Client Registration

Countries:

Try it Out

Introduction

Welcome to the Silicon Valley Bank Open Banking API v3.1! Here you will find all the information to get started with Open Banking API. We’re excited to have you on board.

Registered Third Party Providers (TPPs) can request a customer’s consent to access the customer’s account data through our Open Banking APIs.

Getting Access

We use UK Open Banking standards as a basis for our API ecosystem; as part of connecting to our service we require signed Open Banking software statements.

TPPs registering with Open Banking certificates: login to the Open Banking directory, generate a software statement and use it alongside your Open Banking certs to register as a TPP to access SVB’s APIs.

TPPs registering with eIDAS certificates: please create an organisation and software statement on the open banking directory. You can then use an open banking software statement alongside your eIDAS certs to access SVB’s APIs.

Dynamic Client Registration

Well-known Endpoints

For Sandbox: https://uat.api.svb.com/.well-known/openid-configuration
For Production: https://api.svb.com/.well-known/openid-configuration

You can find the appropriate registration URL and supported configuration in our well-known endpoints for each environment.

Method

We have implemented the POST /register endpoint in version 3.1 of the Open Banking Dynamic Client Registration specification. You’ll need transport certificates to establish a Mutual TLS connection, a signed software statement from the Open Banking Directory and an appropriate registration JWT as outlined below.

Full details of the register endpoint can be found in the Open Banking Dynamic Client Registration specification.

Registration JWT

Header

{ 
    "alg": "PS256", 
    "kid": "", 
    "typ": "JWT"
}

Payload

{ 
    "iss": "", 
    "iat": , 
    "exp": , 
    "aud": , 
    "jti": "", 
    "redirect_uris": [  ], 
    "token_endpoint_auth_method": "private_key_jwt", 
    "response_types": [  ], 
    "scope": [  ], 
    "subject_type":"public", 
    "grant_types": [  ], 
    "application_type": "web", 
    "id_token_signed_response_alg": "PS256",
    "request_object_signing_alg": "PS256", 
    "token_endpoint_auth_signing_alg": "PS256", 
    "software_statement": ""
}

Signature

The signature of the registration request assertion will be validated against the JWKS URI specified in the software_jwks_endpoint attribute of the software statement assertion (SSA)

Notes

The token_endpoint_auth_method value only supports private_key_jwt
We currently support a full OpenID Connect profile, and therefore we issue id_tokens
You MUST record details of your successful registered client, so that you can use the keys, and client_id for subsequent connections
If you have trouble connecting to our APIs after a successful registration, please get in touch with our API Support team.