redirect_uri
with an authorization code
parameter.https://oauth.bunq.com/auth
using the following parameters:response_type
- bunq supports the authorization code grant. Provide code
as a parameter (required);client_id
- your Client ID that you can get from the bunq app (required);redirect_uri
- the URL you wish the user to be redirected to after the authorization is complete (required);state
- a unique string to be passed back upon completion (optional).https://oauth.sandbox.bunq.com/auth
in the sandbox environment.code
. Exchange it for an access_token
.POST
call to https://api.oauth.bunq.com/v1/token
. Pass the following parameters as GET
variables:grant_type
- the grant type used, use authorization_code
for now (required)code
- the authorization Code you received after the authorization request was accepted (required)redirect_uri
- the same redirect URL you used with the authorization request (required)client_id
- your Client ID (required)client_secret
- your Client Secret (required)https://api-oauth.sandbox.bunq.com/v1/token
in the sandbox environment.access_token
you've received can be used as a normal API key. Use it to create an authorized session with the user account. userApiKey
) that has its own id
and access_token
. When sending a request on behalf of a user connected to your app via OAuth, use the id
of userApiKey
as userId
and the item id
s of the bunq user (grantedByUser
).GET /user/{userID},
you will expect to get UserPerson
or UserCompany
. Instead, you will get the UserApiKey
object, which contains references to both the user that requested access (you) and the user that granted access (the bunq user account that your app is connected to).