FAQ

Once an App is created, its name cannot be changed. In case you want to use another App name, we suggest to create a new one. 

ABN AMRO accepts CAs provided by Quo Vadis and DigiCert only.

To determine if an Issuer CN (root), that is not listed, is acceptable, contact us via the contact form. Be aware that this may delay the onboarding process.

It is not possible to customize the redirect URL in the Sandbox. In our PSD2 Sandbox we only support a fixed URL (https://localhost/auth) for testing purposes. In the production environment you are free to use any re-direct URL which needs to be supplied along with your eIDAS certificate during onboarding. There you can indicate which ones your organization will use.

PSD2 legislation is a regulation regarding payment accounts. Normally, only accounts from which payments can be made to a third party are available through the API. For example, savings accounts and the deposit accounts are not available in the PSD2 APIs because it is not possible to initiate payments to third parties from them.

No, production access for PSD2 APIs requires a PSD2 license.

Yes, you can experiment with our PSD2 APIs in the Sandbox environment. For information on how to do this, see the Sandbox section in the API reference documentation “Documentation”.

No, depending on the type of API we have standard account numbers. For each API, specific account numbers are available with transactions that you can use for trying out requests. For more detailed information, see the specific API’s reference documentation.

No, on this developer portal it is not possible to use our APIs for access to your personal bank account (retail). For information on available options within ABN AMRO, see our website.

Some ABN AMRO API products require contract signing for access to production. For more information, check the relating API documentation. The Developer Portal and sandbox APIs only require acceptance of our Terms of Use and do not require any further contract signing.

Yes, we offer API propositions for corporate non-PSD2 licensed account holders. To check the functionalities and availability of these APIs, see the relevant API’s “Overview” page.

To use an ABN AMRO API in a production environment:

1. Go to the relating ABN AMRO API product documentation.
2. In the Requirements section, ensure that you comply with all points.
3. In the Production access section, complete the steps. This process describes how to release your application in a production environment.

To report a bug, use our contact form. We welcome your feedback.

To use an API in the sandbox, go to the relating API documentation and follow the steps described in the Tutorial section. The Tutorial describes how to connect the API to the sandbox and use the operations. 

Some APIs provide Postman collections that can be run directly from your REST client. For more information, see the relating API documentation.

If it is specific to one account holder, then the account holder should contact their regular service desk. The support on this portal is for developers and their technical issues with our API products.

If you did not receive a token, fill in our contact form. You must provide the complete requests and responses, including timestamps.

Consent issues are related to account type and account privileges. PSD2 supports current accounts only. For example, a savings account is not supported. To provide consent, an account holder must have full account privileges.

Contact your regular service desk to ensure you have the correct account type and full account privileges.

Providing batch payment consent on a mobile device is not supported. To do this, the user must use the web version of their online banking application.

This message can have several causes. The most common causes are an interrupted consent flow and, in case of consent through your mobile device, the consent was started in a different browser than the browser that is configured as the default browser on your device.

It is recommended not to press back or go to another page while giving consent. Also, make sure the latest version of the ABN AMRO app is installed and the Private Browsing mode is not in use.

If your case differs from the above mentioned cases, fill in the contact form. We require the complete requests and responses including timestamps to investigate the issue.

Both a license from a local competent EEA authority and a QWAC eIDAS certificate are required to use PSD2 APIs in production. For more detailed information, see the Requirements section in the specific APIs reference documentation “Documentation”.

The status of an API is displayed using the following labels:

• Live: the API is available in production.
• Early Access: the API is functional and currently in the beta phase. For access to the API, contact us. 
• Experimental: a prototype or pilot is available for this API. For access to the API, contact us.

If you plan to use an API in production, view the API requirements and ensure that you comply.

To view all products, see API Products.

We are continuously improving the developer experience and will add new APIs when they are ready for release.  For an overview of all ABN AMRO API products, see API Products. This page lists live, experimental, and early access APIs.
You can also read our Developer Blog.

We are keen to work closely with our clients so that we can accelerate innovation and further improve our services. If you need an API product that we do not currently offer, or would like to request a feature, contact us.

To determine which certificates are required to use an API product in a production environment, see the Production access section of the relating API documentation.

Sample certificates are supplied for use in the sandbox. For more information, see the Tutorial section of the relating API documentation. 

Wildcard certificates are not accepted within ABN AMRO.

In general, we accept Organisation Validated (OV) or Extended Validated (EV) certificates from QuoVadis or Digicert. 

We divide error codes into two types: generic error codes and API specific error codes.

Generic error codes are located in Basics > Error codes.

API specific error codes are located in the relating API documentation, accessible from the API Product page.

For a list of currently supported CA and Issuer CN, issue the following command:

Openssl s_client -connect {host]:443

Example: Openssl s_client -connect auth.connect.abnamro.com:443

This will prompt the server list the Certificate Authorities accepted under the header ‘Acceptable client certificate CA names’.

If the root is not on the list we currently do not accept it. To determine if a certificate can be used, fill in the contact form.

For Business Account APIs, ABN AMRO accepts and supports Organization Validated (OV) and Extended Validation (EV) SSL certificates provided by Quo Vadis and DigiCert. Wildcard certificates are not permitted.

For PSD2 APIs, ABN AMRO accepts and supports Qualified Website Authentication Certificates (QWAC) from Qualified Trusted Service Providers (QSTPs) on the trusted list with CEF Digital only. For a full list, see Trusted List Browser.

The certificate is used for identification, and is also required for OAUTH authorization when accessing APIs.

ABN AMRO API products and the sandbox environment are open to any developer or company who wants to use them. For more information, see Basics
To use an ABN AMRO API product in a production environment, you must comply with the requirements listed in the API documentation. To view all APIs and relating documentation, see API products.

Currently, it is not possible for retail customers to use ABN AMRO APIs in a production environment.

Signing up to the Developer Portal and testing in the sandbox is free of charge. The costs for each API may vary. The pricing for each API is detailed in the API documentation. ABN AMRO may also agree on appropriate fees for the use of a production API through a separate agreement with the client.