Jakob
Hi Jakob. Many thanks for your response. Before tackling PSD2, I want to test the routes in Sandbox. After following the documents (as you had suggested) and testing out the Bunq Public API, I'm constantly getting a "Request signature is required for this operation" error when adding a session in Sandbox. I am able to successfully generate an api_key for the user, get a valid installation token, and retrieve an id when adding a device. For the session server, I'm posting to the following URL and sending these details:
POST: https://public-api.sandbox.bunq.com/v1/session-server
Headers:
...
X-Bunq-Client-Authentication: {{installation_token}
X-Bunq-Client-Signature: {{signature}
Body:
{"secret":"{{api_key}}"}
After generating this flow in Postman and getting the previously highlighted error, I recreated the process in my local environment with the following information:
Saved the following files from the Sandbox environment
signature.txt: {"secret":"sandbox_aee..."}
private_key_client.pem: -----BEGIN PRIVATE KEY-----
MII...
-----END PRIVATE KEY-----
Created signature algorithm using SHA256
openssl dgst -sha256 -sign private_key_client.pem -out SandboxSignature.txt signature.txt
Encoded the signature with Base64
openssl enc -base64 -in SandboxSignature.txt -out SandboxSignatureEncoded.txt -A
The following steps returned a different output than what I originally generated in Sandbox. Unfortunately, after updating the signature value in Sandbox, the new code returned the same exact error.
Could please explain to me what I'm doing wrong? Your advice will be greatly appreciated. Many thanks.