Sandbox and Production
Triodos provides two publicly accessable OpenBanking API environments
Sandbox
The Sandbox environment is made available to facilitate building of applications that use our Open Banking APIs in a safe environment that is not connected to production data or customer accounts.
The URI for the sandbox environment is:
https://xs2a-sandbox.triodos.com
We recommend that you use this environment to build and test your applications. It is functionally identical to the Production environment with the exception that Mutual TLS is not implemented in this environment and an eIDAS QSEALC certificate is not required to sign requests.
Refer to Registration for more details how to get started in the Sandbox environment.
The Sandbox data is cleared regularly. After a refresh of the database you will need to re-register.
The next Sandbox refresh is planned for:
- 16 December 2024
You can verify that the Sandbox environment is available with this URL which displays the internal version of software that is deployed
https://xs2a-sandbox.triodos.com/xs2a-bg/version
OpenAPI 3.0 (Swagger) specifications for this environment are available at:
https://xs2a-sandbox.triodos.com/xs2a-bg/openapi.json
https://xs2a-sandbox.triodos.com/auth/openapi.json
Production
The Production environment should be used when your application is running in your production environment and you are in possession of valid eIDAS QWAC and QSEALC certificates.
The Mutual TLS URI for the production environment is:
Client initiated authorisations (e.g. from the user's browser) should be initiated from the non-Mutual TLS URI to prevent that the user will be prompted to provide a client certificate:
You can verify that the Production environment is available with this URL which displays the internal version of software that is deployed
https://api.triodos.com/xs2a-bg/version
OpenAPI 3.0 (Swagger) specifications for this environment are available at:
https://api.triodos.com/xs2a-bg/openapi.json
https://api.triodos.com/auth/openapi.json
To ensure availability of our services, we do not allow an organisation to run too many requests in parallel. In this case statuscode 429 is returned with the message: TooManyRequests.
Key Performance Indicators
Key performance indicators for our Open Banking Channel (Xs2a) and other online channels are available here
Updated about 2 months ago