What is PSD2?

The Second Payment Services Directive obliges banks to open up payments infrastructure and customer data to other organisations (third party service providers) with customers consent.

Are there any restrictions to sandbox usage?

No. Sandbox is free and available for everybody to test and develop.

What kind of data your Sandbox contains?

Our sandbox contains dynamic data to get the best out of testing.

Who maintains Open Banking Developer Portal?

Portal is maintained by Oy Samlink Ab.

How can I gain access to production environment?

Production PSD2 API for each bank will be available at omasp-psdapi.samlink.fi, pop-psdapi.samlink.fi and sp-psdapi.samlink.fi respectively. Production TPP registration API for all banks will be available at reg.samlink.fi. Production authorization service for all banks will be available at authservice.samlink.fi.

When API was available in production?

API has been available in production since 9th of September 2019.


Accessibility is the practice of making your websites usable by as many people as possible.
It includes:

  • Semantic HTML, which improves accessibility.
  • Caring about accessibility demonstrates good ethics and morals, which improves your public image.
  • Other good practices that improve accessibility also make your site more usable by other groups, such as mobile phone users or those on low network speed.

Change log


Consent and Payment initiation response _links/scaOAuth now points to OAuth metadata endpoint, instead of straight to authorize endpoint:

      "scaOAuth": "https://sml-prod-psd2.azure-api.net/.wellknown/oauth-authorization-server",
      "self": "/psd2/v1/consents/gqHPIqjwpp",
      "status": "/psd2/v1/consents/gqHPIqjwpp/status" 
  "consentId": "gqHPIqjwpp",
  "consentStatus": "received",
  "scaMethods": [] 

Metadata endpoint https://sml-prod-psd2.azure-api.net/.wellknown/oauth-authorization-server will return a JSON with the authorization and token endpoints:

  "issuer" : "https://sml-prod-psd2.azure-api.net", 
  "authorization_endpoint" : "https://sml-prod-psd2.azure-api.net/samlink-api-sandbox/oauth/authorize", 
  "token_endpoint" : "https://sml-prod-psd2.azure-api.net/samlink-api-sandbox/oauth/token"

Payment initiation response now contains the _links element as above, and transactionFeeIndicator element with value "false".

Consent usage counts are now not increased if the request contains PSU-IP-Address header, which indicates that the consent user is active in the TPP application while the request was made.


Added support for future dated payments with requestedExecutionDate in the future.

New sandbox endpoint /management/execute-future-dated-payments to help with testing future payments.