A mock banking service built with NestJS +
MongoDB. It simulates accounts, transactions, and
integrates with external systems
(e.g.
Budżetownik). Deployed on
Render, ready for integration testing and automatic
synchronization.
MockBank is a modern sandbox banking API built with NestJS. It allows simulating real financial operations — from user registration and account creation to full transaction handling and integrations with external applications.
The system supports creating multiple accounts with independent balances, simulating transactions with automatic updates, and viewing real-time balances and history. All returned data follows a unified format, making testing and analysis easier.
MockBank supports two-way integrations:
push (webhooks signed with
HMAC-SHA256 for instant notifications) and
pull (REST endpoints for periodic data synchronization).
The system is complemented by built-in
security and stability mechanisms:
/healthz, /readyz, strict validation of
DTOs, rate limiting,
CORS, and security headers (Helmet),
ensuring predictable behavior in test environments.
The project is based on a modular architecture —
separate modules such as auth, accounts,
transactions, webhooks,
integrations, and system handle clearly
defined areas of logic, improving maintainability and scalability.
Authentication uses JWT, passwords are secured
with argon2, webhook secrets are encrypted using
AES, and all notifications are signed with
HMAC-SHA256 in the headers, ensuring data
integrity and authenticity.
The public integration endpoint is protected by an API key in the Bearer header, which allows external systems to test integrations without managing user tokens. The entire architecture is designed around modularity, separation of concerns, and easy extensibility (e.g. payments, multi-currency, security logs). Thanks to this, the project remains flexible, secure, and scalable.
/v1/auth/register
/v1/auth/login
/v1/auth/refresh
/v1/accounts
/v1/accounts
/v1/accounts/:id/close
balance=0, confirmation with name and password
/v1/accounts/:id/transactions?from&to&page&limit
/v1/simulations/transaction
creates an entry and updates the balance
/v1/webhooksregistration: url, secret, events[], clientId
/v1/webhooks?clientId=...
transaction.created
Headers
X-MockBank-TimestampX-MockBank-Idempotency-KeyX-MockBank-Signature
/api/owner/:owner/transactions?from=YYYY-MM-DD&to=YYYY-MM-DD
Authorization: Bearer <API_KEY>
ObjectIdfull e-mailemail prefix (user+something)
{
"id": "652123…",
"externalTxnId": "tx_abcd1234",
"accountId": "651fff…",
"amount": -1299,
"currency": "PLN",
"date": "2025-10-05T18:41:00.000Z",
"description": "Test transaction",
"raw": { "source": "simulator" }
}
Transaction data is returned in a
consistent JSON format — amounts in cents (type
int), dates in ISO-8601 (UTC).
Currently, only PLN is supported, but the
structure is prepared for multi-currency support in future
versions.
All endpoints also return a unified error contract (JSON with
traceId, code, message),
which simplifies integration and testing.
The project is ready for expansion and customization for other applications.
Note: The API runs on the free Render plan, so after inactivity the service may enter “sleep mode”. Clicking Demo – /healthz wakes up the instance — the first response may take a bit longer.