API overview

Welcome to the Okra API Reference, the central hub for developers looking to unlock the power of open banking. Use this API intro page to understand how you can interact with Okra’s API, and what best practices you can adopt to make the most of your integration.


Okra’s API uses bearer authentication. There are 3 kinds of keys you must use in your implementation:

  • The client token is a unique ID that represents you, as a client. You must use it together with your public API key in your widget implementation. Client tokens can be used in both Sandbox and Production environments.
  • The public API key, along with the client token is used to authenticate your widget implementation.
  • The secret API key is a JWT bearer token that you must use for authentication on the API level.

Some notes about Okra’s API keys:

  • Public API keys can be published and renewed.
  • Secret API keys should be kept secure and should not be surfaced publicly.
  • Okra provides separate keys for sandbox and production data. The production API key grants access to real-time data, while the sandbox API key grants access to test data. Make sure that you always use each key in its correct environment.

Visit the Okra Dashboard to retrieve your API keys.

API environments

Okra’s API operates in two environments: sandbox and production.

SandboxFor development purposes and to test Okra’s features without affecting real data.https://api.okra.ng/v2/sandbox/
ProductionTo access real-time data when your product is ready to live.https://api.okra.ng/v2/

Interacting with the API


The Okra API accepts POST and GET requests. Your requests must follow these formal requirements:

  • The authorization header must contain your secret API key as a bearer token.
  • The content-type header must be application/json.
  • The request body must be in valid JSON format.

Rate limiting

Requests to the Okra API are rate limited based on your plan and the products that you use. For more information about Okra’s plans, visit the Pricing page.

PlanRate limits
Pay as you go20 requests per minute
Enterprise plan, volume tiers 1 to 340 requests per minute
Enterprise plan, volume tiers 4 and above60 requests per minute

Account connections via the widget are rate limited to 5 connections per user per hour.


The Okra API responds with HTTP codes to indicate status and errors. The API provides all responses in standard JSON format.

null fields

When no information is present, data fields may return null values:

    "message":"Data successfully retrieved",
            "name":"Peter Jones",
            "address": null"


Endpoint operations that return multiple data sets, for example Get all spending patterns use paginated responses. Use the limit and page parameters to control the number of results that you want to receive in a response:

  • limit limits the number of results that the API returns in a single page. If you do not specify a value for this parameter, the API will limit the response to 10 results per page.
  • page returns a specific page of results. For example, if you set limit to 20 and set page to 1, the API will return the first page, with 20 results in the response.

Next steps


If you have any questions, visit the Okra Support Portal or get in touch with Okra’s support team.