Sandbox testing · Postman
Postman Collection 2 min read
A Postman collection provided to the UAE Open Finance ecosystem to help LFIs and TPPs test their API implementations against the Open Finance Trust Framework. The collection covers the full sandbox flow — TPP registration, consent, authorization, and payments — and can be downloaded pre-configured for your application from the Getting Started page.
Nebras-Open-Finance / postman
The two .postman_collection.json files at the root of the repository are the published surface — import either one into Postman to start using it.
banking.postman_collection.jsonBanking collection — consent, account & transaction data, payment initiation, Confirmation of Payee, products & leads, ATMs, and webhooks.insurance.postman_collection.jsonInsurance collection — consent, policy data sharing, quotation, revocation, and webhooks.mainLive source of truth — published, authoritative, externally consumable. New implementers should work from the latest version on
main.other branchesDrafts of future content (for example a forthcoming
v2.2). The Nebras Open Finance team will announce when draft content is ready for ecosystem review. Collections
What's inside
Folders inside each .postman_collection.json, the role they require, and what they cover.
Banking
V1.2 · V2.0 · V2.1 (current)| Folder | Role | Description |
|---|---|---|
| Data Sharing | BDSP | Consent lifecycle plus account, balance, transaction, beneficiary, standing order, and party data. Available in application/json and application/jwt formats. |
| Service Initiation — Domestic | BSIP | All payment consent types: single instant (including CoP and multi-auth variants), all six multi-payment schedule types, delegated SCA, and refunds. |
| Service Initiation — International | BSIP | Single instant and fixed periodic schedule for cross-border transfers. |
| Confirmation of Payee | BSIP | Two-step name verification: discovery (API Hub) then confirmation (resolved LFI). Client credentials flow, application/jwt throughout. |
| Products, Leads | BDSP | Open data endpoints — no user consent required. |
| ATMs | BDSP | ATM location and service data published by LFIs. No user consent required. |
| Webhooks | — | Simulate JWE-encrypted event receipt and 202 Accepted response. |
Insurance
V2.1 (current)| Folder | Description |
|---|---|
| Data Sharing | Consent and access to insurance policy information. |
| Quotation | Insurance quote retrieval following consent. |
| Revoke | Consent revocation by ID or group ID. |
| Webhooks / Do Fail | Webhook receipt testing and failure simulation. |