> ## Documentation Index
> Fetch the complete documentation index at: https://docs.yapily.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Santander Bank

## Links

* [Developer Portal](https://developer.santander.co.uk/sanuk/external)

## Scopes

* Open Data 🌐
* Account Information 🔒
* Payment Initiation 🔒
* VRP 🔒

## Live Environment

**Precondition**: To connect to live Open Banking entities, whether you are accessing account information or initiating payments, your business must have the right regulatory permissions as per the [Open Banking Guide](/tools-and-services/open-banking/enrolment-guide).

1. Upload your transport and signing certificates (PEMs) created in the Open Banking directory, along with the keys into Yapily's [certificate vault](https://console.yapily.com/certificates).

2. Add **Santander** from the **Live** tab to your Dashboard application and add your `Signing key Id`, which can be obtained from the Open Banking Directory.

3. Select your Open Banking transport and signing certificates from the relevant drop-downs lists then click *Next*.

4. Click the 'download the SSA' button to download your Software Statement Assertion from the Open Banking Directory. This is the token that the Open Banking UK institutions will use during registration to verify your enrolment and possibly create your application.

5. Log in to [Santander's developer portal](https://developer.santander.co.uk/sanuk/external/ibm_apim/oidc/openbanking) using Open Banking SSO

6. Create a new production app using the downloaded SSA. Set the appropriate organisation role.

7. Copy the credentials for this app from the Santander developer portal into the credentials view for Santander in the Yapily dashboard. Add the obtained *`Client ID`* as **Key** and the *`Client secret`* as **Secret**. Click 'Next' to save.

## VRP Sweeping Access

In order to access the VRP endpoints we have to grant your Yapily application additional scopes. If you do not have these scopes then please contact your customer success manager to get them added.

<Info>
  The following steps are not intended for Yapily Connect customers.
</Info>

Precondition: To use VRP on `santander_uk` a manual registration via API is required.

Pre-requisites for Manual registration:

* Valid OBWAC / OBSEAL certificates
* PIS registration details for `santander_uk`

<Info>
  You can use existing PIS registration details for this institution to gain VRP sweeping access. The registration details can be found on the Yapily Console for the given application. If a new registration is required (e.g. if you are using a new redirectUri for VRP and it is not covered in the existing registration) then you will have to manage your applications on the institution developer portal. Ensure that the application is subscribed to the latest API version on the institution portal. The existing or new registration credentials from the Yapily Console will be used in the steps below.
</Info>

### Steps Required for Manual registration

1. Upload the signing (OBSEAL) and transport (OBWAC) certificates if not already present

You can check if the certificate is present already by navigating to the Console -> Certificates. If absent please upload the certificate.

Once confirmed, we need the UUID of the certificate which can be found in the Console -> Certificates -> Certificate; the UUID will appear in the browser URL bar as follows:
`https://console.yapily.com/certificates/<UUID>`

Save the `UUID` and remember for which kind of key it corresponds to:
e.g. `SIGNING_KEY_UUID = d16f87d3-4222-4173-b8b9-44aeccacae7d`

Once you have done it for the signing key, repeat the process for your transport certificate.

2. Call the manual registration endpoint

The final step is to call the manual registration endpoint with the certificate UUIDs and credentials from your application created on the portal.

The `apiTypes` field in the example has both types but if the registration in question grants PIS access only then only provide `PISP`.

If a custom redirect URI (not Yapily's) is used for the registration then you can provide it in the `redirectUri` field.

The `clientId` field corresponds to the `key` field on the Yapily Console.

The `clientSecret` corresponds to the `secret` field on the Yapily Console.

Request

```shell theme={null}
curl --location --request POST 'https://api.yapily.com/institutions/santander_uk/manual/register' \
     --header 'Content-Type: application/json' \
     --header 'Authorization: Basic ...' \
     --data-raw '{
            "signingKeyID": "$SIGNING_KEY_UUID",
            "transportKeyID": "$TRANSPORT_KEY_UUID",
            "clientId": "$CLIENT_ID",
            "clientSecret" : "$OPTIONAL_CLIENT_SECRET",
            "softwareStatementId": "$SSA_ID",
            "organisationId": "$ORGANISATION_ID",
            "apiTypes" : ["AISP", "PISP"],
            "redirectUri" : "<optional-redirect>"
            }'
```

Response

```shell theme={null}
{
"id": "a0460a91-4b4c-422a-bbe6-bebe0b92e308"
}
```

This is the Yapily registration `id` which can be used to Get, Modify, Delete the registration.

## Payments

### Bulk Payments

* Domestic and Scheduled payments are supported
* Maximum 3500 payments per request
* For every payment the same payer must be specified
* Only accepts bulk payments where all creditors are trusted beneficiaries

## Support

If you require technical support with certificate management, please contact [Support](/resources/support).