# Quick Start
source: https://developer.mastercard.com/open-finance-europe/documentation/unlicensed/aiia-data/quickstart/index.md

This guide details how to connect the first user to your service from our platform.

Details include:

1. How to obtain your `Client ID` and `Client Secret` to gain access to our platform
2. How to connect the first user and retrieve account and transaction information

Refer to [Postman collection](https://developer.mastercard.com/open-finance-europe/documentation/unlicensed/aiia-data/testing/postman/index.md) together with this guide to get started faster.

#### Get your credentials {#get-your-credentials}

1. Open a browser and go to our [Developer Portal](https://devportal.openbanking.mastercard.com).
2. Click on the **Sign up (or login)** button.
3. Log in to your account. If you do not have an account, click **Sign up** and create one for free.
4. Click on [Apps](https://devportal.openbanking.mastercard.com/#/apps) and then the **Create new app** button.
5. Take note of your `Client ID` and `Client Secret`.

Note: These credentials only provide access to the sandbox environment and therefore only expose *Test banks* . When you are ready to go live, go to the [Production access](https://developer.mastercard.com/open-finance-europe/documentation/unlicensed/aiia-data/production/accessing-prod-data/index.md) section to learn how to get access to production data.

For step by step guides, refer to tutorials and guides

#### Onboard your first Account {#onboard-your-first-account}

##### Step 1 {#step-1}

Find your `Client ID` and `Client Secret`. These are located within your app(s), located in our [Apps page](https://devportal.openbanking.mastercard.com/apps).

Now it is time to connect your first user. In this example, the user is asked to share accounts and transaction data with you, as indicated by the requested [Scope](https://developer.mastercard.com/open-finance-europe/documentation/unlicensed/aiia-data/connect/scopes/index.md).

```shell
curl -D- -G \
  https://api-sandbox.aiia.eu/v1/oauth/connect \
  -d client_id=<CLIENT_ID> \
  -d redirect_uri=<REDIRECT_URL> \
  -d scope="accounts%20offline_access" \
  -d response_type=code 
```

The `redirect_uri` is where the user is redirected after finishing the log-in flow. This needs to match one of the redirects you specified when you created your application on the [Developer Portal](https://devportal.openbanking.mastercard.com/). For more details on how to onboard users and the functionality you can request, refer to [Connect Flow](https://developer.mastercard.com/open-finance-europe/documentation/unlicensed/aiia-data/connect/connect-flow/index.md) and [Scopes](https://developer.mastercard.com/open-finance-europe/documentation/unlicensed/aiia-data/connect/scopes/index.md).
Note: Connect Flow is very similar to OAuth flow, which you might be familiar with. To access your end users' transaction data, we need to get their consent. We also need an additional consent to pass that data on to you.

The response will be a `302 (Found or Moved Temporarily)` that you need to follow in order to redirect the user. Look in the location header to figure out where you should redirect the user to.

```HTTP
Location=https://api.aiia.eu/v1/oauth/connect?client_id=%3Cstring%3E&redirect_uri=%3Cstring%3E&response_type=%3Cstring%3E
```

##### Step 2 - Register users {#step-2---register-users}

After navigating the user to the connect URL, the user signs up with our service and connects their accounts. This consists of the following steps:

1. Enter your email address.
2. Enter the verification code from the email received.
3. Accept consent if presented.
4. Log in to `Test bank with data #1 DKK`. It accepts any username and any numeric password.
5. Choose one or more accounts.
6. Accept consent to pass data on to your app.

![Login flow](https://static.developer.mastercard.com/content/open-finance-europe/uploads/authentication-intro.png)

After completing the flow, the user will be redirected back to the provided `redirect_uri` with a `code` that you will use in the next step.

Here is an example of what a `redirect_uri` looks like:

    https://httpbin.org/anything?code=ygAAAAVDaXBoZXJ0ZXh0AJAAAAAAoy734oFjfPFDa9TmOtOAYwcTMKcWZ2782qTQEnjFtW1FsEjone0S6UrXUnD87WrEvidMfCleZgm6K3ysf0eG9hwjylyqUzehya7SIssvR9QwUjtXHCSDPUQV8mYbubbIUGOacfSjqe%2Fnkeop4N37k786234wDrBwW1zJeFZb4af6Ljk7wuzmIR5DzYlutM66vsqCMmNBUl2ABAAAAAAuhPflJ4fuLP45FJmAp4FkBBLZXlJ7923AAAAAAAA%3D%3D

Take note of the `code`, as It is used in the next step to get session and login tokens.
Note: An array of [test banks](https://developer.mastercard.com/open-finance-europe/documentation/unlicensed/aiia-data/testing/test-providers/index.md) are available to test different configurations.

