Sorry, you need to enable JavaScript to visit this website.

Frequently Asked Questions

The following APIs are available:

  • Accounts APIs
  • Payments APIs
  • Credit Cards
  • Confirmation of Funds

If you are interested in the APIs currently available for, AIB (NI) or Allied Irish Bank (GB) please visit the relevant Developer Portal.

Further information regarding our APIs can be found on the ‘API Products and Benefits’ page.

To register for access to the Developer Portal simply click the ‘Register’ button at the top of the screen and fill out the form to create an account. Check for an email with an activation link. Once you have activated your account and created a password, you will then be able to log in and access our APIs.
For further details see the ‘Getting Started’ section.
Security is important to us. The sandbox and the live environment meet the latest security standards. We’ve employed the 0Auth 2.0 consent model to enable customers to grant access to third party service providers (your application) in a clear and secure manner. 

Our sandbox provides an opportunity for developers to test their app before building in production. The sandbox is a safe, secure environment where you can test your apps functionality and test our API integrations with your apps.

Please refer to the getting started page which explains how you can onboard and get access to our sandbox environment

No, you cannot re-use the same application across AIB Group. You will need to log in separately and add a new application in each developer portal.

1. eIDAS QWAC. This is the certificate to use in the MATLS network level connection at runtime.

2. A recognised certificate capable of creating a digital signature. The digital signature is required during the OIDC client authentication using the private_key_jwt client authentication method. This certificate can be an eIDAS QSealC or a certificate signed by a recognised public Certificate Authority.

The Fallback Mechanism can be used if the API Channel or certain API functionality is unavailable.

The Fallback provides TPPs with ability to identify themselves to the bank, an eIDAS certificate is required to access the Fallback Mechanism. The Fallback Mechanism effectively provides access to the PSU’s direct interface. Access to this mechanism is by way of unique URL.

As part of authentication journey where the TPP is using the Fallback, the customer will also need to complete the Multi Factor Authentication process as part of entering their banking credentials to complete the flow.

For information on how to access the Fallback Mechanism please contact us on

If you come across a bug please contact our team at

What changes are AIB making?

The OBIE Read/Write API specification (in v3.0, 3.1, 3.1.1, 3.1.2 and 3.1.3) require both TPPs and ASPSPs to sign all payment messages. The OBIE Specification makes use of the "b64" header parameter and this controls whether the usage is Base64URL encoded before signing. This header is not widely supported in the majority of JWT libraries and therefore requires us to make a change.

When are we making this change?

The change will be implemented in AIB's Sandbox environment on June 1st 2020 with a view to implementing to live APIs on the 16th of June 2020.

What does this mean for you?

You as a TPP, under the specification mentioned above must not validate the message signature during the period of the waiver.

OBIE will update the conformance harness to not generate or validate the message signature during the period of the waiver. After expiration of this waiver, TPPs must support message signatures as defined in their Payment Initiation APIs implementation. We as an ASPSP will include details of which version we support in our API documentation which can be found on our Developer Portals.

For further information on Waiver007 please refer to the Open Banking documentation in the following link:

If you have any questions or concerns, please don’t hesitate in reaching out to our support mailbox

Additional information

  • Our supported version of payments endpoints is currently v3.1.1
  • To validate signatures, AIB are expecting the following headers in x-jws-signature format:
    • Validation will fail if x-jws-signature is NOT sent or signature is invalid
    • A signature will be deemed invalid if the b64 header is true or missing, for example, if the payload was Base64URL encoded before signing.
    • The JWS must contain the following headers {"b64":false, "crit":["b64"]}
  • Where required, AIB will send the signature for all existing API endpoints that require messages to be signed in request and or response
  • Please note, this signature will NOT be Base64URL encoded.
  • The JWS will contain these headers {"b64":false, "crit":["b64"]}
  • This will be applicable for all existing API endpoints that require messages to be signed in request and or response.

To learn more about Allied Irish Bank visit

If you have any further questions please don’t hesitate to contact us at

The performance and availability statistics of our dedicated interface can be found here