Open Banking Sandbox As A Service

A model bank and directory that is fully compliant with Open Banking and PSD2

Product Brief


Deploy your Open Banking Sandbox as a Service

Safely demonstrate and test the functionality for your Open Banking ecosystem, enable connection and functional testing for TPPs, meet the PSD2 regulation, offer a great developer experience and let us support your production PSD2 efforts.


Open Banking APIs

The ForgeRock Open Banking Sandbox supports all the UK Open Banking APIs. We also ensure that you always have the most relevant functionality by working closely with the open banking implementation entity (OBIE) on future versions.


Security Conformant

Certification is an incredible tool to assure our products are aligned with industry standards. ForgeRock has been OpenID Connect (OIDC) conformant since 2015 and Open Banking security conformant since March 2018. ForgeRock is also certified by the OpenID Foundation (OIDF) for the new financial-grade API 2 (FAPI 2) conformance. These certifications give customers confidence that your sandbox as a service aligns with required standards for Open Banking.



Make the sandbox yours by customising the user interface (UI), the OIDC provider and the resource server.



Easily obtain sandbox usage metrics for financial conduct authority (FCA) reporting.

OpenID Certified

Want to start today? You're in the right place!    ASK FOR A DEMO


What you need to know about the ForgeRock Open Banking Sandbox as a Service



What is Open Banking and PSD2?

New customer-centric banking models are transforming financial services for the new digital economy. PSD2 (the EU’s Revised Payment Service Directive) and Open Banking pose a new set of technical requirements to ensure customer data is secure and only accessed with authorisation and consent. The Open APIs called for make it possible for Third Party Providers (TPPs) to enter the banking and payment ecosystem, delivering unprecedented innovation and competition.

Read Blog

What Is ForgeRock's involvement in the Open Banking space?

ForgeRock is a key enabler in making PSD2 and Open Banking a reality through the development of a cloud-based application, the Model bank and ForgeRock Directory that deliver the ability to demonstrate and test functionality being designed for an Open Banking ecosystem.

Learn More

When do I need a sandbox?

In order to achieve exemption from the provision of a fallback or screen scraping interface, Account Providers are required to enable connection and functional testing for TPPs by March 14, 2019, at least six months before the September 14, 2019 enforcement date of the Regulatory Technical Standard. This requirement enables authorised payment initiation service providers, payment service providers and account information service providers to test their software and applications used for offering a service to users.

Get Started

What is the ForgeRock sandbox ?

Built to Open Banking UK API specifications, the ForgeRock Open Banking Sandbox provides the agreed standard for testing the functionality of Account Information Service Providers (AISPs) and Payment Initiation Service Providers (PISPs). With this service, organizations in the ecosystem are able to accelerate the development of web and mobile applications for Payment Service Users, such as personal and business banking customers.

Download Product Brief

Nick Caley

With tight timescales to meet the deadlines, the ForgeRock Open Banking Sandbox can provide Account Providers with a compliance ready, cloud hosted service that saves time and money, now and for the future. With this service, ForgeRock is providing a key element for helping financial institutions to ensure success with this wide-ranging set of regulations.



Choose to get started with a 7 day FREE trial or our standard sandbox as a service offering.


FREE Trial

7 days

Get Started

Standard Open Banking Sandbox as a Service

Get Started
Versions of the Open Banking APIs supported by default
Support the Read/Write Data API Specifications for Account Information and Transaction API flows.

Support the Read/Write Data API Specifications for Payment Initiation API flows.

This specification describes the flows and payloads for initiating a general payment-order.

Support the Read/Write Data API Specifications for Confirmation of Funds API flows.

Support the Read/Write Data API Specifications for Event Notification API.

This specification describes the flows and payloads to allow ASPSPs to deliver event notifications to TPPs

Support the headless authentication and authorisation flow. This allows TPPs to bypass the UI interaction and directly get an access token with the right privileges. This feature becomes essential for writing automated tests or running the security conformance tests suits in headless.


We offer a UI palette, which allows you to do some simple branding without writing any code. Our UI customization is currently limited to :

  • Logo
  • Favicon
  • Colors
Create new PSUs and customize the financial data for each of them. Via REST APIs, the format expected is the latest Open Banking data-model. Those APIs will be restricted to your admin system.
You can customize the AS well-known to match your production environments. For example, you can enable the ‘private_key_jwt’ and disable the ‘client_secret_basic’ token authentication method.

Out of the box, we currently allow you to:

  • Disable endpoints
  • Disable specific AISP permissions. Ex: ReadParty
  • Customize the page size by resource: Ex: 120 transactions per pages
Customize the domain of your sandbox. For example
The sandbox will be exposed under HTTPs. By default, it will be “Let’s encrypt” certificates. You can choose to use your own certificates from your favorite CA.
Our sandbox uses ForgeRock AM, our OIDC provider that has been OIDC certified since 2015.
Our sandbox was FAPI 2 certified by OIDF in March 2019.
Our sandbox has been Open Banking security conformant since March 2018.
Our sandbox is integrated with the OBIE sandbox directory. This means TPPs registered in this directory will be able to access the Open Banking APIs.

ForgeRock has implemented an Open Banking directory dedicated for testing. This allows your developers to access the sandbox as a TPP without the need to register to OBIE. This is particularly handy for your automated testing.

Support the Dynamic Client Registration as per Open Banking specification. TPPs would be able to on-board your sandbox automatically, via REST APIs.

Support manual on-boarding of TPPs via a user interface (UI).

Payments completed by TPPs are simulated. For example,the account of the PSU will be debited, and the credit accounts would be credited accordingly (if the creditor account(s) is owned by the account servicing payment service provider [ASPSP] as well). We support payment simulation for all of the different payments flows, including international payments and payment files.

The ForgeRock Open Banking Sandbox supports IP filtering on APIs/UI on demand. For example, you could restrict the access of the ForgeRock directory to your office.
Each application will have at least two instances and will be hosted in different zones.
For those purchasing the Open Banking Sandbox as a Service, ForgeRock will provide a second line support for the sandbox. As an ASPSP, you will be in charge of doing the first line support with the TPPs, and ForgeRock will assist you if you struggle to help TPPs using your sandbox.
Get Started Get Started


Frequently Asked Questions

Got questions? We've got answers. If you have other questions, please contact us with the webform.


Yes. Please get in touch with us for more information.

Please get in touch with us for pricing. Pricing is based on term and usage.

Generally, we can provide your dev environment in a few hours and you go live with a sanbox within two weeks.

Yes, you can.

Your sandbox offers APIs for injecting your own PSU data in JSON format using the latest Open Banking data-model version. For each PSU, post the PSU data as JSON to a specific endpoint.

Via our customer-dedicated directory, you can offer access to your sandbox to any developer. In addition, you can either allow anyone to register themselves, or you can register users manually.

Yes, we offer the possibility to customize the OIDC provider functionality. For example, your OIDC provider can only support client_secret_post.

We offer a UI palette, which allows you to do some simple branding without writing any code. Our UI customization is currently limited to:
  • Logo
  • Favicon
  • Colors

Our sandbox is hosted on GKE.

The sandbox free trial will give you a good idea of the ForgeRock Open Banking Sandbox functionality. Because it’s only a trial, you may need to manually accept some certifications so it runs properly.