Overview
The Yapily API uses HTTP Basic Authentication. You authenticate using:
- Username: Application ID
- Password: Application Secret
For comprehensive setup instructions, see the API Authentication Guide.
Never commit credentials to version control. Store them securely using environment variables.
Getting Credentials
- Log in to Yapily Console
- Navigate to Applications
- Create or select an application
- Download your Application ID and Secret
The Application Secret can only be retrieved once. Store it securely.
Making Authenticated Requests
curl -X GET 'https://api.yapily.com/institutions' \
-u 'YOUR_APPLICATION_ID:YOUR_APPLICATION_SECRET'
import requests
from requests.auth import HTTPBasicAuth
response = requests.get(
'https://api.yapily.com/institutions',
auth=HTTPBasicAuth('YOUR_APPLICATION_ID', 'YOUR_APPLICATION_SECRET')
)
const axios = require('axios');
const response = await axios.get('https://api.yapily.com/institutions', {
auth: {
username: 'YOUR_APPLICATION_ID',
password: 'YOUR_APPLICATION_SECRET'
}
});
Using Consent Tokens
After obtaining user consent, pass the consent token in the consent header:
curl -X GET 'https://api.yapily.com/accounts' \
-u 'YOUR_APPLICATION_ID:YOUR_APPLICATION_SECRET' \
-H 'consent: USER_CONSENT_TOKEN'
Security Best Practices
- Store credentials in environment variables or secrets managers
- Use HTTPS only (enforced by API)
- Rotate credentials regularly
- Revoke compromised credentials immediately
Next Steps
Get Institutions
Discover available banks.
Create Authorization
Request user consent.