ForgeRock Open Banking Sandbox as a Service

A model bank and directory that is fully compliant with Open Banking and PSD2.

Features

Deploy your Open Banking Sandbox as a Service


Safely demonstrate and test the functionality for your Open Banking ecosystem, enable connection and functional testing for TPPs, meet the PSD2 regulation, offer a great developer experience and let us support your production PSD2 efforts.

Open Banking APIs

The ForgeRock Open Banking Sandbox supports all the UK Open Banking APIs. We also ensure that you always have the most relevant functionality by working closely with the open banking implementation entity (OBIE) on future versions.

Customizable

Make the sandbox yours by customising the user interface (UI), the OIDC provider and the resource server.

Security Conformant

Certification is an incredible tool to assure our products are aligned with industry standards. ForgeRock has been OpenID Connect (OIDC) conformant since 2015 and Open Banking security conformant since March 2018. ForgeRock is also certified by the OpenID Foundation (OIDF) for the new financial-grade API 2 (FAPI 2) conformance. These certifications give customers confidence that your sandbox as a service aligns with required standards for Open Banking.

Reporting

Easily obtain sandbox usage metrics for financial conduct authority (FCA) reporting.

Want to start today? You're in the right place!

Info

What you need to know about the ForgeRock Open Banking Sandbox as a Service

What is Open Banking and PSD2?

New customer-centric banking models are transforming financial services for the new digital economy. PSD2 (the EU’s Revised Payment Service Directive) and Open Banking pose a new set of technical requirements to ensure customer data is secure and only accessed with authorisation and consent. The Open APIs called for make it possible for Third Party Providers (TPPs) to enter the banking and payment ecosystem, delivering unprecedented innovation and competition.

...

What is ForgeRock's involvement in the Open Banking space?

ForgeRock is a key enabler in making PSD2 and Open Banking a reality through the development of a cloud-based application, the Model bank and ForgeRock Directory that deliver the ability to demonstrate and test functionality being designed for an Open Banking ecosystem.

...

When do I need a sandbox?

In order to achieve exemption from the provision of a fallback or screen scraping interface, Account Providers are required to enable connection and functional testing for TPPs by March 14, 2019, at least six months before the September 14, 2019 enforcement date of the Regulatory Technical Standard. This requirement enables authorised payment initiation service providers, payment service providers and account information service providers to test their software and applications used for offering a service to users.

...

What is the ForgeRock sandbox ?

Built to Open Banking UK API specifications, the ForgeRock Open Banking Sandbox provides the agreed standard for testing the functionality of Account Information Service Providers (AISPs) and Payment Initiation Service Providers (PISPs). With this service, organizations in the ecosystem are able to accelerate the development of web and mobile applications for Payment Service Users, such as personal and business banking customers.

...

Nick Caley

With tight timescales to meet the deadlines, the ForgeRock Open Banking Sandbox can provide Account Providers with a compliance ready, cloud hosted service that saves time and money, now and for the future. With this service, ForgeRock is providing a key element for helping financial institutions to ensure success with this wide-ranging set of regulations.

Nick Caley, Vice President Services & Regulatory
Plans

Offers


Choose to get started with a 7 day FREE trial or our standard sandbox as a service offering.

FREE Trial

7 days

Get Started

Standard Open Banking Sandbox as a Service

Get Started
APIs
Versions of the Open Banking APIs supported by default
Support the Read/Write Data API Specifications for Account Information and Transaction API flows.

Support the Read/Write Data API Specifications for Payment Initiation API flows.

This specification describes the flows and payloads for initiating a general payment-order.

Support the Read/Write Data API Specifications for Confirmation of Funds API flows.

Support the Read/Write Data API Specifications for Event Notification API.

