XS2A Sandbox

  • live

The XS2A Sandbox is an environment that fully meets the PSD2 requirements for providing APIs for Third-Party Providers (TPP). Based on the Berlin Group’s NextGen PSD2 specification for access to accounts (XS2A), you meet the regulatory requirements without having to connect your systems.

The XS2A Sandbox is a dynamic sandbox environment: you can create users, payments as well as consents, and play with data for testing purposes. With the dynamic sandbox TPP UI, you can access banking APIs directly, get TPP certificates and manage testing accounts.

The developer portal contains testing instructions and all of the necessary documentation. All PSD2 services can be installed and run with one simple command. Two main SCA approaches are supported: REDIRECT and EMBEDDED. For the Redirect Approach, we created an online banking demo UI.

You can test the flow of this solution with our prototype.

Icon / Plug & PlayCreated with Sketch.

Plug and
Play

Ready-to-use solution that can be installed very easily

Icon / DeveloperCreated with Sketch.

Detailed
Documentation

Well described documentation for the developer portal

Icon / TestedCreated with Sketch.

Reliable Test
Options

TPP-Test certificate generation tool and NISP Tests supported

Icon / CustomizedCreated with Sketch.

Customizable
User Interface

TPP-UI for users and accout management for banks

ArtboardCreated with Sketch.

Customer
focused

Client-oriented approch, flexible solution for customer needs and customer support

Icon / PrototypCreated with Sketch.

Realistic
Simulation

Real bank system emulations with embedded XS2A API

Wide range of
services

Accountig Service, Security Service, and Payment Service

Open
Source

Open source available on GitHub, constantly updated product

Use Case

Plug and Play

Out-of-the-box solution, that can be installed with one click and run with one command. The XS2A Sandbox contains all modules a bank needs to be PSD2 and NISP compliant: XS2A Interface, real bank emulation (Ledgers), TPP-UI for managing accounts and users, Online banking UI for testing, Test Trust Certificate Provider, and developer portal with detailed manuals to get started and work with the XS2A Sandbox.

Artboard CopyCreated with Sketch.PSUTPP TesterTPP FrontendOnline BankingDeveloper PortalTPP User InterfaceTest TrustService ProviderXS2A SandboxLedgersNISP Compliant Test DataXS2A API

Ready to start?

For more information, see the
entire open source project on GitHub.

See GitHub

Complete Feature List

Element 24Logo_XS2A SandboxCreated with Sketch.Group 3Created with Sketch.
Payments Service
Consents Service (All Types)
Account Information Service
Payment Instrument Issuer Service
Service for Issuing eIDAS Test Certificates
Developer Portal
Architecture Documentation
Real Bank Emulation and Dynamic Data
Registration of Third Party Providers
Account and User Management
Multilevel SCA
Redirect SCA Approach
Embedded SCA Approach
Decoupled SCA approach
Multiple Testing Flows for
Successful and Unsuccessful Scenarios
Upload of NISP Test Data
Storing PIIS consets in CMS
Storing events and technical logs
Databases suport (h2, postgres, oracle, mariadb)

Product History

  • Project Kick-Off with two Team Members

  • PreDemo of MVP 1.0

    • Embedded Approach: PIS, AIS, PIIS
  • Demo of MVP 1.0

    • Embedded and Redirect Approach
  • Release of XS2A Sandbox ver 1.0

    • Support of Redirect and Embedded Approach: TPP-UI, Online Banking
  • Release ver 1.1

    • Multilevel SCA, Multicurrency accounts

Any questions?Ask our experts

René Pongratz

Software Architect &
Expert for API Management

Stefan Hamm

Managing Director