Introduction

Update September 2021 :

Notices:


Proprietary Rights

The information contained in this document is proprietary and confidential to PT Bank Negara Indonesia (persero), Tbk (next to be called as BNI). This material may not be duplicated, published, or disclosed, in whole or in part, without the prior written permission of BNI.


Disclaimer

BNI makes no representations or warranties of any kind, express or implied, with respect to the contents of this document. Without limitation, BNI specifically disclaims all representations and warranties with respect to this document and any intellectual property rights subsisting therein or any part thereof, including but not limited to any and all implied warranties of title, non-infringement, or suitability for any purpose (whether or not BNI has been advised, has reason to know, or is otherwise in fact aware of any information) or achievement of any particular result. Without limitation, BNI specifically disclaims all representations and warranties that any practice or implementation of this document will not infringe any third party patents, copyrights, trade secrets or other rights.


client_secret dan client_id are used for authentication using OAuth 2.0. You can generate client_id and client_secret after sign in and create application.
GET Token
Hostname
  • Production: https://api.bni.co.id
  • Non Production: https://apidev.bni.co.id
Port
  • Sandbox: 8067
  • Development: 8066
  • Testing: 8065
HTTP Method POST
Path /api/oauth/token
HTTP Headers
Name Format Mandatory Description
Authorization Basic BASE64(OAuth client_id:OAuth client_secret) Yes
Content-Type application/x-www-form-urlencoded Yes
Query string parameters None
Format x-www-form-urlencoded
Authentication None
Request Definition
Field Data Type Mandatory Description
grant_type String Yes Value = client_credentials
Request Authorization
Name Value Mandatory Description
Type Basic Yes
Username To be confirm Yes Client id application dev_testingapps
password To be confirm Yes Client secret application dev_testingapps
Request Body grant_type=client_credentials
Success response code HTTP 200
Error response code http 401 Unauthorize
Response (error)

Request Header

Content-Type:application/x-www-form-urlencoded
Authorization:Basic
YWI0ZTllODctM2IyYy00ZWQwLTg3YmYtZjgwN2FlOWIxN2UxOmZmOTE1MzQ5LWNiYzYtNGI5ZS1hY2
ZkLWM3MjdkZjk2MGRlZA==

Response (Success)

{
"access_token": "x3LyfeWKbeaARhd2PfU4F4OeNi43CrDFdi6XnzScKIuk5VmvFiq0B2",
"token_type": "Bearer",
"expires_in": 3599,
"scope": "resource.WRITE resource.READ"
}