General questions

I want to change my email address in the Rabobank developer portal, how should I do this?

To change your email, the owner of your developer organization should send an invite to your new email address.

If you are the owner of the developer organization, make sure to change ownership to your new email address.

Rabobank cipher suites policy

To facilitate a secure connection to its APIs, Rabobank supports the following cipher suites for TLS.

TLSv1.3

TLSv1.2

Rabobank will inform you when this list will be updated. You can expect this information at least three months before the protocol versions or cipher suites are set to be removed from the Production environment, unless an immediate action is required due to security risks.

To ensure smooth working, you are required to update your environment(s) that use these ciphers.

In case you encounter any problems while testing or have questions, feel free to reach out to contact us.

What certificates are accepted for PSD2 and premium APIs?

The server certificate of api.rabobank.nl is an Extended Validation (EV) certificate.

Premium APIs

Rabobank accepts:

• EV SSL certificates from the certificate issuers listed in the Mozilla CA Certificate report.
• X.509 format
• RSA: key length should be at least 2048-bit
• Certificate should be valid for a maximum of one year.

PSD2 APIs

Rabobank currently accepts a QWAC certificate issued under the European eIDAS trust scheme, this can be found here: https://ec.europa.eu/digital-single-market/en/eu-trusted-lists.

Info: This will be replaced in the future.

Can I use AIS to access my own account without a PSD2 eIDAS certificate?

You can access business accounts using our Business account Insight API.

Info: This is not currently supported for retail accounts. We are working to introduce this product in the future.

I want to start using Rabobank production APIs. What do I need to do?

Once you have completed your development on our Sandbox environment you cannot automatically start using our production APIs.

For PSD2 APIs it is possible to get an account by using the PSD2 enrollment API if you are a certified AISP, PISP or CISP. Our Account Information, Payment Initiation and Confirmation Availability of Funds API are available in production.

For using non-PSD2 APIs in production, please refer to the overview page of the API you want to use to learn more about how to request access to production.

How am I notified about the changes/updates to the APIs in my subscriptions?

You will receive an email about changes/updates with an indication of the impact and action needed.

I did not receive a verification email to activate my Sandbox account. What can I do?

You can try the following:

• Check your junk email/spam box.
• Clear your web browser cookies.
• Use incognito mode of your web browser.
• Try different web browsers, such as EDGE, Chrome, or Firefox.

If none of the above work, feel free to contact us using the contact form.

My activation link is not working, what can I do?

You can try to copy the link manually and paste it in the address bar of your browser.

The activation link is only valid for 24 hours. To request a new link, contact our support.

I am facing issues using a Rabobank API. Who can I talk to?

Our support team is always happy to guide you through our APIs. Describe your problem using our contact page and we will contact you shortly.

Can a minor give consent?

For now it is only possible for adults (18+) to give consent.

What is the difference between Sandbox and Production?

The main difference between Sandbox and Production is the data that is returned by the APIs. Sandbox mimics interactions with Rabobank using example data based on production like scenarios. In Production, the live data is returned.

I have an idea for a new API. What can I do?

If you have a great idea for a new API please let us know. Go to our contact page to request an enhancement and share your thoughts with us.