#### Step 3 -- Exchange the code for tokens {#step-3--exchange-the-code-for-tokens}

Use the `code` from Step 2 to get an access token for the user.
Note: The `code` may be URL encoded if you received it in your browser. You must remember to decode it if you are walking through this guide step by step.

Remember to use the `redirect_uri` that you added when you created the app:

```shell
curl -D- -X POST https://api-sandbox.aiia.eu/v1/oauth/token \
  -u <CLIENT_ID>:<CLIENT_SECRET> \
  -H 'Content-Type: application/json' \
  -d '{
        "grant_type" : "authorization_code",
        "code": "<CODE>",
        "redirect_uri" : "<REDIRECT_URL>"
      }'
```

Note: A `code` can only be used once and expires after one minute.

The response contains two tokens: `access_token` and `refresh_token`. This is an example of a successful response:

```json
{
  "access_token": "eyJhbGciOiJIUzI1Ni978juanR5cCI6IkpXVCJ9.eyJ1c2VySWQiOiJmYTE4OTI3MS1mOTY1LTRmNWMtOTlmOS1lNDViNzNiYzI4MzkiLCJjbGllbnRJZCI6InZpaWEtZnBwIiwicm9sZSI6IkNsaWVudFVzZXIiLCJzZ67623aW9uSWQiOiJlZmE1NWU0ZS0xZTUxLTQ1YWMtYWEyYy01OThhNjFjMTZlOTYiLCJuYmYiOjE1Njc0MTQxNzMsImV4cCI6MTU2NzQxNzc3MywiaWF0IjoxNTY3NDE0MTczfQ.7QD6zGcdonYy79384buXOqsykWrbWa3L6LW4d9uzb-zA",
  "expires_in": 3600,
  "redirect_uri": "https://httpbin.org/anything",
  "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI687234pXVCJ9.eyJ1c2VySWQiOiJmYTE4OTI3MS1mOTY1LTRmNWMtOTlmOS1lNDViNzNiYzI4MzkiLCJjbGllbnRJZCI6InZpaWEtZnBwIiwiY29uc2VudElkIjoiYTYyODExYWYtNzUxMS00ZWQ0LoyiauasiYTEtMjAwNzc2NGQ1MTIwIiwic2Vzc2lvbklkIjoiZWZhNTVlNGUtMWU1MS00NWFjLWFhMmMtNTk4YTYxYzE2ZTk2Iiwicm9sZSI6IlJlZnJlc2hUb2tlbiIsIm5iZiI6MTU2NzQxNDE3MywiZXhwIjoxNTY4NjIzNzczLCJpYXQiOjE1Njc0MTQxNzN9.5-x0NNg5lMxPnZRYtu983764q0sbPcSb7U9b23e3Zwx0Ss9I",
  "token_type": "bearer"
}
```

Take note of the `access_token`. you will be using it in the next step to get a list of all the accounts that the end user has given you access to.

#### Step 4 -- Access accounts {#step-4-access-accounts}

The user's account data can be accessed using the `accessToken`.

Here is an example of how to fetch the user's accounts:

```shell
curl -D- -X GET https://api-sandbox.aiia.eu/v1/accounts \
  -H 'Authorization: Bearer <ACCESS_TOKEN>' 
```

This endpoint produces a response that contains an overview of the user's accounts.

```json
{
  "accounts": [
    {
        "accountProvider": {
            "id": "TestDataBank1",
            "name": "Test bank with data #1 DKK"
        },
        "available": null,
        "availableBalance": null,
        "booked": {
            "currency": "DKK",
            "value": 6439.15
        },
        "bookedBalance": 6439.15,
        "currency": "DKK",
        "id": "ZmExODkyNzEtZjk2NS00ZjVjLTk5ZjktZTQ1YjczYmMyODM5fFRlc3REYXRhQmFuazF6823DZ0NFBrOXVORGdpejdKQ0tjSzN2aXM5ZFIzd0gzLWhSNWJhY21nSEZCdy4x",
        "lastSynchronized": "2019-09-02T08:52:16.5816944Z",
        "nagApiAccountId": "T6t4Pk9uNDgiz7JCKcK3vis9dR3wH3-hR5bacmgHFBw.1",
        "name": "Direct Debit",
        "number": {
            "bban": "0001-245787654",
            "bbanParsed": {
                "accountNumber": "245787654",
                "bankCode": "0001"
            },
            "bbanType": "0001-245787654",
            "card": null,
            "iban": null
        },
        "owner": "Christian Thomsen",
        "type": "Consumption"
    },
    ...
}
```

Now that you have account access, you can either proceed to access transactions from those accounts or to make payments. Take note of the `id` of one of the accounts, as you will need it when proceeding.

