Getting Started
Welcome to the Landsbankinn Development Platform! Here you find instructions on how to start using our APIs.
In these instructions, an application refers to the software you develop and operate outside of the bank that uses the bank's API to access data and services.
Application Registration
Our products are grouped by category based on the type of service that is being provided:
- Open Data APIs: These provide access to data that is generally available under our terms of use.
- Access Controlled APIs: These provide access to controlled data and services, subject to additional terms and conditions.
- Payment Services Directive APIs: These APIs provide access to data and services based on the Payment Services Directive, subject to terms and conditions laid out by applicable laws.
A list of available Open Data APIs and Access Controlled APIs can be found on the API Products page. If you have ideas for new products, please email us!
Register an Application for Open Data APIs
To access open data, start by creating a developer account on our portal for free if you haven't done so already by clicking the "Sign up" button above.
Once you have an account, your next step is to obtain an API key. Navigate to "My Apps" and register your application by clicking the "Add a New App" button. It is advisable to give your application a meaningful and descriptive name to easily identify its purpose.
Landsbankinn offers two environments: sandbox (for testing) and production. Apps in the sandbox environment are automatically approved. Select the endpoints you wish to access in the "Products" tab.
When your application is ready, register a new application in the production environment. Note that it may take a few business days for your application to be approved. API keys for your apps are always accessible in the developer portal.
Remember to keep your API key safe. If your API key is publicly exposed others might start using it, which could lead to its suspension or even cause your account to be disabled. Best practices include not embedding API keys directly in code, not storing API keys in files inside your application's source tree and deleting unneeded API keys.
Register an Application for Access Controlled APIs
If you, as a customer or service provider, need access to access controlled data or services, you will need a special type of application that can communicate with those APIs. These apps are not managed through the developer portal. A bank service representative must register an application for you, connect it with a Búnaðarskilríki, and assign the required permissions to it. Each of these apps is linked to a specific customer or service provider. Multiple apps can be created for each entity. Access permissions are assigned to each application and apply within the scope of a single customer or service provider.
Authentication is required for all calls to access controlled APIs, and the application needs a Búnaðarskilríki issued by Auðkenni to authenticate. Apps for access controlled data can also access open data APIs, in which case only the API key is required without additional authentication.
Payment Services Directive APIs
For more information about registration and authentication for Payment Services Directive APIs refer to our Payment Services Directive APIs documentation.
API call examples
Example Call to an Open Data API
curl -X GET https://openapi.landsbankinn.is/Markets/Currencies/v2/Currencies/ \
-H 'apikey: 6bwTZKsjWe8cLc89wO90VtnAnuiiSEko'Set the apikey header to your app's API key. Authentication is not required to access open data, but you must include the API key assigned to your app in the Developer Portal.
Example Call to an Access Controlled API
First, obtain an Access Token for communications with Access Controlled APIs (see below).
curl -X GET https://openapi.landsbankinn.is/api/Claims/ClaimTemplates/v1/ClaimTemplates/ \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2F1dGgubGFuZHNiYW5raW5uLmlzIiwiYXVkIjpbImh0dHBzOi8vb3BlbmFwaS5sYW5kc2Jhbmtpbm4uaXMiXSwic3ViIjoiMTIzNDU2Nzg5MCIsImlhdCI6MTUxNjIzOTAyMn0.T7PWJuPA2VQp99z3l7bm4oK9XuH1nsQcPyMNEJmwBqgx-Nx6Ii3yWnPns8cni3nU9-55lzbr9TYZbvn6zLKvsdrZGu_MT6lMJjOmiPyiuD1ORRiz1C6GQ03pNelG06uJJiAebl-jcpCKpafbgamKab0y9QgKAmPC0g797o7Xw517UAKjXMB-TS3LjDFo7MtmlhvVu5gouaN4eNxrDcXUfiSvmEwU_QWC4A7fmBNB2E0D1Ld4VE0hEmnOnixZKOSO32Aeb8E9KbjlxMH2fs-At6ACqTHqvtrK9YDSEy-NDLsOLgFpFmSb4POPtg8t5gT9ISElD-ISyZ-Xy9YBImYXuA' \
-H 'apikey: IcN4FHj2g1KNe9Rru0mS50yfsTlYE23j'Set the Authorization header to the token you obtained and set the apikey header to your API key.
