Sample code for 30+ languages & platforms
C#

Rabobank GET /v3/accounts

See more Rabobank Examples

Demonstrates a call to a Rabobank API. Specifically this makes a call to the "Accounts AIS sb" API to deliver all the consented payments accounts for a specific Rabobank customer.

(This includes source code to for signing requests for PSD2 APIs)

Chilkat C# Downloads

C#
bool success = false;

// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

Chilkat.Http http = new Chilkat.Http();

// Implements the following CURL command:

// curl --request GET \
//   --url https://api-sandbox.rabobank.nl/openapi/sandbox/payments/account-information/ais/v3/accounts \
//   --header 'accept: application/json' \
//   --header 'authorization: Bearer REPLACE_BEARER_TOKEN' \
//   --header 'date: REPLACE_THIS_VALUE' \
//   --header 'digest: REPLACE_THIS_VALUE' \
//   --header 'psu-ip-address: OPTIONAL' \
//   --header 'signature: REPLACE_THIS_VALUE' \
//   --header 'tpp-signature-certificate: MIIDkDCCAnigA ... cwE6gUl0rMA==' \
//   --header 'x-ibm-client-id: Client ID' \
//   --header 'x-request-id: REPLACE_THIS_VALUE'

// Load the previously fetched OAuth2 access token.
Chilkat.JsonObject jsonToken = new Chilkat.JsonObject();
success = jsonToken.LoadFile("qa_data/tokens/rabobank.json");
if (success == false) {
    Debug.WriteLine(jsonToken.LastErrorText);
    return;
}

// This adds the "authorization: Bearer REPLACE_BEARER_TOKEN" header.
http.AuthToken = jsonToken.StringOf("access_token");

// This is the TTP Signature certificate: The certificate used for signing the request.
Chilkat.StringBuilder sbTppCert = new Chilkat.StringBuilder();
sbTppCert.Append("MIIDkDCCAnigAwIBAgIEWs3AJDANBgkqhkiG9w0BAQsFADCBiTELMAkGA1UEBhMC");
sbTppCert.Append("TkwxEDAOBgNVBAgMB1V0cmVjaHQxEDAOBgNVBAcMB1V0cmVjaHQxETAPBgNVBAoM");
sbTppCert.Append("CFJhYm9iYW5rMRwwGgYDVQQLDBNPbmxpbmUgVHJhbnNhY3Rpb25zMSUwIwYDVQQD");
sbTppCert.Append("DBxQU0QyIEFQSSBQSSBTZXJ2aWNlcyBTYW5kYm94MB4XDTE4MDQxMTA3NTgyOFoX");
sbTppCert.Append("DTIzMDQxMTA3NTgyOFowgYkxCzAJBgNVBAYTAk5MMRAwDgYDVQQIDAdVdHJlY2h0");
sbTppCert.Append("MRAwDgYDVQQHDAdVdHJlY2h0MREwDwYDVQQKDAhSYWJvYmFuazEcMBoGA1UECwwT");
sbTppCert.Append("T25saW5lIFRyYW5zYWN0aW9uczElMCMGA1UEAwwcUFNEMiBBUEkgUEkgU2Vydmlj");
sbTppCert.Append("ZXMgU2FuZGJveDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANoAjqGW");
sbTppCert.Append("UgCIm2F+0sBSEwLal+T3u+uldLikpxHCB8iL1GD7FrRjcA+MVsxhvHly7vRsHK+t");
sbTppCert.Append("QyMSaeK782RHpY33qxPLc8LmoQLb2EuiQxXj9POYkYBQ74qkrZnvKVlR3WoyQWeD");
sbTppCert.Append("OXnSY2wbNFfkP8ET4ElwyuIIEriwYhab0OIrnnrO8X82/SPZxHwEd3aQjQ6uhiw8");
sbTppCert.Append("paDspJbS5WjEfuwY16KVVUYlhbtAwGjvc6aK0NBm+LH9fMLpAE6gfGZNy0gzMDor");
sbTppCert.Append("VNbkQK1IoAGD8p9ZHdB0F3FwkILEjUiQW6nK+/fKDNJ0TBbpgZUpY8bR460qzxKd");
sbTppCert.Append("eZ1yPDqX2Cjh6fkCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAYL4iD6noMJAt63kD");
sbTppCert.Append("ED4RB2mII/lssvHhcxuDpOm3Ims9urubFWEpvV5TgIBAxy9PBinOdjhO1kGJJnYi");
sbTppCert.Append("7F1jv1qnZwTV1JhYbvxv3+vk0jaiu7Ew7G3ASlzruXyMhN6t6jk9MpaWGl5Uw1T+");
sbTppCert.Append("gNRUcWQRR44g3ahQRIS/UHkaV+vcpOa8j186/1X0ULHfbcVQk4LMmJeXqNs8sBAU");
sbTppCert.Append("dKU/c6ssvj8jfJ4SfrurcBhY5UBTOdQOXTPY85aU3iFloerx7Oi9EHewxInOrU5X");
sbTppCert.Append("zqqTz2AQPXezexVeAQxP27lzqCmYC7CFiam6QBr06VebkmnPLfs76n8CDc1cwE6g");
sbTppCert.Append("Ul0rMA==");
http.SetRequestHeader("tpp-signature-certificate",sbTppCert.GetAsString());

