Seamless, Secure & Scalable API Integration (WSO2 4.5.0 on Windows via apictl)
This guide explains how to import and publish your Open Banking AISP & PISP APIs into WSO2 API Manager 4.5.0 using the Windows CLI tool apictl, then generate tokens and test the endpoints. This document uses the exact API contexts and versions detected in the bundles.
Prerequisites
- Windows 10/11 machine with administrator rights
- WSO2 API Manager 4.5.x running and reachable (Publisher, Dev Portal, Gateway)
- A WSO2 user with API Creator/Publisher permissions
- Your API bundles (zip files) from the “Open Banking API” package
Install apictl on Windows
- Download the
apictlzip for Windows (APIM 4.5.x). - Extract to a folder, e.g.:
C:\apictl - Add that folder to your System PATH:
System Properties → Environment Variables → "Path" → Add →C:\apictl - Open a new PowerShell or CMD and verify:
apictl version
Add Environment & Login
Replace host/ports with your APIM values if different.
apictl add env dev --apim https://localhost:9443 --token-type JWT
apictl login dev -u <username> -p <password>Import APIs (ZIP method)
Run these commands from the directory where the ZIPs are located:
apictl import api -f "admin-AISP-1.0.0 (2).zip" -e dev --update --preserve-provider=true
apictl import api -f "admin-AISP Token-1 (1).zip" -e dev --update --preserve-provider=true
apictl import api -f "admin-AISP Request Auth-1.0.0.zip" -e dev --update --preserve-provider=true
apictl import api -f "admin-AISP - Balance Inquiry-1 (2).zip" -e dev --update --preserve-provider=true
apictl import api -f "admin-User Auth-1.zip" -e dev --update --preserve-provider=true
apictl import api -f "admin-PISP-v1.zip" -e dev --update --preserve-provider=true
apictl import api -f "admin-PISP Authorize Request-v1.zip" -e dev --update --preserve-provider=true
apictl import api -f "admin-PISP Payment and Fund-v1.zip" -e dev --update --preserve-provider=trueSet Endpoints (Publisher UI)
After import, open each API in WSO2 Publisher → Endpoints and set Production/Sandbox URLs to your backend, then click Save.
Publish the APIs
Use Publisher UI → Lifecycle → Publish, or via CLI:
# AISP
apictl change status api -n AISP -v 1.0.0 -e dev -s Publish
# PISP
apictl change status api -n PISP -v v1 -e dev -s PublishAPI Contexts & Versions (from your bundles)
- AISP: context = /aisp , version = 1.0.0
- AISP Token: context = /token , version = 1
- AISP Request Auth: context = /aisp2 , version = 1.0.0
- AISP - Balance Inquiry: context = /balance , version = 1
- User Auth: context = /userauth , version = 1
- PISP: context = /pisp , version = v1
- PISP Authorize Request: context = /auth , version = v1
- PISP Payment and Fund: context = /payment , version = v1
Generate an Access Token (Dev Portal app)
In Dev Portal: create an Application → Subscribe to the APIs → Generate Keys. Or call the token endpoint directly:
curl -X POST https://localhost:8243/token ^
-H "Authorization: Basic <BASE64(client_id:client_secret)>" ^
-H "Content-Type: application/x-www-form-urlencoded" ^
-d "grant_type=client_credentials&scope=aisp pisp"Test AISP Endpoints
Create Consent:
curl -X POST https://localhost:8243/aisp/v1/access-consent ^
-H "Authorization: Bearer <ACCESS_TOKEN>" ^
-H "Content-Type: application/json" ^
-d "{\"permissions\":[\"ReadAccountsBasic\"],\"expirationDateTime\":\"2025-12-31T23:59:59Z\"}"Authorize Consent:
curl -X POST https://localhost:8243/aisp/v1/access-consent/{consentId}/authorization ^
-H "Authorization: Bearer <ACCESS_TOKEN>" ^
-H "Content-Type: application/json" ^
-d "{}"Get Consent:
curl -X GET https://localhost:8243/aisp/v1/access-consent/{consentId} ^
-H "Authorization: Bearer <ACCESS_TOKEN>"Test PISP Endpoints
Create Payment Consent:
curl -X POST https://localhost:8243/pisp/v1/access-consent ^
-H "Authorization: Bearer <ACCESS_TOKEN>" ^
-H "Content-Type: application/json" ^
-d "{\"initiation\":{\"instructionIdentification\":\"INSTR12345\",\"instructedAmount\":{\"currency\":\"EUR\",\"amount\":\"100.00\"},\"creditorAccount\":{\"schemeName\":\"IBAN\",\"identification\":\"DE89370400440532013000\",\"name\":\"John Doe\"},\"debtorAccount\":{\"schemeName\":\"IBAN\",\"identification\":\"FR7630006000011234567890189\",\"name\":\"Jane Smith\"}}}"
