Getting Started

This guide will walk you through the steps to make your first requests to the sandbox API. Calling endpoints in production will follow a similar process but use different URLs.

Overview

Getting started with the Astra API follows a simple, five-step process:

  1. Create your developer account
  2. Get your API keys and OAuth URL
  3. Create a test user profile
  4. Authorize your client with the test user
  5. Make a request to the API with an access_token

Create your developer account

You will need an active developer account to use Astra's sandbox API.

Sign up

  1. If you haven't already, browse to our Sandbox Dashboard
  2. Enter your email and create a password
  3. Enter your first and last name
  4. Agree to our Developer Policy and Terms of Service
  5. Click the Create Account button

You now have an active developer account.

Get your API keys and OAuth URL

Once you have a developer account, you will need to generate and use the integration details for your client.

  1. In the Dashboard tab, fill out the application form and click Save Changes. This will generate your application credentials (client_id & client_secret), which will be located beneath the Application section
  2. Make note of these details and store them securely

You may always return to the dashboard to access your keys. To rotate your keys or edit your redirect URI please contact us.

📘

Note that Redirect URIs are used to guide Users back to a specific page in your application after exiting our SDK. You may register multiple Redirect URIs through your Developer Dashboard, but it's important to note that Redirect URIs must remain consistent in OAuth URLs when an end-user is navigating through our SDK.

Create a test user profile

To create the authorization required to make a request to the Astra API on behalf of an end user, you will need a test user profile. You can follow this process to create one.

Creating a new test user

  1. If you haven't already, browse to our Sandbox Application
  2. Enter your phone number
  3. When you click Continue you will then receive an SMS message that includes a one-time use code
  4. Enter the code you received
  5. Enter your name and email
  6. Agree to our Privacy Policy and Terms of Service
  7. Click Continue
  8. Click the button to Connect Bank Account (you will need at least one connection to simulate real world user details. Test credentials will show up on the screen.)

You now have an active user profile. You can always log into the app again using your phone number. Within the app, you can add or edit your bank connections, see your accounts, and check the verification status of your user profile.

Authorize your client with the test user

The majority of the endpoints in the Astra API require Authorization of your client application by the end user. This process generates the Authorization Code you will exchange for an Access Token.

  1. Browse to the OAuth URL listed in the dashboard
  2. Using your test user profile (from above), log in, then click Authorize
  3. On success, the user will be redirected to the URI associated with your developer account
  4. Capture the authorization_code from the URL
  5. Exchange the authorization_code for an access_token via POST /v1/oauth/token endpoint

📘

Currently, you must use an API tool like Postman or a server to securely exchange the authorization_code in step 5. If your client is a Single Page Application (SPA), contact us for more information.

Make a request to the API with an Access Token

All endpoints that interact with an end user's Accounts or Routines require an Access Token in the API request header.

  1. Capture the access_token from the authorization step above
  2. Add Authorization: Bearer access_token to the header of a request
  3. Make a request to the API (we recommend the GET /v1/accounts endpoint
  4. A successful request will return the appropriate payload
  5. Congratulations, you are now ready to set up automated Routines and Transfers!