// ----------------------------------------------------------------
// We're not going to add the psu-ip-address header in this example.

// ----------------------------------------------------------------
// X-Request-ID header...
// Generate a UUID v4.
Chilkat.Crypt2 crypt = new Chilkat.Crypt2();
string xRequestId = crypt.GenerateUuid();
http.SetRequestHeader("x-request-id",xRequestId);

// ----------------------------------------------------------------
// Date header...
Chilkat.CkDateTime dt = new Chilkat.CkDateTime();
dt.SetFromCurrentSystemTime();
string dateHdrVal = dt.GetAsRfc822(false);
// The desire date/time format is the "RFC822" format.
http.SetRequestHeader("Date",dateHdrVal);

// ----------------------------------------------------------------
// Digest header...
crypt.HashAlgorithm = "SHA256";
crypt.EncodingMode = "base64";
// A GET request has no HTTP request body.  Therefore the payload is the empty string.
string payload = "";
string payloadDigest = crypt.HashStringENC(payload);
Chilkat.StringBuilder sbDigestHdrVal = new Chilkat.StringBuilder();
sbDigestHdrVal.Append("SHA-256=");
sbDigestHdrVal.Append(payloadDigest);
http.SetRequestHeader("digest",sbDigestHdrVal.GetAsString());

// ----------------------------------------------------------------
// The HTTP request needs to be signed for PSD2 API's...
// Create the signing string (to use in signing the HTTP request).
// See https://developer.rabobank.nl/signing-requests-psd2-apis
// 
// For "account information" HTTP requests, we must use the following headers in the signing string.
//    date
//    digest
//    x-request-id

Chilkat.StringBuilder sbStringToSign = new Chilkat.StringBuilder();
sbStringToSign.Append("date: ");
sbStringToSign.AppendLine(dateHdrVal,false);
sbStringToSign.Append("digest: ");
sbStringToSign.AppendLine(sbDigestHdrVal.GetAsString(),false);
sbStringToSign.Append("x-request-id: ");
sbStringToSign.Append(xRequestId);

