Setting up Your Environment


Before you can start using the API, you need a client, user and password.

If you do not have your own client yet, you can use the following credentials to test the API:


The API is available via REST or SOAP webservices.


The client APITEST is intended for basic connectivity testing and is used by different users. Don't use it with sensitive data.

Base URL

To access the REST or SOAP webservices, you will need a base URL as an entry point to the AEB Compliance Screening API. Your company will be assigned a base URL when signing a contract with AEB. For our API test environment, the base URL is as follows:


The API is only available via HTTPS.


Authentication data must be provided for every API call. It is expected as HTTP authentication (HTTP Basic Authentication according to RFC 2617).

The user and client login data is transmitted in the format <user>@<client>:<password>. The login data must be base 64–encoded. Before the conversion, the login data should use ISO-8859-1 character coding. If no umlauts or other diacritics are included, this corresponds to ASCII coding. It is also possible to use Windows character coding (CP-1252) if no euro sign is included.

Base 64 encoding is no encryption in cryptographic terms, but still plain text. This is why we require using HTTPS encryption so the data cannot be intercepted by unauthorized parties.

Example for the coding of login data:
Client = APITEST
Password = API_TEST_007

The string "[email protected]:API_TEST_007", when encoded in base 64, yields “QVBJX1RFU1RAQVBJVEVTVDpBUElfVEVTVF8wMDc=". The following line would therefore be added to the HTTP header:



Note that the client and user specified here are used only for authentication and have no impact on the business logic.


If you are using "Try it!" via REST, remember to use
<user>@<client> as username in the "AUTHENTICATION" field.


To test REST APIs manually, you can also use this link to our REST API swagger documentation and click the "Try it out" button for the desired request. Do not forget to use the “Authorize” button for authentication (at the top of the web page). Otherwise, you will get a 403 HTTP error.