• API Documentation not clear at all

Hi,

I'm new to Bunq and wanted to play around with the API in the sanbox first. I'm an experienced developer but the documentation to me is not clear resulting in failed authentication.

The steps I performed so far is:

  1. Create a sanbox API in the developers portal (prefixed with sandbox_)
  2. Try to do an installation but this part fails, I used to code below but get the error '{"Error":[{"error_description":"Insufficient authentication.","error_description_translated":"Onvoldoende authenticatie."}]}'

`$requestUri = 'https://public-api.sandbox.bunq.com/v1/installation'
$headers = @{
'Content-Type' = 'application/json'
'X-Bunq-Client-Request-Id' = (New-Guid)
'User-Agent' = 'PowerShell'
'Cache-Control' = 'none'
'X-Bunq-Language' = 'nl_NL'
'X-Bunq-Region' = 'nl_NL'
'X-Bunq-Geolocation'= '0 0 0 0 000'
'X-Bunq-Client-Authentication' = $sanboxApiKey
}
$body = @{
'client_public_key' = $formattedPublicKey
}

$sanboxApiKey = Invoke-WebRequest -Method Post -Uri $requestUri -Headers $headers -body ($body | ConvertTo-Json -Depth 10)`

While the Quickstart - Opening a session refers to a 'Authorization' header I cannot find this in the installation POST instructions of the documentation page.

I also found a Bunq Together post from 2020 with a full cURL example, put this example uses an old endpoint 'sandbox-user' But when skipping to the installation step (I'm using the same headers and there is also no 'Authorization' header) it fails with the above error.

Can someone point me in the correct direction or a decent example of the entire flow needed to perform an installation and make a first API call to an endpoint.

Thank you!

    Ok I fixed the Insufficient authentication error, I was reading the quick start again and noticed you should not use 'X-Bunq-Client-Authentication' on this endpoint, so replaced it with ''Authorization' = "Bearer $sanboxApiKey"' which fixed that problem.

    Now I get an error "Client public key invalid" so going to figure that one out. This is also not well documented just a oneliner saying 'Post your public key to the Installation endpoint (use \n for newlines in your public key).'

      I also fixed my certificate issues and can now successfully do a installation and retrieve the token. A few things are still not clear to me and I'm hoping someone could elaborate more on this.

      1. The docs specify that you only need to do an installation and device-server once, so here I assume that the token retrieved from installation is a permanent one for that specific installation and you create and renew sessions with that token?
      2. The delete method is not supported on installation or device-server, so how do you remove unused or even compromised installations from the environment?

        Hey there, @New-Taupe-Lizard-2914536301#287444 👋 I appreciate you reaching out, and I'm here to assist you to the best of my abilities. However, the issue you're facing seems to require specific support from the API team. For a quicker and more accurate resolution, I recommend reaching out to API support directly at apipartner@bunq.com. They'll be better equipped to address your concerns and provide the necessary assistance, so this can be resolved for you ASAP! 🚀

          @vplamenov-Olive-Gemsbok#287446 Do I need to do this for all the lacking information on de docs page? Because I just opened another discussion on a different part.

            @New-Taupe-Lizard-2914536301#287461 Indeed best to contact the API team directly, since the community cannot help you with this. Therefore I'll hide your other post, can you also send this to the API team? Thanks!

              Write a Reply...