Call Our API Endpoints

When you call our resources, you need to include the previously fetched access token.

When calling any API resource, you need to place the previously obtained OAuth 2.0 authorization token in the Authorization HTTP header:

Authorization: Bearer ${ACCESS_TOKEN}

For accessing PSD2 related services (AISP, PISP), you also need to have a proper client certificate (mutual TLS) issued for a PSD2 licensed subject for every server API call.

Supported Standards

API services we publish currently support the Czech Open Banking Standard (COBS) in the latest version 2.0. The Direct Fidoo implementation of the COBS standard provides services for:

  • List of payment accounts and balances.
  • Transactions on a payment account.

We also keep the list of all supported standards and versions, where you can also find a bit more information about the standards.

Quick Example


Mutual TLS Required

Do not forget that to call this resource, you must use mutual TLS with your eIDAS certificate with mandates for PSD2. Just using the OAuth 2.0 access token is not sufficient.

To call an API for the list of accounts, you can use the following resource:

GET /cobs/2.0/my/accounts

  "pageNumber": 0,
  "pageCount": 1,
  "pageSize": 1,
  "totalCount": 1,
  "accounts": [
      "id": "e0bdc0fc-bd8f-40f4-b404-ff3b11fc10c1",
      "identification": {
        "iban": "CZ6435000000001000557102",
        "other": "1000557102"
      "currency": "CZK",
      "servicer": {
        "bankCode": "3500",
        "countryCode": "CZ",
        "bic": "INGBCZPP"
      "nameI18N": "Acme s.r.o.",
      "productI18N": "Fidoo"

Read the API Reference

You can read more about our API calls in the reference manual. You can also download the Open API definition files to generate your client code automatically.

What’s Next

Read our API Reference to see what data is available.