Sample code for 30+ languages & platforms
C#

ING Open Banking OAuth2 Client Credentials

See more OAuth2 Examples

Demonstrates how to get an access token for the ING Open Banking APIs using client credentials.

Chilkat C# Downloads

C#
bool success = false;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

Chilkat.Cert cert = new Chilkat.Cert();
success = cert.LoadFromFile("qa_data/certs_and_keys/ING/example_client_tls.cer");
if (success == false) {
    Debug.WriteLine(cert.LastErrorText);
    return;
}

Chilkat.BinData bdPrivKey = new Chilkat.BinData();
success = bdPrivKey.LoadFile("qa_data/certs_and_keys/ING/example_client_tls.key");
if (success == false) {
    Debug.WriteLine("Failed to load example_client_tls.key");
    return;
}

// The OAuth 2.0 client_id for these certificates is e77d776b-90af-4684-bebc-521e5b2614dd. 
// Please note down this client_id since you will need it in the next steps to call the API.

Chilkat.PrivateKey privKey = new Chilkat.PrivateKey();
success = privKey.LoadAnyFormat(bdPrivKey,"");
if (success == false) {
    Debug.WriteLine(privKey.LastErrorText);
    return;
}

// Associate the private key with the certificate.
success = cert.SetPrivateKey(privKey);
if (success == false) {
    Debug.WriteLine(cert.LastErrorText);
    return;
}

Chilkat.Http http = new Chilkat.Http();

success = http.SetSslClientCert(cert);
if (success == false) {
    Debug.WriteLine(http.LastErrorText);
    return;
}

// Calculate the Digest and add the "Digest" header.  Do the equivalent of this:
// payload="grant_type=client_credentials"
// payloadDigest=`echo -n "$payload" | openssl dgst -binary -sha256 | openssl base64`
// digest=SHA-256=$payloadDigest
Chilkat.Crypt2 crypt = new Chilkat.Crypt2();
crypt.HashAlgorithm = "SHA256";
crypt.EncodingMode = "base64";
string payload = "grant_type=client_credentials";
string payloadDigest = crypt.HashStringENC(payload);

// Calculate the current date/time and add the Date header.  
// reqDate=$(LC_TIME=en_US.UTF-8 date -u "+%a, %d %b %Y %H:%M:%S GMT")  
Chilkat.CkDateTime dt = new Chilkat.CkDateTime();
dt.SetFromCurrentSystemTime();
// The desire date/time format is the "RFC822" format.
http.SetRequestHeader("Date",dt.GetAsRfc822(false));

// Calculate signature for signing your request
// Duplicate the following code:

// 	httpMethod="post"
// 	reqPath="/oauth2/token"
// 	signingString="(request-target): $httpMethod $reqPath
// 	date: $reqDate
// 	digest: $digest"
// 	signature=`printf "$signingString" | openssl dgst -sha256 -sign "${certPath}example_client_signing.key" -passin "pass:changeit" | openssl base64 -A`

string httpMethod = "POST";
string reqPath = "/oauth2/token";

Chilkat.StringBuilder sbStringToSign = new Chilkat.StringBuilder();
sbStringToSign.Append("(request-target): ");
sbStringToSign.Append(httpMethod);
sbStringToSign.ToLowercase();
sbStringToSign.Append(" ");
sbStringToSign.AppendLine(reqPath,false);

sbStringToSign.Append("date: ");
sbStringToSign.AppendLine(dt.GetAsRfc822(false),false);

sbStringToSign.Append("digest: SHA-256=");
sbStringToSign.Append(payloadDigest);

Chilkat.PrivateKey signingPrivKey = new Chilkat.PrivateKey();
success = signingPrivKey.LoadPemFile("qa_data/certs_and_keys/ING/example_client_signing.key");
if (success == false) {
    Debug.WriteLine(signingPrivKey.LastErrorText);
    return;
}

Chilkat.Rsa rsa = new Chilkat.Rsa();
success = rsa.UsePrivateKey(signingPrivKey);
if (success == false) {
    Debug.WriteLine(rsa.LastErrorText);
    return;
}

rsa.EncodingMode = "base64";
string b64Signature = rsa.SignStringENC(sbStringToSign.GetAsString(),"SHA256");

Chilkat.StringBuilder sbAuthHdrVal = new Chilkat.StringBuilder();
sbAuthHdrVal.Append("Signature keyId=\"e77d776b-90af-4684-bebc-521e5b2614dd\",");
sbAuthHdrVal.Append("algorithm=\"rsa-sha256\",");
sbAuthHdrVal.Append("headers=\"(request-target) date digest\",");
sbAuthHdrVal.Append("signature=\"");
sbAuthHdrVal.Append(b64Signature);
sbAuthHdrVal.Append("\"");

Chilkat.StringBuilder sbDigestHdrVal = new Chilkat.StringBuilder();
sbDigestHdrVal.Append("SHA-256=");
sbDigestHdrVal.Append(payloadDigest);

// Do the following CURL statement:

// 	curl -i -X POST "${httpHost}${reqPath}" \
// 	-H 'Accept: application/json' \
// 	-H 'Content-Type: application/x-www-form-urlencoded' \
// 	-H "Digest: ${digest}" \
// 	-H "Date: ${reqDate}" \
// 	-H "authorization: Signature keyId=\"$keyId\",algorithm=\"rsa-sha256\",headers=\"(request-target) date digest\",signature=\"$signature\"" \
// 	-d "${payload}" \
// 	--cert "${certPath}tlsCert.crt" \
// 	--key "${certPath}tlsCert.key"

Chilkat.HttpRequest req = new Chilkat.HttpRequest();
req.AddParam("grant_type","client_credentials");
req.AddHeader("Accept","application/json");
req.AddHeader("Date",dt.GetAsRfc822(false));
req.AddHeader("Digest",sbDigestHdrVal.GetAsString());
req.AddHeader("Authorization",sbAuthHdrVal.GetAsString());

req.HttpVerb = "POST";
req.ContentType = "application/x-www-form-urlencoded";

Chilkat.HttpResponse resp = new Chilkat.HttpResponse();
success = http.HttpReq("https://api.sandbox.ing.com/oauth2/token",req,resp);
if (success == false) {
    Debug.WriteLine(http.LastErrorText);
    return;
}

// If successful, the status code = 200
Debug.WriteLine("Response Status Code: " + Convert.ToString(resp.StatusCode));
Debug.WriteLine(resp.BodyStr);

Chilkat.JsonObject json = new Chilkat.JsonObject();
json.Load(resp.BodyStr);

json.EmitCompact = false;
Debug.WriteLine(json.Emit());

// A successful response contains an access token such as:
// {
//   "access_token": "eyJhbGc ... bxI_SoPOBH9xmoM",
//   "expires_in": 905,
//   "scope": "payment-requests:view payment-requests:create payment-requests:close greetings:view virtual-ledger-accounts:fund-reservation:create virtual-ledger-accounts:fund-reservation:delete virtual-ledger-accounts:balance:view",
//   "token_type": "Bearer",
//   "keys": [
//     {
//       "kty": "RSA",
//       "n": "3l3rdz4...04VPkdV",
//       "e": "AQAB",
//       "use": "sig",
//       "alg": "RS256",
//       "x5t": "3c396700fc8cd709cf9cb5452a22bcde76985851"
//     }
//   ],
//   "client_id": "e77d776b-90af-4684-bebc-521e5b2614dd"
// }

// Use this online tool to generate parsing code from sample JSON: 
// Generate Parsing Code from JSON

string kty;
string n;
string e;
string use;
string alg;
string x5t;

string access_token = json.StringOf("access_token");
int expires_in = json.IntOf("expires_in");
string scope = json.StringOf("scope");
string token_type = json.StringOf("token_type");
string client_id = json.StringOf("client_id");
int i = 0;
int count_i = json.SizeOfArray("keys");
while (i < count_i) {
    json.I = i;
    kty = json.StringOf("keys[i].kty");
    n = json.StringOf("keys[i].n");
    e = json.StringOf("keys[i].e");
    use = json.StringOf("keys[i].use");
    alg = json.StringOf("keys[i].alg");
    x5t = json.StringOf("keys[i].x5t");
    i = i + 1;
}

// This example will save the JSON containing the access key to a file so that
// a subsequent example can load it and then use the access key for a request, such as to create a payment request.
json.WriteFile("qa_data/tokens/ing_access_token.json");