// ----------------------------------------------------------------
// Sign with our private key...
Chilkat.StringBuilder sbPrivKey = new Chilkat.StringBuilder();
sbPrivKey.Append("MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDaAI6hllIAiJth");
sbPrivKey.Append("ftLAUhMC2pfk97vrpXS4pKcRwgfIi9Rg+xa0Y3APjFbMYbx5cu70bByvrUMjEmni");
sbPrivKey.Append("u/NkR6WN96sTy3PC5qEC29hLokMV4/TzmJGAUO+KpK2Z7ylZUd1qMkFngzl50mNs");
sbPrivKey.Append("GzRX5D/BE+BJcMriCBK4sGIWm9DiK556zvF/Nv0j2cR8BHd2kI0OroYsPKWg7KSW");
sbPrivKey.Append("0uVoxH7sGNeilVVGJYW7QMBo73OmitDQZvix/XzC6QBOoHxmTctIMzA6K1TW5ECt");
sbPrivKey.Append("SKABg/KfWR3QdBdxcJCCxI1IkFupyvv3ygzSdEwW6YGVKWPG0eOtKs8SnXmdcjw6");
sbPrivKey.Append("l9go4en5AgMBAAECggEAB8nsTqalwGIhFw8mbXuhNUFlGuek/arYLD6pv28swwQH");
sbPrivKey.Append("7v0ZlxFUcCHF+iBl0PsDwZTZQ4ePtgGS6ehoLkWHCzb1lEv5E1YVG5qKNE2UUwRl");
sbPrivKey.Append("fIyPakO6AzyV/UF3uzq7C+/GuXGNTKZxKewg5yD/DCFvKoCOpxu9u36FyqP/hw0S");
sbPrivKey.Append("ADVlmp35/zoPDPZzu1j4FiCo0pJ9LwJcHxeJHopNAKDw9k6I4z/grskdgupsGzK2");
sbPrivKey.Append("BiGiQ/+wmmO68/6Xa6KWfpr1PQ6ODJHgzZsdGCVi6Ebaqlj6BbsYWxP6h3lrsGt+");
sbPrivKey.Append("LmHBaN2jCD6cDp+lihqFgnm8hfdv0lmbPilp71EDfwKBgQD6U8PBzZtN8yXm5WuS");
sbPrivKey.Append("NL+/8q5GjNmeTJBSo1gM6Y8vOT4QAE147LbVuVBDwyHPoSrNejePae6Q14PswjBy");
sbPrivKey.Append("T7B8DZ0OeQyGa3trrFg/ib7Vv4ZMvJqX9+WzBrzZsxTg7oCKHzmCR4vIRItKHH3z");
sbPrivKey.Append("Wnnhqlo8ic2AZ2O43cdJosbO1wKBgQDe8UODOLu0vnHohOKeUqF3w/ZOB2+83/js");
sbPrivKey.Append("YyUbSkzsGvHIwTjObuMUFTQvdMZ6IkIyJdfnDZIbvlBSD8tzL5iKFTNCK2nL1i4G");
sbPrivKey.Append("iFr0CYLaHAlhJ5GEbTrTMDoJeBPerZq83HPrSa/Wb0xO18QTWsoVQPFfPFbbcQyI");
sbPrivKey.Append("9ryJ2iIDrwKBgQC6kuAefG46ZPVk6K2KZUJdgDUgZC52a75NuW0RAqszmUiGiJM1");
sbPrivKey.Append("g8ip9tq6BqAWrprGV0c93shusBKlzf5p1LdHXqYmeVY6gbWVhPipMrNHgN5KJ3BZ");
sbPrivKey.Append("v+w1yNnMsErpcxne2HL2hPjMJTpj3GSLkm2xIlTrNhIyl9ydlr7IRUhENQKBgQCv");
sbPrivKey.Append("i6HxbXa/90WSJTCcIcxqla8X+dsOCf3jhJ3vQy4Wq5C+1wZ35fCAG8Ifq/+so9Uj");
sbPrivKey.Append("z5CVqqXlmpF8TFuSs2OVNuRJsg14J4nOMwgLKIIUZAcurQ10DN5I9Kx+UEK1EFXL");
sbPrivKey.Append("aHsORdNjMfgQDO2jn9WHrr9gkg6CdB2+qyoCEfS+mQKBgBW08lcy9V5RzRWb/v/j");
sbPrivKey.Append("xsc7ovmgAhCJhDeV7dPbx4HbFeoQJlbA8g1thdcFlcatSGyNDbvNE1GPSd4NhkpR");
sbPrivKey.Append("Y6Hfv53kdEzjVkEtU8lUdL7HNVJqX7bU7oZlfbYcwxWQ1Gg8C1oLIAyEt71slQtd");
sbPrivKey.Append("RiNYBRZTQe2F0wxbXnuUqLAw");

Chilkat.PrivateKey privKey = new Chilkat.PrivateKey();
success = privKey.LoadPem(sbPrivKey.GetAsString());
if (success == false) {
    Debug.WriteLine(privKey.LastErrorText);
    return;
}

Chilkat.Rsa rsa = new Chilkat.Rsa();
success = rsa.UsePrivateKey(privKey);
if (success == false) {
    Debug.WriteLine(rsa.LastErrorText);
    return;
}

rsa.EncodingMode = "base64";
string b64Signature = rsa.SignStringENC(sbStringToSign.GetAsString(),"SHA256");

// ----------------------------------------------------------------
// Add the "signature" header.
// 
// The signature header will look like this:
// signature: keyId="1523433508",algorithm="rsa-sha512",headers="date digest x-request-id",signature="y5o7gKxmfA6AT6...blE1A9Q=="
// 
// The keyId is the serial number of the certificate as defined in 'TPP-Signing-Certificate' header, the format should be Integer not hex. 
Chilkat.Cert cert = new Chilkat.Cert();
success = cert.SetFromEncoded(sbTppCert.GetAsString());
if (success == false) {
    Debug.WriteLine(cert.LastErrorText);
    return;
}

Chilkat.StringBuilder sbSigHdrVal = new Chilkat.StringBuilder();
sbSigHdrVal.Append("keyId=\"");
sbSigHdrVal.Append(cert.SerialDecimal);
sbSigHdrVal.Append("\",");
sbSigHdrVal.Append("algorithm=\"rsa-sha256\",");
sbSigHdrVal.Append("headers=\"date digest x-request-id\",");
sbSigHdrVal.Append("signature=\"");
sbSigHdrVal.Append(b64Signature);
sbSigHdrVal.Append("\"");

http.SetRequestHeader("signature",sbSigHdrVal.GetAsString());

