Sandbox testing

The below article has been written to help you with testing your application and exploring Lean's APIs within the Sandbox. This means the following three statements are always in effect:

  1. All calls in Sandbox are made to not
  2. Usage of the LinkSDK has sandbox: true in the method calls.
  3. Calls to Lean's API do not require certificates or mTLS transmission.

Lean Mockbank

Usage of the LinkSDK in Sandbox mode will enable 'Lean Mockbank' as a provider. Mockbank allows you to connect sample users and test the various states of your application to make sure you're ready for production data.

Mockbank behaves the same way as live banks, providing data and sending webhooks.

Test Users

In order to log into the mockbank, you will need to provide the credentials for one of your provisioned Test Users - these are displayed in the developer portal under the Integration tab.


Test users

Your application starts out with 5 test users which are unique to you. Each test user has different login behaviours, accounts and transactions which will allow you to simulate working with multiple users in your application. You can also create or delete test users directly from the dashboard.

OTP challenges

During various flows within the Link SDK, your user will be asked to submit a One Time Password (OTP).

The valid response for all OTP challenges in the sandbox is 1111.

Mocking the Reconnect Flow

Reconnecting is a key workflow when using our Data API over a sustained period of time. In order to test this workflow, Mockbank will automatically deauthenticate a user with OTP Required login behaviour after 10 minutes of inactivity. You can also manually trigger this by click Expire session button on each test user in the Integration tab. While most banks won't need to be authenticated this often, your integration should handle this as a possible response to any call to the Data API.

After 10 minutes or if manually triggered, the next time you try to make a call to the Data API you will receive a response with the status RECONNECT_REQUIRED and a relevant reconnect_id, enabling you to test this workflow.

Capturing Webhooks

You can test our API's directly from your terminal or Postman without building your backend, however key information is delivered via webhook.

While in sandbox, and no live data is being sent, you can use a webhook catcher to view the webhook data being sent:

LinkSDK Testing

We've provided a simple HTML wrapper on github to get started with creating entities in the Sandbox. Simply clone the repository and update the values with your own.

LinkSDK HTML Boilerplate

Testing payment statuses

You should test cases where payments are not ACCEPTED_BY_BANK. This is done by using certain "Magic numbers" for the amount when creating payment the payment intent for the payment.

To trigger a payment that will return with a PENDING status you can configure the amount at 12.34 and a currency of AED during the Create Payment Intent call.

To trigger a payment that will return with a FAILED status you can configure the amount at 34.56 and a currency of AED during the Create Payment Intent call.