BankProxy is a service, which helps with the interaction with the interfaces of banks. It supports the retrieval of transactions and initiation of payments. The interface is based on the NextGenPSD2 standard of the Berlin Group for maximum interoperability.

The service is meant to be deployed beside other services which need access to bank accounts. It provides a unified interface and provides an additional layer of security for handling sensitive login credentials.

BankProxy can call standardized REST API endpoints, parses the HTTP responses of the online banking interface or controls a whole browser instance, to interact with the bank. Which behavior will be used, depends on the selected connector, which must be configured for every account.

Detailed information about BankProxy can be found at https://bankproxy.github.io.

Docker is the recommended way to use BankProxy.

docker run -p 3000:3000 ghcr.io/bankproxy/bankproxy

To run BankProxy a working Node.js installation (at least v15.0) with npm is required. To be able to use all supported banks all dependencies of the Chromium browser must be installed. The easiest way to accomplish that is to just install Chromium via the system package manager.

When all dependencies are met BankProxy can be started with the following commands:

git clone https://github.com/bankproxy/bankproxy
cd bankproxy
npm install --production
npm start

To run BankProxy in production a few environment variables must be set:

• PORT: Port to bind the service to, e.g. 3000
• DATABASE_URL: URL to the Database server, e.g. postgres://user:pass@host/database
• SECRET_KEY: Key for encryption, e.g. 2c31ff7560eddb214c85853b952af7ee
• REDIS_URL: URL to the Redis server, e.g. redis://host
• BASE_URL: Public base URL of the service, e.g. https://bankproxy.example.com
• ADMIN_AUTHORIZE_URL: URL to redirect for authorization in the admin interface,
• ADMIN_JWT_ALGORITHM: Algorithm used to sign the admin access JWT
• ADMIN_JWT_SECRET: Secret used to sign the admin access JWT
• ADMIN_JWT_AUDIENCE: Expected aud in the admin access JWT

As an alternative to passing sensitive information via environment variables, _FILE may be appended to the previously listed environment variables, causing BankProxy to load the values for those variables from files instead.

Please check out the documentation for more details about the configuration.

All the code in this repository is released under the GNU Affero General Public License v3.0, for more information take a look at the [LICENSE] file.

Please write a mail to [email protected] if you need support for additional banks or have different license requirements (e.g. commercial license).