Frequently Asked Questions
  • 1) Select Manage -> Applications.




  • 2) Click the "Add Application" button on the top right.



  • 3) Provide an application name and a short description, and press "Next"



  • 4) On Custom Fields phase, select a platform from dropdown menu and press "Next"



  • 5) On API Management phase, add the APIs and press "Next". For each API, you need to accept the Terms & Conditions



  • 6) On Authentication phase, provide a callback url for token redirection. Callback url should be secure (https) and globally accessible. Scope should be "OOB" and Type field should be "Confidential"



  • 7) On saving the request, a Client ID and Client Secret will be generated and shown.



  • 8) Press Done to finalize the application creation process. The application will be in Pending Approval state and will be processed shortly. You will receive an informative mail about the approval action.


The APIs are protected by API Authentication using OAuth 2.0. In order to create an access token send a request with the following parameters:

grant_type: The Garanti BBVA API Store expects client_credentials grant type
client_id: This is the "Client ID" that is created in the Authentication step of application creation in Portal.
client_secret: This is the "Client Secret" that is created in the Authentication step of application creation in Portal
redirect_uri: The URL that the access token will be redirected. This field must be same as Callback URL on the Portal.

Sample access token request:
curl -X POST -H "Content-Type: application/x-www-form-urlencoded" -d "grant_type=client_credentials&client_id=l7edc5187a3ac348c091b9d042xxxxxxxx&client_secret=fc9d4c464f86432fbef45744xxxxxxxx&redirect_uri=https://companydomain.com/tokenendpoint" https://apis.garantibbva.com.tr/auth/oauth/v2/token

Example SoapUI Request:




Authorization Flow: