Back to Blog
Guideopen-financecbuaecompliance

Getting Started with CBUAE Open Finance APIs

How to validate consents, check payments, and look up financial institutions using KhaleejiAPI's CBUAE Open Finance endpoints.

KhaleejiAPI TeamFebruary 25, 20267 min read

What is CBUAE Open Finance?

The Central Bank of the UAE (CBUAE) issued Circular No. 03/2025, mandating an Open Finance framework for all Licensed Financial Institutions (LFIs) in the UAE. Starting September 2025, banks and insurance companies must support standardized APIs for data sharing, payments, and consent management.

KhaleejiAPI provides 4 compliance-focused APIs to help you build applications aligned with this regulation.

1. Look Up Financial Institutions

The Participants API lists all 18 UAE LFIs enrolled in the Open Finance framework:

const res = await fetch('https://khaleejiapi.dev/api/v1/openfinance/participants?type=bank&phase=1', {
  headers: { 'X-API-Key': 'YOUR_KEY' }
});
const data = await res.json();
// Returns FAB, Emirates NBD, ADCB, DIB, Mashreq, ADIB, CBD, RAKBANK

Filter by type (bank, insurance, psp, exchange_house, finance_company), phase (1, 2, 3), or status (active, pending).

2. Validate Consent Objects

Before accessing customer data, your application must obtain valid consent per CBUAE Article 22. Our Consent Validator checks 15+ rules:

const res = await fetch('https://khaleejiapi.dev/api/v1/openfinance/consent/validate', {
  method: 'POST',
  headers: { 'X-API-Key': 'YOUR_KEY', 'Content-Type': 'application/json' },
  body: JSON.stringify({
    purpose: 'Account balance inquiry for personal finance management',
    consentMethod: 'explicit',
    dataTypes: ['account_balance', 'transaction_history'],
    duration: 6,
    withdrawalMethod: 'in-app',
    dataStorageLocation: 'AE'
  })
});
const result = await res.json();
// { compliant: true, issues: [], score: 100 }

Key rules checked: purpose specificity, time bounds (max 12 months), sensitive data exclusion, UAE data residency, and withdrawal method.

3. Validate Payment Initiations

Before initiating a payment through the Open Finance framework, validate the request against ISO 20022 and CBUAE standards:

const res = await fetch('https://khaleejiapi.dev/api/v1/openfinance/payment/validate', {
  method: 'POST',
  headers: { 'X-API-Key': 'YOUR_KEY', 'Content-Type': 'application/json' },
  body: JSON.stringify({
    payerIBAN: 'AE070331234567890123456',
    payeeIBAN: 'AE460261234567890123456',
    amount: 1500.00,
    currency: 'AED',
    paymentType: 'instant'
  })
});
const result = await res.json();
// Validates IBANs (MOD 97), identifies banks, classifies payment scheme

The API detects the payment scheme (Aani instant payments, UAEFTS for domestic, SWIFT for international) and validates all fields.

4. Browse Standards & Deadlines

Stay on top of compliance deadlines with the Standards Reference API:

const res = await fetch('https://khaleejiapi.dev/api/v1/openfinance/standards?section=compliance', {
  headers: { 'X-API-Key': 'YOUR_KEY' }
});
// Returns phase deadlines, products in scope, and regulation articles

Phase Timeline

  • Phase 1 (Sep 2025): Banks and insurance companies
  • Phase 2 (2026): Payment service providers and exchange houses
  • Phase 3 (2027): Finance companies and stored value facilities

Get Started

All Open Finance APIs are included in the free tier. Sign up for an API key and start building compliant applications today.