As an AISP, you are allowed to authenticate in a user’s account and access (read) the following account information:
card validity data
To read the user's information, you need to establish a connection with their bunq account. You can do it using an authorization request. Once a bunq user has confirmed the authorization request and you have done the token exchange, you can activate the Access Token (use it as an API key).
An active Access Token allows you to communicate with the bunq user’s account. You can use it to start a session to interact with the monetary accounts the user allows you to access.