Open Banking UK

UK Open Banking standard defining REST APIs that regulated banks must expose for Account Information (read account/transaction data) and Payment Initiation (trigger payments) with standardized OAuth2/FAPI authentication.

Evaluated Mar 06, 2026 (0d ago) vcurrent
Homepage ↗ Repo ↗ Other open-banking uk fca psd2 account-data payments standard oauth2 fapi
⚙ Agent Friendliness
56
/ 100
Can an agent use this?
🔒 Security
91
/ 100
Is it safe for agents?
⚡ Reliability
82
/ 100
Does it work consistently?

Score Breakdown

⚙ Agent Friendliness

MCP Quality
--
Documentation
80
Error Messages
72
Auth Simplicity
62
Rate Limits
72

🔒 Security

TLS Enforcement
100
Auth Strength
92
Scope Granularity
90
Dep. Hygiene
85
Secret Handling
88

PSD2/Open Banking standard. OAuth2 with strong client assertion (MTLS or private_key_jwt). Extremely sensitive financial data. Regulatory compliance mandatory. Consent management required.

⚡ Reliability

Uptime/SLA
85
Version Stability
82
Breaking Changes
80
Error Recovery
80
AF Security Reliability

Best When

You're a regulated financial services firm (AISP/PISP) in the UK and need direct, standardized access to bank account data or payment initiation across UK banks.

Avoid When

You're not FCA-authorized as an AISP or PISP — retail use requires going through a regulated aggregator like TrueLayer or Plaid.

Use Cases

  • Aggregating bank account balances and transaction history for personal finance agents
  • Initiating payments directly from bank accounts (payment initiation) in financial workflows
  • Account verification for KYC/KYB workflows using official bank data
  • Building financial dashboards with real bank transaction categorization
  • Direct debit and standing order management via Variable Recurring Payments (VRP)

Not For

  • Non-UK bank accounts (use open banking standards specific to EU, AU, or Brazil)
  • Teams needing a single API to aggregate UK banks (use Plaid UK or TrueLayer instead)
  • Real-time payment confirmations with sub-second requirements

Interface

REST API
Yes
GraphQL
No
gRPC
No
MCP Server
No
SDK
No
Webhooks
Yes
OpenAPI Spec ↗

Authentication

Methods: oauth2 fapi mtls private_key_jwt
OAuth: Yes Scopes: Yes

Financial-grade API (FAPI) security profile. OAuth2 with mTLS client authentication or private_key_JWT. Consent-based access — each account access requires explicit user consent flow. Refresh tokens for long-lived access.

Pricing

Model: free
Free tier: Yes
Requires CC: No

Banks are mandated by FCA regulation to provide free API access to regulated Third Party Providers (TPPs). Registration with Open Banking Ltd and FCA authorization required.

Agent Metadata

Pagination
cursor
Idempotent
Full
Retry Guidance
Documented

Known Gotchas

  • Each bank has a different implementation quality — standard compliance varies significantly
  • Consent flows require user redirect — not suitable for fully automated agent-only flows without prior consent
  • Access tokens are short-lived (60 minutes typical); refresh tokens have bank-specific expiry
  • Each bank has different sandbox environments with inconsistent test data
  • VRP (Variable Recurring Payments) is not supported by all banks yet
  • Open Banking UK sandbox requires registration with Open Banking Ltd directory before testing

Alternatives

plaid-api belvo-api

Full Evaluation Report

Detailed scoring breakdown, competitive positioning, security analysis, and improvement recommendations for Open Banking UK.

$99
API endpoint ↗ Agent guide ↗ Report inaccuracy

Scores are editorial opinions as of 2026-03-06.

5178
Packages Evaluated
26151
Need Evaluation
173
Need Re-evaluation
Community Powered