the bank's client and obtain an authorization grant. The bank authorization server first verify the identity of the bank's client. See RFC 6749 for more details https://tools.ietf.org/html/rfc6749.

Parameters

Parameter	Value	Description
client_id		client_id Your application API Key generated by bank after bank approve your request for new application e.g. l7xx165301cc93e149a287b92c4e703e1296
response_type		response_type Value must be set to ''code''. If an authorization request is missing the "response_type" parameter, or if the response type is not understood, the bank authorization server returns ''unsupported_response_type'' error.
redirect_uri		redirect_uri A 'redirect_uri' that was registered for this client. It is required if multiple redirect_uri's have been registered for this client.
scope		scope Only SCOPE values that were registered for this client will be granted. If only non-matching SCOPE values are requested, the request will fail.
state		state Value opaque to the server, used by the client to track its session. It will be returned as received.
code_challenge		code_challenge code_challenge = BASE64URL-ENCODE(SHA256(ASCII(code_verifier))) see. RFC 7636 https://tools.ietf.org/html/rfc7636
code_challenge_method		code_challenge_method Value must be set to ''S256''.

Response Messages

HTTP Status Code	Reason	Response Model
200
400	The request could not be understood by the bank server due to malformed syntax. Your application should not repeat the request without modifications.
401	The request requires user authentication.
403	The server understood the request, but is refusing to fulfill it.
405	The method specified in the Request-Line is not allowed for the resource identified by the Request-URI.
500	The bank server encountered an unexpected condition which prevented it from fulfilling the request.
503	The bank server is currently unable to handle the request due to maintenance of the server.

POST /token

request_token_saml_flow

Implementation Notes

The token endpoint is used by the client to obtain an access token by presenting its authorization grant or refresh token.

Parameters

Parameter	Value	Description
authorization		authorization The HTTP basic authorization header containing the client credentials as base64 encoded string (authorization: Basic base64(client_id:client_secret)). This can only be used INSTEAD of the parameters 'client_id', 'client_secret'.
code		code The authorization code received from the bank authorization server.
grant_type		grant_type MUST be set to 'authorization_code' or 'client_credentials'.
scope		scope Only SCOPE values that were registered for this client will be granted. If only non-matching SCOPE values are requested, the request will fail.
code_verifier		code_verifier Code_verifier used to generate 'code_challenge' from a previous request see RFC 7636 https://tools.ietf.org/html/rfc7636

Response Messages

HTTP Status Code	Reason	Response Model
200
400	The request could not be understood by the bank server due to malformed syntax. Your application should not repeat the request without modifications.
401	The request requires user authentication.

Tatra banka a.s.Developer Portal

RB Authorization

/authorize

GET /authorize

Implementation Notes

Parameters

Response Messages

/token

POST /token

Implementation Notes

Parameters

Response Messages

Tatra banka APIs

Raiffeisen bank APIs

Other Links