enable-banking-quick-start

Compare original and translation side by side

🇺🇸

Original

English

🇨🇳

Translation

Chinese

Enable Banking Quick Start

Enable Banking 快速入门

Overview

概述

Use this skill when a developer needs the shortest path from no Enable Banking setup to a working sandbox AIS or PIS request flow. For deeper behavior, use

enable-banking-api

enable-banking-control-panel

enable-banking-sandbox

, or

enable-banking-faq-best-practices

当开发者需要从无到有快速搭建可运行的Enable Banking沙箱AIS或PIS请求流程时，可使用本技能。如需了解更深入的功能细节，请使用

enable-banking-api

、

enable-banking-control-panel

、

enable-banking-sandbox

或

enable-banking-faq-best-practices

技能。

Workflow

工作流程

Create or access an Enable Banking Control Panel account.
Register a sandbox application with browser-generated key unless the user already has an external key pair.
Use the downloaded private key and application UUID as JWT
```
kid
```
.
Generate a short-lived RS256 JWT and send it as
```
Authorization: Bearer <jwt>
```
.
For AIS:
- ```
GET /aspsps?country=FI
```
- ```
POST /auth
```
- redirect user to returned
```
url
```
- exchange callback
```
code
```
  with
```
POST /sessions
```
- fetch balances and transactions for an account
```
uid
```
For PIS:
- ```
POST /payments
```
- redirect user to returned
```
url
```
- fetch
```
GET /payments/{payment_id}
```
  until useful/final status
Read references/quick-start.md for runnable flow details and sample payloads.

创建或登录Enable Banking控制面板账户。
注册沙箱应用，除非用户已有外部密钥对，否则使用浏览器生成的密钥。
将下载的私钥和应用UUID作为JWT的
```
kid
```
参数。
生成短有效期的RS256 JWT，并以
```
Authorization: Bearer <jwt>
```
的形式发送请求。
针对AIS流程：
- 调用
```
GET /aspsps?country=FI
```
  接口
- 调用
```
POST /auth
```
  接口
- 将用户重定向至返回的
```
url
```
- 使用回调
```
code
```
  调用
```
POST /sessions
```
  接口交换会话
- 根据账户
```
uid
```
  获取余额和交易记录
针对PIS流程：
- 调用
```
POST /payments
```
  接口
- 将用户重定向至返回的
```
url
```
- 循环调用
```
GET /payments/{payment_id}
```
  接口，直到获取有效/最终状态
查看references/quick-start.md获取可运行流程的详细说明及示例请求体。

Core Rules

核心规则

Start in
```
SANDBOX
```
unless explicitly building production onboarding.
Keep the private key server-side and out of the repo.
Use
```
https://api.enablebanking.com
```
for API calls.

JWT

iss

enablebanking.com

; JWT

aud

api.enablebanking.com

JWT max TTL is 86400 seconds; quick-start examples should use around 3600 seconds.
Verify callback
```
state
```
before exchanging an AIS
```
code
```
or trusting a payment return.
Account
```
uid
```
values returned in
```
POST /sessions
```
are session-scoped and used for account data endpoints.
For a more robust local JWT helper, use the sibling
```
enable-banking-api
```
skill's
```
scripts/create-jwt.mjs
```
.

除非明确进行生产环境接入，否则默认使用
```
SANDBOX
```
环境。
私钥需存储在服务端，禁止提交至代码仓库。
API调用使用
```
https://api.enablebanking.com
```
地址。

JWT的

iss

字段为

enablebanking.com

；

aud

字段为

api.enablebanking.com

。

JWT最长有效期为86400秒；快速入门示例建议使用约3600秒的有效期。
在交换AIS的
```
code
```
或信任支付返回结果前，需验证回调的
```
state
```
参数。
```
POST /sessions
```
接口返回的账户
```
uid
```
值仅在当前会话范围内有效，用于账户数据相关接口调用。
如需更健壮的本地JWT辅助工具，可使用关联技能
```
enable-banking-api
```
中的
```
scripts/create-jwt.mjs
```
脚本。

Project Placement

项目架构建议

When turning quick-start code into production application code:

Put the Enable Banking HTTP client and flow orchestration in backend services.
Put secret env access in backend-only configuration.
Keep direct database persistence behind repositories or data-access modules.
Keep routes thin and use them only to start/complete flows.
Never call Enable Banking directly from browser code.

将快速入门代码转换为生产环境应用代码时：

将Enable Banking HTTP客户端及流程编排逻辑放置在后端服务中。
敏感环境变量的访问需配置在后端专属配置中。
数据库持久化操作需通过仓储层或数据访问模块实现。
路由层应保持精简，仅用于启动/完成流程。
禁止在浏览器代码中直接调用Enable Banking接口。