question: Authorization?

[VikashKothary]

Hi @billinghamj,

Thanks for sharing this.

It was very insightful and really helped me understand what was happening under the hood for Monzo API compared to their official docs.

I would love to actually use these endpoints, but most of them return 403 Forbidden when I try to use them with my OAuth2 client created in the Monzo Playground.

The GET /oauth2/clients seems to show the scopes that I have when creating an access token. I wonder if you or anyone else here has worked out how to app scopes to this Authorization flow?

[billinghamj]

@VikashKothary These are the APIs used by Monzo's official end-user apps (though this repo is likely very far out-of-date at this point)

You'd need to connect to the API like one of those apps. Though I believe it became a lot more complex since they implemented changes for the SCA regs (personally haven't done it since then - I'm sure it's totally doable, but I haven't looked into it)

[VikashKothary]

I knew it unlikely but I thought I'd ask.

Maybe I can try and reverse engineer those scopes from their app when I have the time. Until then I guess I'm limited to their public API.

Thanks for your help.