Read on to learn about accessing transactions or jump straight to our [documentation on payments](https://developer.mastercard.com/open-finance-europe/documentation/unlicensed/aiia-pay/index.md).

#### Step 5 - Access transactions {#step-5---access-transactions}

By using the `id` of an account from Step 4 and the `access_token` from Step 3, we can start pulling out user transactions.

```shell
curl -D- -X GET https://api-sandbox.aiia.eu/v1/accounts/{accountId}/transactions \
  -H 'Authorization: Bearer <ACCESS_TOKEN>' 
```

This will produce a response with a list of transactions (default: 50 transactions) that looks like this:

```json
{
    "pagingToken": "...",
    "transactions": [
        {
            "accountId": "ZmExODkyNzEtZjk2NS00ZjVjLTk5Z6782tZTQ1YjczYmMyODM5fFRlc3REYXRhQmFuazF8bkx5dXRxZlYwdnkwaElSSW9wNnRDakVHenllUFMyem43UVl2LUpWT3YwUS4w",
            "amount": -291.0,
            "balance": {
                "currency": "DKK",
                "value": -3954.0
            },
            "creationDate": "0001-01-01T00:00:00",
            "currency": "DKK",  
            "date": "2019-09-02",
            "detail": { // You need to contact sales to get this info, otherwise it is just null
                "currencyConversion": null,
                "destination": {
                    "account": null,
                    "address": null,
                    "merchantCategoryCode": null,
                    "merchantCategoryName": null,
                    "name": "DSB Kastrup AUT    23228"
                },
                "executionDate": null,
                "identifiers": {
                    "creditorReference": null,
                    "document": null,
                    "endToEndId": null,
                    "reference": "0130Y9C6LY212",
                    "sequenceNumber": null,
                    "terminal": null
                },
                "message": null,
                "reward": null,
                "source": {
                    "account": {
                        "bban": null,
                        "bbanParsed": null,
                        "bbanType": null,
                        "card": {
                            "cardHolder": "Henrik Madsen",
                            "expireMonth": null,
                            "expireYear": null,
                            "maskedPan": "0524 XXXX XXXX 3413"
                        },
                        "iban": null
                    },
                    "address": null,
                    "merchantCategoryCode": null,
                    "merchantCategoryName": null,
                    "name": null
                },
                "valueDate": null
            },
            "id": "8f6b6b78-6e97-73ba-a6de-4a732fcff09bd",
            "nagApiTransactionId": null,
            "originalText": "DSB Kastrup AUT    23228",
            "state": "Booked",
            "text": "DSB Kastrup AUT",
            "transactionAmount": {
                "currency": "DKK",
                "value": -291.0
            },
            "type": "Card"
        },
        ...,
    ]
}
```

### What next? {#what-next}

Once you have connected an account, you can explore the functionality our API offers:

* [Access account information](https://developer.mastercard.com/open-finance-europe/documentation/unlicensed/aiia-data/account-information/index.md) -- See more details on how to use accounts and transactions.
* [Event notifications](https://developer.mastercard.com/open-finance-europe/documentation/unlicensed/aiia-data/event-notifications/index.md) -- Explore how you can start receiving notifications. They provide a real-time experience by notifying you of any changes. They can be used for accounts, transactions and payments.
* [API Reference](https://developer.mastercard.com/open-finance-europe/documentation/unlicensed/aiia-data/api-references/index.md) -- Explore our API reference to see all the amazing things our API exposes.
* You can refer to our [Postman](https://developer.mastercard.com/open-finance-europe/documentation/unlicensed/aiia-data/testing/postman/index.md) where you can run the API collection.
* [Sample projects](https://developer.mastercard.com/open-finance-europe/documentation/unlicensed/aiia-data/sample-project/index.md) -- You can find several sample applications here to view the endless capabilities of our service.