Our Developer Portal is a central source of information and tools for our open banking APIs, giving you access to Alior Bank services.
You should view our sandbox as a safe testing environment. Although it is separated from our production environment, it gives you a very accurate simulation of how the APIs will work on live data.
We have prepared a set of representative test data sets which will give you a good understanding of how things will work when in production.
Our current API catalogue consists of PSD2 related services - Account Information Services and Payment Initation Services, but we will be adding other services to the pack soon.
Yes, using the sandbox is free of charge and everyone can register and use the APIs in our test environment.
If you are a licensed TPP (as per PSD2 regulations) you will have access to production data for Accounts (AIS) and Payments (PIS) as soon as they become available. A license will not be required for other services, but we reserve the right to select our partners. In such cases, a bilateral agreement will need to be signed. APIs with public data will be accessible without any formal requirements.
Our portal is available to everyone who registers and accepts its terms and conditions. All registered users will get access to our API catalogue and test data. Some new APIs may be available by invitation only, before they become part of our official catalogue.
Please check your mailbox to see if the email has not ended up in a spam folder. If it is not there, please use the contact form to get in touch with us.
A developer organization owns the developer applications and consumes the APIs and applications published on the Developer Portal.
Yes, as the first user registered under your organization you have the possibility to add more users and assign them to one of the available profiles (admin, developer, viewer)
You can always change your password in My account/Password
If you've forgotten your password, you can use the 'Request new password' form, and enter the e-mail address used during registration. A link to reset the password will be sent to you by e-mail.
An application (or app) is a way to manage your API credentials.
Yes, you can set up as many apps as you want
No, you can use the same name for more than one app
No, this is a test environment with no access to production data.
Anyone registered on our portal can use the published APIs. There are no formal requirements, as long as you follow the rules accepted during the registration process.
Among the most interesting changes resulting from the PSD2 directive is the requirement for ASPSP (Account Servicing Payment Service Providers) to publish "access interfaces" allowing TPPs (Third Party Providers), with customer consent, to initate payments and/or have access to account details and transaction history. In order to comply with this requirement, we have built a set of APIs that allow for such access.
Please refer to the local regulations in your country.
A PISP is a Payment Initiation Service Provider, an AISP is an Account Information Service Provider. To use PSD2 related APIs you will need to have a formal license to provide PIS and/or AIS services.
Yes, we are currently offering FX Trade APIs for corporate customers. We will be expanding our API catalogue to include other services.
The PSD2 related APIs are for both consumer and corporate payment accounts. For other APIs, please check the documentation for details.
You can find all the error codes described in the Documentation for each API.
Yes. Transmision is secured by TLS protocol with certificate validation. Message payload is signed (JWS) with another certificate that was exchanged earlier between TPP and ASPSP (Bank). Additionally, every request includes Client ID and Secret ID.
An access token is a kind of key that the application must include with its requests to the identity provider (ASPSP), which prove that it has permission from the user to access those APIs. By default, the access token is valid for 90 days.
The Client ID is a unique identifier of your application in our system. All your APP configurations, subscriptions, plans, monitoring, and security will be based on this ID. The Secret ID acts like a password for your application and is an additional level of security.
API FX Trade
Who can use the API FX Trade?
What operations can I perform using API FX Trade?
The API FX Trade is addressed to/useful for corporate clients who want to automate FX processes, easily convert a high numer of transactions, eliminate manual execution of currency conversion and reduce operational costs. Our API FX is addressed to companies operating as payment service providers, travel agencies, tour operators.
You must have an Alior Bank corporate account. For more details contact us at email@example.com.
We offer the following currency pairs: EURPLN, USDPLN, GBPPLN, CHFPLN, SEKPLN, NOKPLN, CZKPLN, EURUSD, EURGBP, EURCHF, GBPUSD, GBDCHF, USDCHF.
The operational merger of T-Mobile Banking Services branch with Alior Bank will take place on November 29th, 2020.
Yes, the operational merger of T-Mobile Banking Services with Alior Bank will be associated with planned unavailability of API on November 29th, 2020. We will inform TPP as well as developers about its details in a separate correspondence and through a message published in the News section of the Developer Portal.
No, customers of T-Mobile Banking Services after operational merger with Alior bank will use banking and mobile application of Alior Bank.
No, both the brand and logo of T-Mobile Banking Services will disappear from the market. As of November 29th, 2020 customers of T-Mobile Banking Services will use internet banking of Alior Bank.
Yes, a new PSU consent will be required.
Yes, a new token will be required.
In order to initiate the AIS service a new PSU consent and a new token will be required.
In order to initiate the PIS service a new PSU consent and a new token will be required.
In order to initiate the CAF service a new PSU consent and a token will be required.
No, the documentation will remain unchanged.
No, integration (Onboarding) with the Bank's API will not be required.
Yes, the method of connection with the API will remain unchanged.
The logo of T-Mobile Banking Services will not be displayed after the operational merger of T-Mobile Banking Services with Alior Bank. Therefore after the redirection to the ASPSP’s screen, the PSU should select the logo of Alior Bank.
In order to access account history a new PSU consent and a token will be required. Both pre- and post-merger transaction will be available.