This specification describes the flows and payloads to allow ASPSPs to deliver event notifications to TPPs

Support the headless authentication and authorisation flow. This allows TPPs to bypass the UI interaction and directly get an access token with the right privileges. This feature becomes essential for writing automated tests or running the security conformance tests suits in headless.
Customisation
We offer a UI palette, which allows you to do some simple branding without writing any code. Our UI customisation is currently limited to :

  • Logo
  • Favicon
  • Colors
Create new PSUs and customise the financial data for each of them. Via REST APIs, the format expected is the latest Open Banking data-model. Those APIs will be restricted to your admin system.
You can customise the AS well-known to match your production environments. For example, you can enable the ‘private_key_jwt’ and disable the ‘client_secret_basic’ token authentication method.
Out of the box, we currently allow you to:

  • Disable endpoints
  • Disable specific AISP permissions. Ex: ReadParty
  • Customise the page size by resource: Ex: 120 transactions per pages
Customise the domain of your sandbox. For example sandbox.YourCompany.com
The sandbox will be exposed under HTTPs. By default, it will be “Let’s encrypt” certificates. You can choose to use your own certificates from your favorite CA.
Security
Our sandbox uses ForgeRock AM, our OIDC provider that has been OIDC certified since 2015.
Our sandbox was FAPI 2 certified by OIDF in March 2019.
Our sandbox has been Open Banking security conformant since March 2018.
On-Boarding
Our sandbox is integrated with the OBIE sandbox directory. This means TPPs registered in this directory will be able to access the Open Banking APIs.
ForgeRock has implemented an Open Banking directory dedicated for testing. This allows your developers to access the sandbox as a TPP without the need to register to OBIE. This is particularly handy for your automated testing.
Support the Dynamic Client Registration as per the Open Banking specification. TPPs are able to on-board your sandbox automatically via REST APIs.
Support manual on-boarding of TPPs via a user interface (UI).
ASPSP
Payments completed by TPPs are simulated. For example,the account of the PSU will be debited, and the credit accounts would be credited accordingly (if the creditor account(s) is owned by the account servicing payment service provider [ASPSP] as well). We support payment simulation for all of the different payments flows, including international payments and payment files.
Hosting
The ForgeRock Open Banking Sandbox supports IP filtering on APIs/UI on demand. For example, you could restrict the access of the ForgeRock directory to your office.
Each application will have at least two instances and will be hosted in different zones.
Support
For those purchasing the Open Banking Sandbox as a Service, ForgeRock will provide a second line support for the sandbox. As an ASPSP, you will be in charge of doing the first line support with the TPPs, and ForgeRock will assist you if you struggle to help TPPs using your sandbox.
Get Started Get Started
press

They are talking about us


faq

Frequently Asked Questions


Got questions? We've got answers. If you have other questions, please contact us with the webform.

Can I sign up for different lengths of service?
Yes. Please get in touch with us for more information.
How much does a sandbox cost?
Please get in touch with us for pricing. Pricing is based on term and usage.
How quickly can a sandbox be live?
Generally, we can provide your dev environment in a few hours and you go live with a sandbox within two weeks.
How can I connect my PSUs data?
Your sandbox offers APIs for injecting your own PSU data in JSON format using the latest Open Banking data-model version. For each PSU, post the PSU data as JSON to a specific endpoint.
Can I on-board non-regulated TPPs?
Via our customer-dedicated directory, you can offer access to your sandbox to any developer. In addition, you can either allow anyone to register themselves, or you can register users manually.
Can I customise the OIDC provider to match my production environment?
Yes, we offer the possibility to customise the OIDC provider functionality. For example, your OIDC provider can only support client_secret_post.
How far can I customise the UI?
We offer a UI palette, which allows you to do some simple branding without writing any code. Our UI customisation is currently limited to:

  • Logo
  • Favicon
  • Colors
Where is the sandbox hosted?
Our sandbox is hosted on GKE.
What should I know about the Open Banking Sandbox Free Trial?
The sandbox free trial will give you a good idea of the ForgeRock Open Banking Sandbox functionality. Because it’s only a trial, you may need to manually accept some certifications so it runs properly.