Quickstart
Get your first successful API response in under 5 minutes. This guide walks you from API key creation to retrieving account data from a sandbox bank.
Before you start
You need a BankLyra account with sandbox API keys. Create one here — it's free, no credit card required. The sandbox environment uses fictitious bank data and does not initiate real payments or access real accounts.
Step 1 — Get your API key
After signing up, navigate to Dashboard → API Keys and copy your sandbox secret key. Sandbox keys are prefixed sk_sandbox_. Production keys, prefixed sk_live_, are issued after completing our production onboarding review.
Never expose your secret key client-side. All API calls must be server-to-server. If your key is compromised, rotate it immediately from the dashboard.
Step 2 — Create a consent
Consents are the entry point for all data access. You create a consent, redirect the user to the bank for SCA, and then exchange the callback code for an active consent token.
$ curl -X POST https://api.banklyra.com/v1/consents \
-H "Authorization: Bearer sk_sandbox_YOUR_KEY" \
-H "Content-Type: application/json" \
-d '{
"institution_id": "sandbox_uk_bank_1",
"permissions": ["ReadAccountsDetail", "ReadBalances", "ReadTransactionsDetail"],
"redirect_uri": "https://yourdomain.io/callback"
}'
{
"consent_id": "cns_01HXNQ7M4PFLVR3Z",
"status": "AWAU",
"authorisation_url": "https://auth.banklyra.com/c/cns_01HXNQ7M4PFLVR3Z"
}Redirect the user to authorisation_url. In the sandbox, the bank UI is simulated — click "Approve" and you'll be redirected back to your redirect_uri with a code query parameter.
Step 3 — Authorise the consent
Exchange the callback code for an active consent by calling the authorise endpoint:
$ curl -X POST https://api.banklyra.com/v1/consents/cns_01HXNQ7M4PFLVR3Z/authorise \
-H "Authorization: Bearer sk_sandbox_YOUR_KEY" \
-H "Content-Type: application/json" \
-d '{ "code": "CALLBACK_CODE_FROM_QUERY_PARAM" }'
{
"consent_id": "cns_01HXNQ7M4PFLVR3Z",
"status": "ACTV",
"expires": "2026-02-14T09:22:01Z"
}Step 4 — Retrieve accounts
With an active consent, query the accounts endpoint:
$ curl https://api.banklyra.com/v1/accounts \
-H "Authorization: Bearer sk_sandbox_YOUR_KEY" \
-H "BankLyra-Consent-ID: cns_01HXNQ7M4PFLVR3Z"
{
"accounts": [
{
"id": "acc_01HXNP3K7WQBFR2T",
"type": "CACC",
"currency": "GBP",
"balance": { "amount": 4820.55, "type": "CLBD" }
}
]
}You've successfully integrated BankLyra. Continue to the API Reference for full endpoint documentation, or the Authentication guide for production key management.
Sandbox test institutions
| ID | Country | Capabilities | Notes |
|---|---|---|---|
sandbox_uk_bank_1 | UK | AIS + PIS | Simulates UK Open Banking v3.1 |
sandbox_de_bank_1 | DE | AIS + PIS | Simulates Berlin Group NextGenPSD2 |
sandbox_fr_bank_1 | FR | AIS | Simulates STET DSP2 API |
sandbox_error_1 | – | – | Simulates error responses (4xx/5xx) for testing resilience |