// ----------------------------------------------------------------
// Add remaining headers...

http.SetRequestHeader("x-ibm-client-id","YOUR_APP_CLIENT_ID");
http.SetRequestHeader("accept","application/json");

// ----------------------------------------------------------------
// Add our certificate and key for mutual TLS 
// (provide a registered X509 client certificate during TLS handhake)

Chilkat.Cert tlsCert = new Chilkat.Cert();
success = tlsCert.LoadFromFile("qa_data/certs_and_keys/ING/example_client_tls.cer");
if (success == false) {
    Debug.WriteLine(tlsCert.LastErrorText);
    return;
}

Chilkat.BinData bdPrivKey = new Chilkat.BinData();
success = bdPrivKey.LoadFile("qa_data/certs_and_keys/ING/example_client_tls.key");
if (success == false) {
    Debug.WriteLine("Failed to load example_client_tls.key");
    return;
}

// The OAuth 2.0 client_id for these certificates is e77d776b-90af-4684-bebc-521e5b2614dd. 
// Please note down this client_id since you will need it in the next steps to call the API.

Chilkat.PrivateKey tlsPrivKey = new Chilkat.PrivateKey();
success = tlsPrivKey.LoadAnyFormat(bdPrivKey,"");
if (success == false) {
    Debug.WriteLine(tlsPrivKey.LastErrorText);
    return;
}

// Associate the private key with the certificate.
success = tlsCert.SetPrivateKey(tlsPrivKey);
if (success == false) {
    Debug.WriteLine(tlsCert.LastErrorText);
    return;
}

success = http.SetSslClientCert(tlsCert);
if (success == false) {
    Debug.WriteLine(http.LastErrorText);
    return;
}

// ----------------------------------------------------------------
// Finally, send the request...

Chilkat.StringBuilder sbResponseBody = new Chilkat.StringBuilder();
success = http.QuickGetSb("https://api-sandbox.rabobank.nl/openapi/sandbox/payments/account-information/ais/v3/accounts",sbResponseBody);
if (success == false) {
    Debug.WriteLine(http.LastErrorText);
    Debug.WriteLine(sbResponseBody.GetAsString());
    return;
}

Chilkat.JsonObject jResp = new Chilkat.JsonObject();
jResp.LoadSb(sbResponseBody);
jResp.EmitCompact = false;

Debug.WriteLine("Response Body:");
Debug.WriteLine(jResp.Emit());

int respStatusCode = http.LastStatus;
Debug.WriteLine("Response Status Code = " + Convert.ToString(respStatusCode));
if (respStatusCode >= 400) {
    Debug.WriteLine("Response Header:");
    Debug.WriteLine(http.LastHeader);
    Debug.WriteLine("Failed.");
    return;
}

// Sample JSON response:
// (Sample code for parsing the JSON response is shown below)

// {
//   "accounts": [
//     {
//       "_links": {
//         "account": "/v3/accounts/dW9od2VIVUhGVypIZHVpaGRhdWR3OGRoY",
//         "balances": "/v3/accounts/dW9od2VIVUhGVypIZHVpaGRhdWR3OGRoY/balances",
//         "transactions": "/v3/accounts/dW9od2VIVUhGVypIZHVpaGRhdWR3OGRoY/transactions"
//       },
//       "currency": "EUR",
//       "iban": "NL05RABO0812836782",
//       "name": "Rosie Roy",
//       "resourceId": "dW9od2VIVUhGVypIZHVpaGRhdWR3OGRoY",
//       "status": "enabled"
//     }
//   ]
// }

// Sample code for parsing the JSON response...
// Use the following online tool to generate parsing code from sample JSON:
// Generate Parsing Code from JSON

string v_linksAccount;
string v_linksBalances;
string v_linksTransactions;
string currency;
string iban;
string name;
string resourceId;
string status;

int i = 0;
int count_i = jResp.SizeOfArray("accounts");
while (i < count_i) {
    jResp.I = i;
    v_linksAccount = jResp.StringOf("accounts[i]._links.account");
    v_linksBalances = jResp.StringOf("accounts[i]._links.balances");
    v_linksTransactions = jResp.StringOf("accounts[i]._links.transactions");
    currency = jResp.StringOf("accounts[i].currency");
    iban = jResp.StringOf("accounts[i].iban");
    name = jResp.StringOf("accounts[i].name");
    resourceId = jResp.StringOf("accounts[i].resourceId");
    status = jResp.StringOf("accounts[i].status");
    i = i + 1;
}