Getting Started with Tarabut

This overview of how to incorporate Tarabut products/services into your product (known as an integration)
outlines the broad requirements for using the Tarabut platform and connects you to resources for choosing and
implementing the best Open Banking solutions for your platform.

1. Create a free Tarabut portal account

A Tarabut portal account enables you to develop and test your app in an environment that’s isolated from production.
API calls sent from this environment are not actual transactions and are simulated to closely match the production API calls and user journeys.

Portal Urls :-

Tarabut Portal URL

Depending on the Tarabut APIs you plan to work with, you may need to take additional steps to gain access to your desired functionality.

To start testing our APIs in sandbox and to gain access to abundant bank dummy data, create your developer account today!

2. Generate Sandbox Credentials

Next, you generate your sandbox credentials in your developer account. On the Tarabut platform, sandbox credentials are a set of API client_id and client_secret.

You can create an app by following the below steps :-

  • Once a user has signed up and created an account on the developer portal the user will be redirected to the landing page of the developer portal.
  • On the developer portal landing page the user has to click on the Generate Sandbox Credentials button.
  • The user will then be navigated to the App Settings page where the user will then be able to see the generated client_id and client_secret.

3. Configure app settings

After you generate your sandbox credentials, you may then proceed further to configure your

  • Display Name : The display name is captured on the app settings page of the developer portal. This information is usually the company's name that needs to be rendered on the UI during the user journey.

Note: If you do not provide a display name, then by default the display name will be taken as the company name.

  • Redirect URI : The redirect URI (URL) is the URI provided by the user to which TG will redirect the browser after completion of a payment transaction or bank connect journey.

Note: You can set multiple redirect URIs to your integration on the developer portal.

4. Generate your Access Token

Once you've generated your sandbox credentials and have configured your app settings in your developer portal account, you’re ready to continue developing/integrating.

In order to make a successful sandbox API call, you need to first generate an Access Token.

These sandbox credentials can be used to obtain OAuth2 access token. The access token must be supplied as a Bearer token under headers within every service API call made to TG platform.

Authentication API
Obtain access token which is required for accessing services

Endpoint : /token
Method : POST
Request Header:

Header KeyDescription
Content-TypeSpecify the format of the request body that must be in JSON format application/json.
X-TG-CustomerUserIdThis value is used to identify your user in our system. Necessary for establishing the user context of the payment being processed or the account information being retrieved. Not required for guest payment checkout.

Request Body:

Request Body ParametersDescription
clientIdPass the sandbox client_id generated on the developer portal.
clientSecretPass the sandbox client_secret generated on the developer portal.
grantTypePass a static value client_credentials to this parameter.
redirect_uriPass the redirecturi that you configured on the developer portal under the _app settings page.

Note: The Access Token expires after 900 sec.

Sample Request

"clientId": "4039c150-335b-4b8b-ab66-eca6953xxxxx",
"clientSecret": "rpSFlA6xeuSzI7ZJVIgW3Yyskakxxxxx",
"grantType": "client_credentials",
"redirect_uri": "http://localhost:3000/landingpage"

Sample Response

    "accessToken": "eyJraWQiOiJiMDc3ZmJlYi0wMGExLTRkNTctYjg5Yi1iY0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL29hdXRoxxxxxxxxxx",
    "scope": "payee:write payment:write payer:write status:read",
    "expiresIn": 900,
    "tokenType": "Bearer"

5. Go-Live

Once you've completed your integration, it's time to request production access (see Production Access) then make your first production API call, and go to the market!