Authentication
Authentication is only needed for communications with Access Controlled APIs and Payment Services Directive APIs. This section focuses on Access Controlled APIs, for Payment Services Directive APIs check out the Payment Services Directive APIs documentation. Communications with Open APIs do not require authentication.
Authentication URLs
Sandbox
- Discovery endpoint
- https://authsandbox.landsbankinn.is/.well-known/openid-configuration
Production
- Discovery endpoint
- https://auth.landsbankinn.is/.well-known/openid-configuration
Obtain an Access Token for Communications with Access Controlled APIs
Before you can authenticate an app and obtain an access token, you need the following:
- A P12 certificate file with the Búnaðarskilríki from Auðkenni (e.g., "YourCompanyName.pfx")
- A password for the Búnaðarskilríki certificate file, also provided by Auðkenni.
- An API key for an app that can call an Access Controlled API
To communicate with a controlled API, you first need to authenticate through the OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens flow. In short, this means that your app authenticates with us using a client certificate, in this case a Búnaðarskilríki.
Here is an example response of a successful access token request:
{
"access_token":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2F1dGgubGFuZHNiYW5raW5uLmlzIiwiYXVkIjpbImh0dHBzOi8vb3BlbmFwaS5sYW5kc2Jhbmtpbm4uaXMiXSwic3ViIjoiMTIzNDU2Nzg5MCIsImlhdCI6MTUxNjIzOTAyMn0.T7PWJuPA2VQp99z3l7bm4oK9XuH1nsQcPyMNEJmwBqgx-Nx6Ii3yWnPns8cni3nU9-55lzbr9TYZbvn6zLKvsdrZGu_MT6lMJjOmiPyiuD1ORRiz1C6GQ03pNelG06uJJiAebl-jcpCKpafbgamKab0y9QgKAmPC0g797o7Xw517UAKjXMB-TS3LjDFo7MtmlhvVu5gouaN4eNxrDcXUfiSvmEwU_QWC4A7fmBNB2E0D1Ld4VE0hEmnOnixZKOSO32Aeb8E9KbjlxMH2fs-At6ACqTHqvtrK9YDSEy-NDLsOLgFpFmSb4POPtg8t5gT9ISElD-ISyZ-Xy9YBImYXuA",
"expires_in": 1200,
"token_type":"Bearer",
"scope":"external"
}Use the token_type and access_token as the Authorization header in communications with Controlled APIs. The token can be used multiple times until it expires:
Authorization: Bearer eyJhbGciOiJSUzI1Ni...
Here are some examples of how to authenticate. The examples use three placeholders for values you need to provide:
- Replace "YourApiKeyGoesHere" with your API key
- Replace "CertificateFileName.pfx" with the path to the Búnaðarskilríki certificate file from Auðkenni.
- Replace "PasswordFromAudkenni" with the password provided by Auðkenni with your Búnaðarskilríki.
curl Example
Make sure you are using an up-to-date version of curl from the curl open source project. The version of curl that is sometimes automatically installed on Windows 10 and 11 machines omits several curl features and might cause unexpected errors when doing mTLS.
curl -X POST https://mtls-auth.landsbankinn.is/connect/token \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d 'grant_type=client_credentials&client_id=YourApiKeyGoesHere&scope=external&access_token_configuration=external_client' \
--cert-type P12 \
--cert CertificateFileName.pfx:PasswordFromAudkenniThis returns a JSON response as in the example above.
C# Example
var fileLocation = "CertificateFileName.pfx";
var password = "PasswordFromAudkenni";
var apiKey = "YourApiKeyGoesHere";
var clientCertificate = new X509Certificate2(fileLocation, password);
var client = new HttpClient(new HttpClientHandler()
{
ClientCertificateOptions = ClientCertificateOption.Manual,
SslProtocols = SslProtocols.Tls12,
ClientCertificates = { clientCertificate }
});
client.BaseAddress = new Uri("https://mtls-auth.landsbankinn.is/");
var data = new FormUrlEncodedContent(new[]
{
new KeyValuePair<string, string>("grant_type", "client_credentials"),
new KeyValuePair<string, string>("client_id", apiKey),
new KeyValuePair<string, string>("scope", "external"),
new KeyValuePair<string, string>("access_token_configuration", "external_client"),
});
var response =
await client.PostAsync("connect/token", data);The response content is JSON as in the example above.