Open Banking API Design: Building FinTech Integrations That Banks and Partners Trust
Introduction
FinTech products increasingly depend on bank APIs—account verification, balance checks, payment initiation, transaction history. Open banking frameworks (PSD2 in Europe, UPI in India, emerging standards globally) formalized what embedded finance teams already knew: financial APIs are integration projects with regulatory teeth.
Bad financial API design creates reconciliation nightmares, expired consent flows, and partner integrations that break silently when a bank changes field formats.
This guide covers the API architecture patterns FinTech teams need for bank connectivity, partner webhooks, and embedded finance products.
Section 1: Consent and Authorization
Open banking access is consent-based:
- User authenticates with bank (OAuth 2.0 / OIDC),
- User grants scoped consent (read accounts, initiate payments),
- Platform receives time-limited access token,
- Refresh or re-consent before expiry.
Engineering requirements
- Store consent metadata: scopes, expiry, bank connection ID,
- Proactive re-consent UX before token expiry,
- Revocation handling (user removes access at bank),
- Audit log of every data access under consent.
Never store bank credentials—only tokens from regulated consent flows.
Section 2: API Contract Design
Idempotency (again)
Payment initiation APIs must accept idempotency keys. Account balance pulls should be safe to retry but logged to detect abuse.
Versioning
Banks version APIs with little notice. Design for:
- explicit API version in path or header,
- adapter layer per bank (do not leak bank-specific quirks to your core domain),
- contract tests against bank sandboxes in CI.
Pagination and sync
Transaction history APIs are paginated and eventually consistent. Use:
- cursor-based pagination,
sincetimestamps for incremental sync,- deduplication by
bank_transaction_id.
Section 3: Webhook Architecture
Banks notify via webhooks for payment status, consent changes, and account events.
- Verify signatures (HMAC, mTLS),
- Idempotent processing by
event_id, - Dead letter queue for failed processing,
- Replay tooling for support investigations.
Section 4: The Adapter Pattern
Your core domain
↑
Bank adapter layer (per institution)
↑
Bank API / aggregator (Plaid, Tink, TrueLayer, etc.)
Core domain speaks your models (Account, Payment, Transaction). Adapters map bank-specific JSON to domain events. When a bank changes, you update one adapter—not your ledger.
Section 5: Reliability and SLAs
Bank APIs have maintenance windows and variable latency.
- Circuit breakers per bank connection,
- Cached balances with staleness indicators for read-heavy UIs,
- User messaging when bank link is degraded,
- Fallback flows (manual verification) when automation unavailable.
Section 6: Security
- mTLS for server-to-server where required,
- Encrypt tokens at rest (KMS),
- Scope tokens to minimum permissions,
- Rate limit per user and per tenant,
- PCI scope separation if card data touches adjacent flows.
Conclusion
Open banking integrations are long-lived adapter engineering—not one-time REST calls. Invest in consent lifecycle, idempotent payments, bank adapters, and webhook reliability from the first partnership.
Related reading:
For API and integration architecture: