Guides and tutorials

Authenticate to Bud’s API Services with OAuth2

Create a set of API Credentials

In order to successfully authenticate to Bud’s API services, you will first need to create a set of API credentials. This can be achieved from within the Developer Console!


The developer console allows you to manage your access to Bud's API services through the creation of different Projects. On the creation of a new project, you will be provided with an api-credentials-id and api-credentials-secret. Please store your api-credentials-secret securely as you will be unable to retrieve it again from Bud.


Projects (and therefore API credentials) are specific to the relevant Bud environment in which you are enrolled. If you are enrolled in more than a single Bud environment (e.g. Bud's Sandbox environment and Bud's Production environment), then you are able to toggle between these two environments within the developer console via a drop-down menu at the top of the left-hand side navigation bar (please note that this drop-down menu is not seen when enrolled into a single Bud environment).


Projects can be created, renamed, and deleted, all from within the developer console. In addition, you are able to configure webhooks specific to a given Project. These webhooks are callback URLs, which must be configured in order to use some of Bud’s products and services such as Bud’s Open Banking Aggregation solution.

Please note that by default, all users are enrolled in Bud's Sandbox environment only. Bud's sandbox environment is a mirror or Bud's production environment, however, it only permits the use of dummy data.

Authenticate to Bud's API Services

Having acquired a set of API credentials from the developer console, the next step is to use them to obtain valid access and refresh tokens.

Authentication to Bud’s API services is made via OAuth2 protocol, whereby your API Credentials are used in exchange for a valid access_token and refresh_token. The access_token is valid for a limited amount of time (one hour!), after which it will expire and you will then have to use the refresh_token in order to obtain a new one.

Access and refresh tokens are obtained via the POST /v1/oauth/token endpoint. Specify the grant_type as client_credentials within the request body and use HTTP Basic authentication within the request header. The basic authentication header is simply a base64 encoding of your API credentials, i.e. base64({api-credentials-id}:{api-credentials-secret}).

Example curl request:

curl --basic --user : \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d grant_type=client_credentials


Successful response:

"operation_id": "oauth_token_post",
"data": {
"access_token": "dd0c17e3fd6d2ce94aa091257a3ea393b4f9b5cf3d3e998f07dc9826da86ff15",
"token_type": "bearer",
"expires_in": 3600,
"refresh_token": "fac32cca7559d9f6e8f1dfe9a99c71fa1dcfeb482bedf287d7934d2667ae54b3"


In order to obtain an access_token by using a valid refresh_token, simply make a request to the same endpoint but:

  • replace the value of the grant_type field within the request payload to refresh_token;
  • include the refresh_token within the payload under the key refresh_token;
  • remove the basic authentication from request headers; and
  • include your api-credentials-id within the request header under a key called X-Client-Id.

For more additional documentation in obtaining access and refresh tokens, please refer to the relevant section in Bud's API documentation.

Looking for more?

Get in touch with one of the team

Get started

Market coverage

All of our connections for account aggregation and payments

Get started

API Docs

Take a look at the resources available for our APIs.

API Docs