Okra API
Welcome to the Okra API Reference, the central hub for developers looking to unlock the power of open banking. Use this API intro page to understand how you can interact with Okra’s API, and what best practices you can adopt to make the most of your integration.
Authentication
Okra’s API uses bearer authentication. There are 3 kinds of keys you must use in your implementation:
- The client token is a unique ID that represents you, as a client. You must use it together with your public API key in your Okra app implementation. Client tokens can be used in both Sandbox and Production environments.
- The public API key, along with the client token is used to authenticate your Okra app implementation.
- The secret API key is an encoded JSON Web Token that you must use for authentication on the API level.
Some notes about Okra’s API keys:
- Public API keys can be published and renewed.
- Secret API keys should be kept secure and should not be surfaced publicly.
- Okra provides separate keys for sandbox and production data. The production API key grants access to real-time data, while the sandbox API key grants access to test data. Make sure that you always use each key in its correct environment.
Visit the Okra Dashboard to retrieve your API keys.
API environments
Okra’s API operates in two environments: sandbox and production.
Interacting with the API
Postman
You can use Postman to test your integration and the data sets that the Okra API offers. Click on this button and fork the collection:
Use environment variables to customize the requests that you send. This step is optional, but can help you avoid mixing up environments and credentials. Read more in Postman's docs on managing environments.
Details on how to set up your environment variables
Go to the Okra Postman workspace and fork the Sandbox and the Production environments to your workspace. These environments already have the correct base URLs and placeholder API keys set up.
Visit the Okra Dashboard to retrieve your API keys and add them as values for each environment's
bearerToken.
Make sure that you store your base_url and bearerToken as initial values and current values.
Requests
The Okra API accepts POST and GET requests. Your requests must follow these formal requirements:
- The
authorizationheader must contain your secret API key as a bearer token. - The
content-typeheader must beapplication/json. - The request body must be in valid JSON format.
Rate limiting
Requests to the Okra API are rate limited based on your plan and the products that you use. For more information about Okra’s plans, visit the Pricing page.
Account connections via the Okra app are rate limited to 5 connections per user per hour.
Responses
The Okra API responds with HTTP codes to indicate status and errors. The API provides all responses in standard JSON format.
null fields
When no information is present, data fields may return null values:
{
"status":"success",
"message":"Data successfully retrieved",
"data":{
"details":{
"name":"Peter Jones",
"address": null"
}
}
}Pagination
Endpoint operations that return multiple data sets use paginated responses. Use the limit and page parameters to control the number of results that you want to receive in a response:
limitlimits the number of results that the API returns in a single page. If you do not specify a value for this parameter, the API will limit the response to 10 results per page.pagereturns a specific page of results. For example, if you setlimitto 20 and setpageto 1, the API will return the first page, with 20 results in the response.
Next steps
Visit the Onboarding guide to get started with your implementation
Learn about the Okra app
Learn about Okra’s libraries and SDKs that you can integrate
If you have technical questions or need help with your code, join Okra's Developer Community on Slack or get in touch with Okra’s support team.
Was this page helpful?