Before start

Before you start you should do a few basic tasks in following steps:

  1. Register your organization
  2. Invite your developers
  3. Create your application

Step 1. Register your organization

To register your organization you should navigate to . At first you register yourself as your organization administrator by filling your first name, last name, email address, username, password and accepting the End User License Agreement. Then you register your organization by filling its name and description. Your registration is sent to the bank by clicking Register Now button.

After receiving your registration the bank will send you the confirmation email to the email address which you provided. The email will include link to activate your account and log into the Developer portal. Your registration is completed after you click on the confirmation link and successfully login.

In case you login to the Developer portal without using the confirmation link the Developer Portal will show you the following error message 'Your account has been disabled'.

Organization Name

Accounts API, Payments API and Funds API require that your organization name matches the name in Financial Services Register provided by National Bank of Slovakia.

Password policy

You need a password to login to the Developer Portal which is defined by the password policy settings. Your password should comply with the following rules:

Minimum password length
9
Minimum number of upper case letters
1
Minimum number of special characters
1
Minimum number of lower case letters
1
Maximum number of non-repeating characters
3
Minimum number of numerical values
1
Password History size
3
Password Expiry age
730 days
Password Expiry Warning
14, 3, 1 days

 

Step 2. Invite your developers

As an organization administrator you can invite developers from your organization. To invite new developers enter Dashboard/Organization page and then click to Invitations menu item on the left. By clicking the Invite New Users button you will start the invitation process. After filling the list of developer's emails click the Send Invitation(s) button. Each developer from your invitation list will receive confirmation email with registration link to the Developer portal. You can check the current status of your developers' onboarding on the Dashboard/Organization page in Developers menu item.

Step 3. Create your application

After creating the application you are able to access the testing (Sandbox) environment for the subscribed APIs.

Step 3.1. Fill in application information

Before you are able to make your first API call you need create an application on the Developer Portal. Enter Dashboard/Applications page. To add new application click the Add Application button and start with filling the required application information in the Application Information tab.

Step 3.2. Choose APIs

In API Management tab you are able to choose the APIs which you want to access.

Step 3.3. Set up authentication

Add Callback URL

In Auth tab, you have to add a Callback URL, which is used by the bank authorization server to return responses containing authorization credentials to the application via your customer user-agent. The bank authorization server requires all applications to register one or multiple callback URLs (redirect URIs) before utilizing the authorization endpoint. Redirection endpoint is described in OAuth 2.0 protocol in Section 3.1.2. Redirection Endpoint.

Callback URL for Sandbox environment: https://developer.tatrabanka.sk/resources/oauthCallback.html

Add Scope

For OAuth 2.0 Authorization Code Grant supported scopes are:

Premium API - Accounts:

  • For TPP: PREMIUM_AIS:{consentId}.
  • consentId will be generated by method POST /consents
  • For FAC: PREMIUM_AIS
  • consentID is autogenerated for FAC. 

Premium API - Payments:

  • For Payment Initiation: PREMIUM_PIS

  • For Payment Cancelation: PREMIUM_PIS_CANC

Choose type

OAuth 2.0 protocol defines two client types (Confidential and Public), based on their ability to authenticate securely with the authorization server (i.e., ability to maintain the confidentiality of their client credentials) in Section 2.1. Client Types. Please choose option which best suites your application architecture.

Step 3.4. Select Application Usage (Optional)

Premium API offers two different types of Application Usage for its consumers. If you are a Premium API consumer, visit the Application Usage tab and select one of those options:

  • Final consumer: this application usage enables you to access your accounts held in Tatra banka 
  • TPP: this application usage enable your end-users to access their accounts (TB, RBSK, SLSP, CSOB, VUB, FIO)
     

Step 3.5. Start with testing APIs

Click the Save button in order to create new application.

After successful creation of the application the Developer Portal generates client credentials of your application:

  • API Key (also called client_id, e.g. l7xx528bd862138c4e9bab60cfb5d4d85df8)
  • Application secret (also called client_secret, e.g. 3d5e2ac607ff4f5aa6c5132e1f0f0159)

Please keep your application secret safe. However if your application secret is compromised you can request to generate new secret by clicking the Request a New Shared Secret button in Auth tab while editing your application.

Promote application to Live

To promote your application to Live environment enter the Dashboard/Applications page and start with editing your application. In API Management tab you can request to change Sandbox plan to Production (Live) plan.

Then, you will be contacted by backend officier for signing PremiumAPI contract.