Skip to content
Developerhome

3. Integrate

  Less than to read

Banking Service Postman Collections

To see the Provider API in action and begin exploring our endpoints use our Banking Service Postman collection. Get the collection through the following steps, or learn more about using Postman.

1: Get the Postman app

Visit the Postman website to Download and install Postman.

2: Get the Postman collection

Run in Postman

Postman supports collections which are a pre-packaged bundles of API requests. To assist in the development and testing of your integration, we have provided the following Postman collection which covers Banking Service’s intergration flows.

This collection contains the following folders:

  • Onboarding
  • Re-authorisation
  • Multi-account linking
  • Retrieve Sage ID token
  • Posting transactions

You can see explanations of our collections, including use cases and flows, in API flows.


API provider flows

To enable a successful integration with Banking Service, it is important to understand the data flows.

There are 5 flows for providers connecting to Banking Service:

  • Onboarding (Authorisation)
  • Re-authorisation
  • Multi-account linking
  • Posting Transactions
  • Offboarding

Our API flow articles represent the steps outlined within our postman collection. Before walking through each flow ensure to have first completed the following:


Implement the Connector API

To process the required webhooks provider flows, you need to implement a connector API.

Endpoints

This API is exposed through the endpoints provided in stage 2. Get set up with the following endpoints:

  • /auth – for generating UI to authenticate a customer account
  • /authrefresh – for generating UI to reauthenticate a customer
  • /notification – for receiving calls when events occur on Banking Service (or Provider API) that require the provider’s attention
  • /availableaccounts – multi-account linking is an optional feature that uses this endpoint. It’s adopted by some Sage products to let users onboard multiple accounts at 1 time.

Connector API specification

The full specification, including response codes and payloads, is in the Swagger file. Go to the API Reference section for connector API to find out more.

Building this API against the provided endpoints allows you to test the flows in the sandbox environment using the Postman collections. Download the Postman collections here.


Implement Sage ID

Sage ID is required for you to obtain access tokens which can be provided as an authorisation header within your Provider API requests.

Sandbox base URLs

https://id-shadow.sage.com

Production Base URLs

https://id.sage.com

Authentication requirements

  • Use Sage ID access tokens until they expire. New tokens are not required for each new request.
  • You should notify us on the established channels immediately of any breach of credentials.
  • Providers who have chosen to create a connector API to support notifications must validate the API key header and Sage ID token sent in any notification.
  • The Provider API will throttle requests at a pre-agreed rate. The default is 10 requests per second. Throttled requests may return a 429 error response. In the event of a 429 error response, the integration should default to an appropriate back off before retrying.

Implement the Provider API

Provider API is API used for pushing transactions to Banking Service.

Provider API specification

The full specification, including response codes and payloads, is in the Swagger file. Go to the API reference section for Provider API.

Sandbox base URLs

EU https://papi-snd01-eu-west-1.sagebanking-sandbox.cloud
US https://papi-snd01-us-east-1.sagebanking-sandbox.cloud

Production base URLs

 EU https://eu-banking.fabric.sage.com/provider
 US https://us-banking.fabric.sage.com/provider 

Sandbox audience

sfdsbanking/sfdsBankingProvider-Pre

Production audience

sfdsbanking/sfdsBankingProvider

Securing the Connector API

All our endpoints are protected by Sage ID JWT tokens which are required to be sent as an authorisation header on each request.

There is a number of security methods in place for protecting the connector API. We have created an extensive guide which will walk you through each method. By default, we do not use fixed IP addresses. If you have a requirement for whitelisting IPs, please contact us to discuss.

Read the guide.


Testing

Once your development is complete it is vital to test the integrity of your integration.

We have created a Banking Service test plan which covers the basic tests which should be completed for each of the 5 flows. We rely on you to complete further comprehensive testing on your solution to ensure the best solution for our mutual customers.

Please complete the test plan before requesting production credentials.


Integration support

Your team will be able to communicate with our engineers for support. The channels for contacting our engineers was agreed in Stage 2: Get set up.

Please get in touch with us if you have any issues during development such as:

  • Issues accessing sandbox
  • Documentation issues
  • Updates to endpoints or provider names
  • Delays to agreed go-live dates
  • Knowledge support for provider flows and API specifications

Developer Community >


What’s next?

Discover the Banking Service API flows, starting with onboarding.


Was this helpful?