Skip to content

danlucian/ing-psd2-oauth2-sdk

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits

.github/workflows

.github/workflows

 
 

docs

docs

 
 

src

src

 
 

.gitignore

.gitignore

 
 

README.md

README.md

 
 

pom.xml

pom.xml

 
 

Repository files navigation

ING OAuth2 API Client library for Java

NOTE: AT THE MOMENT ONLY THE SANDBOX INTEGRATION (TEST ENVIRONMENT) IS COVERED IN THE PROJECT.

By using this library, you can obtain end-user authorization grants for use with the ING PSD2 APIs.

This page contains information about getting started with the ING PSD2 integration using the ING API Client library for Java. In addition, you may be interested in the following documentation:

Installation

Maven

Before using the dependency, please run a mvn clean install to have the artifact in your local repository.

The project is not published on the public maven repositories.

Add the following lines to your pom.xml file:

<project>
  <dependencies>
    <dependency>
      <groupId>net.danlucian.psd2.ing</groupId>
      <artifactId>oauth2-sdk</artifactId>
      <version>0.0.1-SNAPSHOT</version>
    </dependency>
  </dependencies>
</project>

Gradle

dependencies {
  compile 'net.danlucian.psd2.ing:oauth2-sdk:0.0.1-SNAPSHOT'
}

Short introduction

ING has 2 environments which can be used for the integration:

  • Production
  • Sandbox

The sandbox environment enables you to test the connectivity to ING APIs. It contains a simulator that simulates API responses.

The production environment includes 2 different flows: PSD2 and OpenBaking. The difference between those two flows is that the PSD2 requires a valid eIDAS certificate when executing a request against the APIs and the OpenBanking not.

Sequence diagram

PSD2 Sequence Diagram

For refering to specific API documentation, please check the ING APIs Marketplace.

Get started with the sandbox

  1. Create a ClientSecrets instance and load your certificates:
final ClientSecrets clientSecrets = new ClientSecrets(
                clientCertificate,
                clientKey,
                signingCertificate,
                signingKey);
  1. Define your desired scopes (if you don't have any scope, go directly to the step 7):
final String scopes = "customer-details%3Aprofile%3Aview+customer-details%3Aemail%3Aview+customer-details%3Aaddress%3Aview";
  1. Instantiate a sandbox flow:
Flow sandBoxFlow = new SandboxAuthorizationFlow(clientSecrets, scopes);
  1. Get an application access token:

Important! Please note that the application access token expires after 900 seconds after which you need to execute this step again in order to re-authenticate your application and request a new application access token. It is advisable to re-use the application access token instead of requesting a new token for each API call.

ApplicationAccessToken applicationAccessToken = sandBoxFlow.getAppAccessToken();
  1. Get a granting url:
PreflightUrl preflightUrl = sandBoxFlow.getPreflightUrl(
                applicationAccessToken,
                new URL("https://www.ing.ro"),
                Country.Romania
);
  1. Get a customer access token:
CustomerAccessToken customerAccessToken = sandBoxFlow.getCustomerAccessToken(
                applicationAccessToken,
                "result-of-preflight"
);
  1. Get only an application access token without having to define also the scopes:
AppAccessTokenClient appAccessTokenClient = new AppAccessTokenClient(clientSecrets);
ApplicationAccessToken applicationAccessToken = appAccessTokenClient.getToken();

Get started with the open banking flow

  1. Create a ClientSecrets instance and load your certificates:
final ClientSecrets clientSecrets = new ClientSecrets(
                clientCertificate,
                clientKey,
                signingCertificate,
                signingKey);
  1. Get an application access token:

Important! Please note that the application access token expires after 900 seconds after which you need to execute this step again in order to re-authenticate your application and request a new application access token. It is advisable to re-use the application access token instead of requesting a new token for each API call.

AppAccessTokenClient appAccessTokenClient = new AppAccessTokenClient(clientSecrets, "009041da-cbc7-4987-b74e-e2fdfaf6a004");
ApplicationAccessToken applicationAccessToken = appAccessTokenClient.getToken();

The value for the clientId parameter in the above example is obtained from the developer-portal.

Select your application, and you will find the Client ID under the General section: ING Developer Portal

Get started with the PSD2 flow

Under development...

Pre-requisite to consume PSD2 APIs in the production environment

  • You must be registered with a National Competent Authority (NCA, or Regulator) as Account Information Service Provider (AISP) and/or Account Servicing Payment Service Providers (ASPSP) and/or Payment Initiation Services Provider (PISP).
  • You must have the PSD2 eIDAS certificates.

About

A Java SDK for the interaction with the PSD2 APIs exposed by ING Bank

Resources

Readme
Activity

Stars

4 stars

Watchers

2 watching

Forks

6 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages