Maintaining a public-key based integration

string

Displayed once a user has successfully linked their Item.

env

string

The Plaid API environment on which to create user accounts. Possible values are development, sandbox, respectively. For Production use, use production.

key

string

The public_key associated with your account; available from the Dashboard.

string

A list of Plaid products you wish to use. Valid products are: transactions, auth, identity, assets, investments, liabilities, and payment_initiation. Example: ['auth', 'transactions']. balance is not a valid value, the Balance product does not require explicit initialization and will automatically be initialized when any other product is initialized. Only institutions that support all requested products will be shown in Link.
In Production, you will be billed for each product that you specify when initializing Link. Note that a product cannot be removed from an Item once the Item has been initialized with that product. To stop billing on an Item for subscription-based products, such as Liabilities, Investments, and Transactions, remove the Item via /item/remove.

onSuccess

callback

A function that is called when a user successfully links an Item. The function should expect two arguments, the public_token and a metadata object. See onSuccess.

onExit

callback

A function that is called when a user has specifically exited the Link flow or if Link failed to initialize. The function should expect two arguments, a nullable error object and a metadata object. See onExit.

onEvent

callback

A function that is called when a user reaches certain points in the Link flow. The function should expect two arguments, an eventName string and a metadata object.

onLoad

callback

A function that is called when the Link module has finished loading. Calls to plaidLinkHandler.open() prior to the onLoad callback will be delayed until the module is fully loaded.

string

Specify a Plaid-supported language to localize Link. English will be used by default. Supported languages:

English ('en')
French ('fr')
Spanish ('es')
Dutch ('nl')

When using a Link customization, language must be set to match the language used in the customization.

string

Specify an array of Plaid-supported country codes using the ISO-3166-1 alpha-2 country code standard. Note that if you initialize with a European country code, your users will see the European consent panel during the Link flow. Supported country codes are: US, CA, ES, FR, GB, IE, NL. If not specified, will default to ['US']. If Link is launched with multiple countryCodes, only products that you are enabled for in all countries will be used by Link.
If a Link customization is being used, the countries configured here should match those in the customization.
To use the Auth features Instant Match, Automated Micro-deposits, or Same-day Micro-deposits, countryCodes must be set to ['US'].

<accountType>: [accountSubtype]

object

By default, Link will only display account types that are compatible with all products supplied in the product parameter. You can further limit the accounts shown in Link by using accountSubtypes to specify the account subtypes to be shown in Link. Only the specified subtypes will be shown. To indicate that all subtypes should be shown, use the value "all". If the accountSubtypes filter is used, any account type for which a filter is not specified will be entirely omitted from Link.
Example value:
{

"depository": ["checking", "savings"],
"credit": ["all"]

}
For a full list of valid types and subtypes, see the Account schema.
For institutions using OAuth, the filter will not affect the list of institutions shown by the bank in the OAuth window.

string

An object of accountTypes composed of an array of accountSubtypes to filter.

string

Specify a webhook to associate with an Item. Plaid fires a webhook when the Item requires updated credentials, when new data is available, or when Auth numbers have been successfully verified.

string

Specify a public_token to launch Link in update mode for a particular Item. This will cause Link to open directly to the authentication step for that Item's institution. Use the /item/public_token/create endpoint to generate a public_token for an Item.

string

Specify the name of a Link customization created in the Dashboard. The default customization is used if none is provided. When using a Link customization, the language in the customization must match the language configured via the language parameter.

string

An oauthNonce is required to support OAuth authentication flows when launching or re-launching Link on a mobile device and using one or more European country codes. The nonce must be at least 16 characters long.

string

An oauthRedirectUri is required to support OAuth authentication flows when launching Link on a mobile device. Note that any redirect URI must also be added to the Allowed redirect URIs list in the developer dashboard.

oauthStateId

string

An oauthStateId is required to support OAuth authentication flows when re-launching Link on a mobile device.

paymentToken

string

A paymentToken must be specified if you are using the Payment Initiation (UK and Europe) product. This will cause Link to open directly to the Payment Initiation flow. Use the /payment_initiation/payment/token/create endpoint to generate a payment_token.

userLegalName

string

The end user's legal name

userPhoneNumber

string

The end user's phone number

userEmailAddress

string

The end user's email address

Create example
1const handler = Plaid.create({
clientName: 'Plaid Quickstart',
env: 'sandbox',
key: 'PUBLIC_KEY',
product: ['transactions'],
onSuccess: (public_token, metadata) => {},
onLoad: () => {},
onExit: (err, metadata) => {},
onEvent: (eventName, metadata) => {},
countryCodes: ['US'],
webhook: 'https://requestb.in',
linkCustomizationName: '',
language: 'en',
oauthNonce: null,
oauthRedirectUri: null,
oauthStateId: null,
token: null,
paymentToken: null,
19});

onSuccess

The onSuccess callback is called when a user successfully links an Item. It takes two arguments: the public_token and a metadata object.

onSuccess

public_token

string

Displayed once a user has successfully linked their Item.

object

Displayed once a user has successfully linked their Item.

nullableobject

An institution object. If the Item was created via Same-Day micro-deposit verification, will be null.

name

string

The full institution name, such as 'Wells Fargo'

string

The Plaid institution identifier

object

A list of accounts attached to the connected Item. If Account Select is enabled via the developer dashboard, accounts will only include selected accounts.

id

string

The Plaid account_id

name

string

The official account name

mask

nullablestring

The last 2-4 alphanumeric characters of an account's official account number. Note that the mask may be non-unique between an Item's accounts. It may also not match the mask that the bank displays to the user.

type

string

The account type. See the Account schema for a full list of possible values

string

The account subtype. See the Account schema for a full list of possible values

nullablestring

Indicates an Item's micro-deposit-based verification status. Possible values are:
pending_automatic_verification: The Item is pending automatic verification
pending_manual_verification: The Item is pending manual micro-deposit verification. Items remain in this state until the user successfully verifies the deposit.
automatically_verified: The Item has successfully been automatically verified
manually_verified: The Item has successfully been manually verified
verification_expired: Plaid was unable to automatically verify the deposit within 7 calendar days and will no longer attempt to validate the Item. Users may retry by submitting their information again through Link.
verification_failed: The Item failed manual micro-deposit verification because the user exhausted all 3 verification attempts. Users may retry by submitting their information again through Link.
null: micro-deposit-based verification is not being used for the Item.

class_type

nullablestring

If micro-deposit verification is being used, indicates whether the account being verified is a business or personal account.

account

deprecatednullableobject

Deprecated. Use accounts instead.

string

A unique identifier associated with a user's actions and events through the Link flow. Include this identifier when opening a support ticket for faster turnaround.

transfer_status

nullablestring

The status of a transfer. Returned only when Transfer UI is implemented.

COMPLETE – The transfer was completed.
INCOMPLETE – The transfer could not be completed. For help, see Troubleshooting transfers.

Possible values: COMPLETE, INCOMPLETE

onSuccess example
1const handler = Plaid.create({
...,
onSuccess: (public_token, metadata) => {
  fetch('//yourserver.com/exchange_public_token', {
    method: 'POST',
    body: {
      public_token: public_token,
      accounts: metadata.accounts,
      institution: metadata.institution,
      link_session_id: metadata.link_session_id,
    },
  });
}
14});

metadata schema
1{
institution: {
  name: 'Wells Fargo',
  institution_id: 'ins_4'
},
accounts: [
  {
    id: 'ygPnJweommTWNr9doD6ZfGR6GGVQy7fyREmWy',
    name: 'Plaid Checking',
    mask: '0000',
    type: 'depository',
    subtype: 'checking',
    verification_status: ''
  },
  {
    id: '9ebEyJAl33FRrZNLBG8ECxD9xxpwWnuRNZ1V4',
    name: 'Plaid Saving',
    mask: '1111',
    type: 'depository',
    subtype: 'savings'
  }
  ...
],
link_session_id: '79e772be-547d-4c9c-8b76-4ac4ed4c441a'
25}

onExit

The onExit callback is called when a user exits Link without successfully linking an Item, or when an error occurs during Link initialization. onExit takes two arguments, a nullable error object and a metadata object. The metadata parameter is always present, though some values may be null. Note that onExit will not be called when Link is destroyed in some other way than closing Link, such as the user hitting the browser back button or closing the browser tab on which the Link session is present.

onExit

nullableobject

A nullable object that contains the error type, code, and message of the error that was last encountered by the user. If no error was encountered, error will be null.

String

A broad categorization of the error.

String

The particular error code. Each error_type has a specific set of error_codes.

String

A developer-friendly representation of the error code.

display_message

nullableString

A user-friendly representation of the error code. null if the error is not related to user action. This may change over time and is not safe for programmatic use.

object

Displayed if a user exits Link without successfully linking an Item.

nullableobject

An institution object. If the Item was created via Same-Day micro-deposit verification, will be null.

name

string

The full institution name, such as Wells Fargo

string

The Plaid institution identifier

string

The point at which the user exited the Link flow. One of the following values.

User prompted to answer security questions

User prompted to answer multiple choice question(s)

User prompted to provide a one-time passcode

User prompted to select a device on which to receive a one-time passcode

User prompted to provide credentials for the selected financial institution or has not yet selected a financial institution

User prompted to select one or more financial accounts to share

requires_oauth

User prompted to enter an OAuth flow

User exited the Link flow after unsuccessfully (no results returned) searching for a financial institution

User exited the Link flow after discovering their selected institution is no longer supported by Plaid

string

A unique identifier associated with a user's actions and events through the Link flow. Include this identifier when opening a support ticket for faster turnaround.

string

The request ID for the last request made by Link. This can be shared with Plaid Support to expedite investigation.

onExit example
1const handler = Plaid.create({
...,
onExit: (error, metadata) => {
  // Save data from the onExit handler
  supportHandler.report({
    error: error,
    institution: metadata.institution,
    link_session_id: metadata.link_session_id,
    plaid_request_id: metadata.request_id,
    status: metadata.status,
  });
},
13});

Error schema
1{
2  error_type: 'ITEM_ERROR',
3  error_code: 'INVALID_CREDENTIALS',
4  error_message: 'the credentials were not correct',
5  display_message: 'The credentials were not correct.',
6}

Metadata schema
1{
institution: {
  name: 'Wells Fargo',
  institution_id: 'ins_4'
},
status: 'requires_credentials',
link_session_id: '36e201e0-2280-46f0-a6ee-6d417b450438',
request_id: '8C7jNbDScC24THu'
9}

onEvent

The onEvent callback is called at certain points in the Link flow. It takes two arguments, an eventName string and a metadata object.
The metadata parameter is always present, though some values may be null. Note that new eventNames, metadata keys, or view names may be added without notice.
The onEvent callback is not guaranteed to fire exactly at the time of a user action in Link. In general, the OPEN event will fire in real time; subsequent events will fire at the end of the Link flow, along with the onSuccess or onExit callback. If you need to determine the exact time when an event happened, use the timestamp in the metadata.
The following callback events are stable, which means that they will not be deprecated or changed: OPEN, EXIT, HANDOFF, SELECT_INSTITUTION, ERROR, BANK_INCOME_INSIGHTS_COMPLETED, IDENTITY_VERIFICATION_PASS_SESSION, IDENTITY_VERIFICATION_FAIL_SESSION. The remaining callback events are informational and subject to change.

onEvent

string

A string representing the event that has just occurred in the Link flow.

The user has completed the Assets and Bank Income Insights flow.

The user closed the third-party website or mobile app without completing the OAuth flow.

The user has chosen to link a new institution instead of linking a saved institution. This event is only emitted in the Link Remember Me flow.

A recoverable error occurred in the Link flow, see the error_code metadata.

EXIT

The user has exited without completing the Link flow and the onExit callback is fired.

The user encountered an error while completing the third-party's OAuth login flow.

IDENTITY_VERIFICATION_START_STEP

The user has exited Link after successfully linking an Item.

The user has started a step of the Identity Verification flow. The step is indicated by view_name.

IDENTITY_VERIFICATION_PASS_STEP

The user has passed a step of the Identity Verification flow. The step is indicated by view_name.

IDENTITY_VERIFICATION_FAIL_STEP

The user has failed a step of the Identity Verification flow. The step is indicated by view_name.

IDENTITY_VERIFICATION_PENDING_REVIEW_STEP

The user has reached the pending review state.

IDENTITY_VERIFICATION_CREATE_SESSION

The user has started a new Identity Verification session.

IDENTITY_VERIFICATION_RESUME_SESSION

The user has resumed an existing Identity Verification session.

IDENTITY_VERIFICATION_PASS_SESSION

The user has successfully completed their Identity Verification session.

IDENTITY_VERIFICATION_FAIL_SESSION

The user has failed their Identity Verification session.

IDENTITY_VERIFICATION_PENDING_REVIEW_SESSION

The user has completed their Identity Verification session, which is now in a pending review state.

IDENTITY_VERIFICATION_OPEN_UI

The user has opened the UI of their Identity Verification session.

IDENTITY_VERIFICATION_RESUME_UI

The user has resumed the UI of their Identity Verification session.

IDENTITY_VERIFICATION_CLOSE_UI

The user has closed the UI of their Identity Verification session.

The user selected an institution that was presented as a matched institution. This event can be emitted either during the Returning User Experience flow or if the institution's routing_number was provided when calling /link/token/create. To distinguish between the two scenarios, see metadata.match_reason.

The user selected a verification method for a matched institution. This event is emitted during the Returning User Experience flow.

OPEN

The user has opened Link.

The user has opened my.plaid.com. This event is only sent when Link is initialized with Assets as a product

The user has navigated to a third-party website or mobile app in order to complete the OAuth login flow.

The user has searched for an institution.

The user has chosen whether to Link instantly or manually (i.e., with micro-deposits). This event emits the selection metadata to indicate the user's selection.

The user selected a brand, e.g. Bank of America. The SELECT_BRAND event is only emitted for large financial institutions with multiple online banking portals.

The user selected an institution with a DEGRADED health status and was shown a corresponding message.

The user selected an institution with a DOWN health status and was shown a corresponding message.

The user selected an institution Plaid does not support all requested products for and was shown a corresponding message.

The user selected an institution.

The user has opted to not provide their phone number to Plaid. This event is only emitted in the Link Remember Me flow.

The user has submitted an account number. This event emits the account_number_mask metadata to indicate the mask of the account number the user provided.

SUBMIT_DOCUMENTS_SUCCESS

The user has submitted credentials.

SUBMIT_DOCUMENTS

The user is being prompted to submit documents for an Income verification flow.

SUBMIT_DOCUMENTS_ERROR

The user encountered an error when submitting documents for an Income verification flow.

The user has successfully submitted documents for an Income verification flow.

The user has submitted MFA.

The user has submitted their phone number. This event is only emitted in the Link Remember Me flow.

The user has submitted a routing number. This event emits the routing_number metadata to indicate user's routing number.

The TRANSITION_VIEW event indicates that the user has moved from one view to the next.

The user has successfully verified their phone number using OTP. This event is only emitted in the Link Remember Me flow.

The user has viewed data types on the data transparency consent pane.

object

An object containing information about the event.

account_number_mask

nullablestring

The account number mask extracted from the user-provided account number. If the user-inputted account number is four digits long, account_number_mask is empty. Emitted by SUBMIT_ACCOUNT_NUMBER.

nullablestring

The error type that the user encountered. Emitted by: ERROR, EXIT.

nullablestring

The error code that the user encountered. Emitted by ERROR, EXIT.

nullablestring

The error message that the user encountered. Emitted by: ERROR, EXIT.

exit_status

nullablestring

The status key indicates the point at which the user exited the Link flow. Emitted by: EXIT

nullablestring

The ID of the selected institution. Emitted by: all events.

institution_search_query

nullablestring

The name of the selected institution. Emitted by: all events.

nullablestring

The query used to search for institutions. Emitted by: SEARCH_INSTITUTION.

is_update_mode

nullablestring

Indicates if the current Link session is an update mode session. Emitted by: OPEN.

match_reason

nullablestring

The reason this institution was matched. This will be either returning_user or routing_number if emitted by: MATCHED_SELECT_INSTITUTION. Otherwise, this will be SAVED_INSTITUTION or AUTO_SELECT_SAVED_INSTITUTION if emitted by: SELECT_INSTITUTION.

routing_number

nullablestring

The routing number submitted by user at the micro-deposits routing number pane. Emitted by SUBMIT_ROUTING_NUMBER.

mfa_type

nullablestring

If set, the user has encountered one of the following MFA types: code, device, questions, selections. Emitted by: SUBMIT_MFA and TRANSITION_VIEW when view_name is MFA

view_name

nullablestring

The name of the view that is being transitioned to. Emitted by: TRANSITION_VIEW.

The view showing Terms of Service in the identity verification flow.

The user has connected their account.

We ask the user to consent to the privacy policy.

Asking the user for their account credentials.

We disclose the data types being shared.

We ask the user to consent to the privacy policy and disclose data types being shared.

The view requesting document verification in the identity verification flow (configured via "Fallback Settings" in the "Rulesets" section of the template editor).

An error has occurred.

EXIT

Confirming if the user wishes to close Link.

The view representing the "know your customer" step in the identity verification flow.

Link is making a request to our servers.

We ask the matched user to consent to the privacy policy and SMS terms.

We ask the matched user for their account credentials to a matched institution.

We ask the matched user for MFA authentication to verify their identity.

MFA

The user is asked by the institution for additional MFA authentication.

The user is asked to insert their account and routing numbers.

The user is informed they will authenticate with the financial institution via OAuth.

The user was presented with a Google reCAPTCHA to verify they are human.

The risk check step in the identity verification flow (configured via "Risk Rules" in the "Rulesets" section of the template editor).

The watchlist screening step in the identity verification flow.

We ask the user to choose an account.

The user is asked to choose whether to Link instantly or manually (i.e., with micro-deposits).

The user is asked to select a brand, e.g. Bank of America. The brand selection interface occurs before the institution select pane and is only provided for large financial institutions with multiple online banking portals.

We ask the user to choose their institution.

The user is asked to select their saved accounts and/or new accounts for linking in the Link Remember Me flow.

The user is asked to pick a saved institution or link a new one in the Link Remember Me flow.

The view in the identity verification flow which uses the camera to confirm there is real user that matches their ID documents.

The user is asked for their phone number in the Link Remember Me flow.

The user is asked to upload documents (for Income verification).

The user is asked to verify their phone OTP in the Link Remember Me flow.

The SMS verification step in the identity verification flow.

string

The request ID for the last request made by Link. This can be shared with Plaid Support to expedite investigation. Emitted by: all events.

string

The link_session_id is a unique identifier for a single session of Link. It's always available and will stay constant throughout the flow. Emitted by: all events.

string

An ISO 8601 representation of when the event occurred. For example 2017-09-14T14:42:19.350Z. Emitted by: all events.

nullablestring

Either the verification method for a matched institution selected by the user or the Auth Type Select flow type selected by the user. If selection is used to describe selected verification method, then possible values are phoneotp or password; if selection is used to describe the selected Auth Type Select flow, then possible values are flow_type_manual or flow_type_instant. Emitted by: MATCHED_SELECT_VERIFY_METHOD and SELECT_AUTH_TYPE.

onExit example
1const handler = Plaid.create({
2  ...,
3  onEvent: (eventName, metadata) => {
4    // send event and metadata to self-hosted analytics
5    analytics.send(eventName, metadata);
6  },
7});

Metadata schema
1{
error_type: 'ITEM_ERROR',
error_code: 'INVALID_CREDENTIALS',
error_message: 'the credentials were not correct',
exit_status: null,
institution_id: 'ins_4',
institution_name: 'Wells Fargo',
institution_search_query: 'wellsf',
mfa_type: null,
view_name: 'ERROR'
request_id: 'm8MDnv9okwxFNBV',
link_session_id: '30571e9b-d6c6-42ee-a7cf-c34768a8f62d',
timestamp: '2017-09-14T14:42:19.350Z',
14}

open()

Calling open will display the Consent Pane view to your user, starting the Link flow. Once open is called, you will begin receiving events via the onEvent callback.

Create example
1const handler = Plaid.create({ ... });
2
3// Open Link
4handler.open();

exit()

The exit function allows you to programmatically close Link. Calling exit will trigger either the onExit or onSuccess callbacks.
The exit function takes a single, optional argument, a configuration Object.

exit

force

boolean

If true, Link will exit immediately. If false, or the option is not provided, an exit confirmation screen may be presented to the user.

Graceful exit example
1const handler = Plaid.create({ ... });
2
3// Graceful exit - Link may display a confirmation screen
4// depending on how far the user is in the flow
5handler.exit();

Forced exit example
1const handler = Plaid.create({ ... });
2
3// Force exit - Link exits immediately
4handler.exit({ force: true });

destroy()

The destroy function allows you to destroy the Link handler instance, properly removing any DOM artifacts that were created by it. Use destroy() when creating new replacement Link handler instances in the onExit callback.

Destroy example
1const handler = Plaid.create({ ... })
2
3// Destroy and clean up the Link handler & iFrame
4handler.destroy();

Plaid Link for iOS

This section provides instructions for maintaining Plaid integrations using the deprecated public_key parameter. These instructions cannot be used for new integrations or for adding OAuth support to existing integrations. For up-to-date content on this topic, see the Link iOS SDK instead. For instructions on updating an existing legacy integration, see the Link token migration guide.

Overview

Here you find instructions on how to integrate and use Plaid Link for iOS. At the center of it lies LinkKit.framework: an embeddable framework managing the details of linking an account with Plaid.

To get up and running quickly with Plaid Link for iOS clone the GitHub repository and try out the example applications, which provide a reference implementation in Swift and Objective-C. Youʼll want to sign up for free API keys to get started.

Installation

Plaid Link for iOS is an embeddable framework that is bundled and distributed within your application. There are several ways to obtain the necessary files and keep them up-to-date; we recommend using CocoaPods or Carthage. Regardless of what you choose, submitting a new version of your application with the updated LinkKit.framework to the App Store is required.

Requirements

Xcode 7 or greater
iOS 9.0 or greater
A Plaid public_key, available from the Plaid Dashboard
The latest version of the LinkKit.framework

A new version of LinkKit.framework will be released around the 15th of every month. We recommend you keep up to date to provide the best Plaid Link experience in your application.

CocoaPods

If you haven't already, install the latest version of CocoaPods.
If you don't have an existing Podfile, run the following command to create one:
Terminal
```
1pod init
```
Add this line to your Podfile:
Terminal
```
1pod 'Plaid'
```
Run the following command:
Terminal
```
1pod install
```

Add a custom Run Script build phase (we recommend naming it Prepare for Distribution ) with the script below, which prepares the LinkKit.framework for distribution through the App Store.

 
Select Language
1LINK_ROOT=${PODS_ROOT:+$PODS_ROOT/Plaid/ios}
2cp "${LINK_ROOT:-$PROJECT_DIR}"/LinkKit.framework/prepare_for_distribution.sh "${CODESIGNING_FOLDER_PATH}"/Frameworks/LinkKit.framework/prepare_for_distribution.sh
3"${CODESIGNING_FOLDER_PATH}"/Frameworks/LinkKit.framework/prepare_for_distribution.sh

To update to newer releases in the future run:
Terminal
```
1pod install
```

Carthage

If you haven't already, install the latest version of Carthage.
If you don't have an existing Podfile, run the following command to create one:
Terminal
```
1pod init
```
Add this line to your Podfile:
Terminal
```
1github "plaid/plaid-link-ios"
```

Add a custom Run Script build phase (we recommend naming it Prepare for Distribution) with the script below, which prepares the LinkKit.framework for distribution through the App Store.

 
Select Language
1LINK_ROOT=${PODS_ROOT:+$PODS_ROOT/Plaid/ios}
2cp "${LINK_ROOT:-$PROJECT_DIR}"/LinkKit.framework/prepare_for_distribution.sh "${CODESIGNING_FOLDER_PATH}"/Frameworks/LinkKit.framework/prepare_for_distribution.sh
3"${CODESIGNING_FOLDER_PATH}"/Frameworks/LinkKit.framework/prepare_for_distribution.sh

To update to newer releases in the future run:
Terminal
```
1carthage update plaid-ios --platform ios
```

Manual

Get the latest version of LinkKit.framework and embed it into your application.

Embed LinkKit.framework into your application, for example by dragging and dropping the file onto the Embed Frameworks build phase as shown below.

Depending on the location of the LinkKit.framework on the filesystem you may need to change the Framework Search Paths build setting to avoid the error: fatal error: 'LinkKit/LinkKit.h' file not found. For example, the LinkDemo Xcode projects have it set to FRAMEWORK_SEARCH_PATHS = $(PROJECT_DIR)/../ since the LinkKit.framework file is shared between them and is kept in the directory that also contains the demo project directories.

Edit framework search paths build setting

Finally, add a Run Script build phase (we recommend naming it Prepare for Distribution) with the script below. Be sure to run this build phase after the Embed Frameworks build phase or [CP] Embed Pods Frameworks build phase when integrating using CocoaPods, otherwise LinkKit.framework will not be properly prepared for distribution.

Failing to execute the run script build phase after the embed frameworks build phase very likely get your application rejected during App Store submission or review.

The script below removes from the framework any non-iOS device code that is included to support running LinkKit in the Simulator but that may not be distributed via the App Store.

Failing to run the script below will very likely get your application rejected during App Store submission or review.

Change the \${PROJECT_DIR\}/LinkKit.framework path in the example below according to your setup, and be sure to quote the filepaths when they contain whitespace.

Run script
1LINK_ROOT=\${PODS_ROOT:+$PODS_ROOT/Plaid/ios\}
2cp "\${LINK_ROOT:-$PROJECT_DIR\}"/LinkKit.framework/prepare_for_distribution.sh "\${CODESIGNING_FOLDER_PATH\}"/Frameworks/LinkKit.framework/prepare_for_distribution.sh
3"\${CODESIGNING_FOLDER_PATH\}"/Frameworks/LinkKit.framework/prepare_for_distribution.sh

Implementation

To use Plaid Link for iOS import LinkKit and its symbols into your code.

ViewController.m
Select Language
1import LinkKit
2
3extension ViewController : PLKPlaidLinkViewDelegate {
4
5  // call presentPlaidLink to create + initialize Link
6  func presentPlaidLink() {
7    let linkViewController = PLKPlaidLinkViewController(configuration: PLKConfiguration(...), delegate: self)
8    present(linkViewController, animated: true)
9  }
10
11  // handle didSucceedWithPublicToken delegate method
12  func linkViewController(
13    _ linkViewController: PLKPlaidLinkViewController,
14    didSucceedWithPublicToken publicToken: String,
15    metadata: [String : Any]?) { /* handle success */ }
16
17  // handle didExitWithError delegate method
18  func linkViewController(
19    _ linkViewController: PLKPlaidLinkViewController,
20    didExitWithError error: Error?,
21    metadata: [String : Any]?) { /* handle exit | error */ }
22
23  // handle didHandleEvent delegate method
24  func linkViewController(
25    _ linkViewController: PLKPlaidLinkViewController,
26    didHandleEvent event: String,
27    metadata: [String : Any]?) { /* handle exit | error */ }
28}

Configure & present Link

Starting the Plaid Link for iOS experience is as simple as creating and presenting an instance of PLKPlaidLinkViewController. Then, create an instance of PLKConfiguration and pass that during the initialization of the PLKPlaidLinkViewController.

create_legacy

env

String

The Plaid API environment on which to create user accounts. Valid environments are:

.sandbox
.development
.production

key

String

The public_key associated with your account; available in the Plaid Dashboard.

[String]

A list of one or many Plaid product(s) you wish to use. Valid products are:

.auth
.transactions
.identity
.assets
.investments
.liabilities
.payment_initiation

Example: [.auth, .transactions]. .balance is not a valid value, the Balance product does not require explicit initialization and will automatically be initialized when any other product is initialized. Only institutions that support all requested products will be shown in Link.
In Production, you will be billed for each product that you specify when initializing Link. Note that a product cannot be removed from an Item once the Item has been initialized with that product. To stop billing on an Item for subscription-based products, such as Liabilities, Investments, and Transactions, remove the Item via /item/remove.

String

Displayed once a user has successfully linked their Item.

nullableString

Specify a Plaid-supported language to localize Link. English will be used by default. Supported languages:

English ('en')
French ('fr')
Spanish ('es')
Dutch ('nl')

When using a Link customization profile, language must be set to match the language used in the customization profile.

nullable[String]

US
CA
ES
FR
GB
IE
NL

If not specified, will default to ['US']. If Link is launched with multiple countryCodes, only products that you are enabled for in all countries will be used by Link.
If a Link customization is being used, the countries configured here should match those in the customization.
To use the Auth features Instant Match, Automated Micro-deposits, or Same-day Micro-deposits, countryCodes must be set to ['US'].

Dictionary

"depository": ["checking", "savings"],
"credit": ["all"]

}
For a full list of valid types and subtypes, see the Account schema.
For institutions using OAuth, the filter will not affect the list of institutions shown by the bank in the OAuth window.

String

Specify a webhook to associate with an Item. Plaid fires a webhook when the Item requires updated credentials, when new data is available, or when Auth numbers have been successfully verified.

String

Specify the name of a Link customization created in the Dashboard. The default customization is used if none is provided. When using a Link customization, the language specified in the customization must match the language configured via the language parameter.

String

String

An oauthRedirectUri is required to support OAuth authentication flows when launching Link on a mobile device and using one or more European country codes. Any redirect URI must also be added to the Allowed redirect URIs list in the developer dashboard. For mobile app integrations, the redirect URI must be registered as an app link (not custom URI) to enable app-to-app authentication flows. You will need to configure an Android App Link or Apple App Association File. Custom URI schemes are not supported; a proper universal link must be used.

oauthStateId

String

An oauthStateId is required to support OAuth authentication flows when re-launching Link on a mobile device and using one or more European country codes.

paymentToken

String

Configure & present example
Select Language
1let linkConfiguration = PLKConfiguration(
2  env: .sandbox,
3  key: "<YOUR_PLAID_PUBLIC_KEY>",
4  product: [.auth]
5)
6linkConfiguration.clientName = "My application";
7linkConfiguration.language = "en";
8linkConfiguration.countryCodes = ["US", "CA", "GB"];
9linkConfiguration.webhook = "https://webhook.com";
10linkConfiguration.linkCustomizationName = "default";
11linkConfiguration.oauthRedirectUri = "<YOUR_OAUTH_REDIRECT_URI>"
12linkConfiguration.oauthNonce = UUID().uuidString
13
14let linkViewController = PLKPlaidLinkViewController(
15  configuration: linkConfiguration,
16  delegate: self
17)
18
19present(linkViewController, animated: true)

didSucceedWithPublicToken

The closure is called when a user successfully links an Item. It should take a single LinkSuccess argument, containing the publicToken String and a metadata of type SuccessMetadata.

onSuccess

linkSuccess

LinkSuccess

Contains the publicToken and metadata for this successful flow.

publicToken

String

Displayed once a user has successfully linked their Item.

LinkSuccess

Displayed once a user has successfully linked their Item.

nullableInstitution

An institution object. If the Item was created via Same-Day micro-deposit verification, will be null.

name

String

The full institution name, such as 'Wells Fargo'

institutionID

InstitutionID (String)

The Plaid institution identifier

Array<Account>

A list of accounts attached to the connected Item

id

AccountID (String)

The Plaid account_id

name

String

The official account name

mask

Optional<AccountMask> (Optional<String>)

The last 2-4 alphanumeric characters of an account's official account number. Note that the mask may be non-unique between an Item's accounts, it may also not match the mask that the bank displays to the user.

AccountSubtype

The account subtype and its type. See Account Types for a full list of possible values.

verificationStatus

Optional<VerificationStatus>

The Item's micro-deposit-based verification status. Possible values are:
pending_automatic_verification: The Item is pending automatic verification.
pending_manual_verification: The Item is pending manual micro-deposit verification. Items remain in this state until the user successfully verifies the deposit.
automatically_verified: The Item has successfully been automatically verified.
manually_verified: The Item has successfully been manually verified.
verification_expired: Plaid was unable to automatically verify the deposit within 7 calendar days and will no longer attempt to validate the Item. Users may retry by submitting their information again through Link.
verification_failed: The Item failed manual micro-deposit verification because the user exhausted all 3 verification attempts. Users may retry by submitting their information again through Link.
nil: Micro-deposit-based verification is not being used for the Item.

linkSessionID

String

A unique identifier associated with a user's actions and events through the Link flow. Include this identifier when opening a support ticket for faster turnaround.

metadataJSON

String

Unprocessed metadata, formatted as JSON, sent from the Plaid API.

didSucceedWithPublicToken
Select Language
1func linkViewController(
2  _ linkViewController: PLKPlaidLinkViewController,
3  didSucceedWithPublicToken publicToken: String,
4  metadata: [String : Any]?
5) {
6  dismiss(animated: true) {
7  // Exchange publicToken with an accessToken on your server
8    NSLog("Successfully linked account!\npublicToken: (publicToken)\nmetadata: (metadata ?? [:])")
9  }
10}

metadata schema
1{
kPLKMetadataInstitutionKey: @{
  kPLKMetadataInstitutionNameKey: 'Wells Fargo',
  kPLKMetadataInstitutionIdKey: 'ins_4'
},
kPLKMetadataAccountsKey: [
  @{
    kPLKMetadataIdKey: 'ygPnJweommTWNr9doD6ZfGR6GGVQy7fyREmWy',
    kPLKMetadataNameKey: 'Plaid Checking',
    kPLKMetadataMaskKey: '0000',
    kPLKMetadataTypeKey: 'depository',
    kPLKMetadataSubtypeKey: 'checking',
    kPLKMetadataAccountVerificationStatusKey: ''
  },
  @{
    kPLKMetadataIdKey: '9ebEyJAl33FRrZNLBG8ECxD9xxpwWnuRNZ1V4',
    kPLKMetadataNameKey: 'Plaid Saving',
    kPLKMetadataMaskKey: '1111',
    kPLKMetadataTypeKey: 'depository',
    kPLKMetadataSubtypeKey: 'savings'
  }
  ...
],
kPLKMetadataLinkSessionIdKey: '79e772be-547d-4c9c-8b76-4ac4ed4c441a'
25}

didExitWithError

This optional closure is called when a user exits Link without successfully linking an Item, or when an error occurs during Link initialization. It should take a single LinkExit argument, containing an optional error and a metadata of type ExitMetadata.

onExit

linkExit

LinkExit

Contains the optional error and metadata for when the flow was exited.

Optional<ExitError> (Swift), Optional<NSError> (Objective-C)

An Error type that contains the errorCode, errorMessage, and displayMessage of the error that was last encountered by the user. If no error was encountered, error will be nil. In Objective-C, field names will match the NSError type.

ExitErrorCode

The error code and error type that the user encountered. Each errorCode has an associated errorType, which is a broad categorization of the error.

String

A developer-friendly representation of the error code.

displayMessage

Optional<String>

A user-friendly representation of the error code or nil if the error is not related to user action. This may change over time and is not safe for programmatic use.

ExitMetadata

Displayed if a user exits Link without successfully linking an Item.

requiresAccountSelection

Optional<ExitStatus>

The status key indicates the point at which the user exited the Link flow.

requiresQuestions

User prompted to answer security question(s).

requiresSelections

User prompted to answer multiple choice question(s).

requiresCode

User prompted to provide a one-time passcode.

chooseDevice

User prompted to select a device on which to receive a one-time passcode.

requiresCredentials

User prompted to provide credentials for the selected financial institution or has not yet selected a financial institution.

User prompted to select one or more financial accounts to share

institutionNotFound

User exited the Link flow after unsuccessfully (no results returned) searching for a financial institution

institutionNotSupported

User exited the Link flow after discovering their selected institution is no longer supported by Plaid

The exit status has not been defined in the current version of the SDK. The unknown case has an associated value carrying the original exit status as sent by the Plaid API.

Optional<Institution>

An institution object. If the Item was created via Same-Day micro-deposit verification, will be omitted.

institutionID

InstitutionID (String)

The Plaid specific identifier for the institution.

name

String

The full institution name, such as 'Wells Fargo'.

linkSessionID

Optional<String>

A unique identifier associated with a user's actions and events through the Link flow. Include this identifier when opening a support ticket for faster turnaround.

requestID

Optional<String>

The request ID for the last request made by Link. This can be shared with Plaid Support to expedite investigation.

metadataJSON

RawJSONMetadata (String)

Unprocessed metadata, formatted as JSON, sent from Plaid API.

didExitWithError
Select Language
1func linkViewController(
  _ linkViewController: PLKPlaidLinkViewController,
didExitWithError error: Error?,
              metadata: [String : Any]?
5) {
dismiss(animated: true) {
  if let error = error {
    NSLog("Failed to link account due to: (error.localizedDescription)\n metadata: (metadata ?? [:])")
    self.handleError(error, metadata: metadata)
  }
  else {
    NSLog("Plaid link exited with metadata: (metadata ?? [:])")
    self.handleExitWithMetadata(metadata)
  }
}
16}

Error schema
Select Language
1{
2  kPLKErrorTypeKey: 'ITEM_ERROR',
3  kPLKErrorCodeKey: 'INVALID_CREDENTIALS',
4  kPLKErrorMessageKey: 'the credentials were not correct',
5  kPLKDisplayMessageKey: 'The credentials were not correct.',
6}

Metadata schema
Select Language
1{
2   kPLKMetadataInstitutionKey: @{
3    kPLKMetadataInstitutionNameKey: 'Wells Fargo',
4    kPLKMetadataInstitutionIdKey: 'ins_4'
5  },
6  kPLKMetadataLinkSessionIdKey: '36e201e0-2280-46f0-a6ee-6d417b450438',
7  kPLKMetadataRequestIdKey: '8C7jNbDScC24THu'
8}

didHandleEvent

This optional closure is called when certain events in the Plaid Link flow have occurred, for example, when the user selected an institution. This enables your application to gain further insight into what is going on as the user goes through the Plaid Link flow.
The following onEvent callbacks are stable, which means that they will not be deprecated or changed: open, exit, handoff, selectInstitution, error, bankIncomeInsightsCompleted, identityVerificationPassSession, identityVerificationFailSession. The remaining callback events are informational and subject to change.

onEvent

linkEvent

LinkEvent

Contains the eventName and metadata for the Link event.

bankIncomeInsightsCompleted

EventName

An enum representing the event that has just occurred in the Link flow.

The user has completed the Assets and Bank Income Insights flow.

closeOAuth

The user closed the third-party website or mobile app without completing the OAuth flow.

connectNewInstitution

The user has chosen to link a new institution instead of linking a saved institution. This event is only emitted in the Link Remember Me flow.

identityVerificationStartStep

A recoverable error occurred in the Link flow, see the errorCode in the `metadata.

exit

The user has exited without completing the Link flow and the onExit callback is fired.

failOAuth

The user encountered an error while completing the third-party's OAuth login flow.

handoff

The user has exited Link after successfully linking an Item.

The user has started a step of the Identity Verification flow. The step is indicated by view_name.

identityVerificationPassStep

The user has passed a step of the Identity Verification flow. The step is indicated by view_name.

identityVerificationFailStep

The user has failed a step of the Identity Verification flow. The step is indicated by view_name.

identityVerificationReviewStep

The user has reached the pending review state.

identityVerificationCreateSession

The user has started a new Identity Verification session.

identityVerificationResumeSession

The user has resumed an existing Identity Verification session.

identityVerificationPassSession

The user has successfully completed their Identity Verification session.

identityVerificationFailSession

The user has failed their Identity Verification session.

identityVerificationPendingReviewSession

The user has completed their Identity Verification session, which is now in a pending review state.

identityVerificationOpenUI

The user has opened the UI of their Identity Verification session.

identityVerificationResumeUI

The user has resumed the UI of their Identity Verification session.

identityVerificationCloseUI

The user has closed the UI of their Identity Verification session.

matchedSelectInstitution

matchedSelectVerifyMethod

The user selected a verification method for a matched institution. This event is emitted only during the Returning User Experience flow.

open

The user has opened Link.

openMyPlaid

The user has opened my.plaid.com. This event is only sent when Link is initialized with Assets as a product.

openOAuth

The user has navigated to a third-party website or mobile app in order to complete the OAuth login flow.

searchInstitution

The user has searched for an institution.

selectBrand

The user selected a brand, e.g. Bank of America. The brand selection interface occurs before the institution select pane and is only provided for large financial institutions with multiple online banking portals.

selectInstitution

The user selected an institution.

skipSubmitPhone

The user has opted to not provide their phone number to Plaid. This event is only emitted in the Link Remember Me flow.

submitCredentials

The user has submitted credentials.

submitMFA

The user has submitted MFA.

submitPhone

The user has submitted their phone number. This event is only emitted in the Link Remember Me flow.

transitionView

The transitionView event indicates that the user has moved from one view to the next.

verifyPhone

The user has successfully verified their phone number using OTP. This event is only emitted in the Link Remember Me flow.

viewDataTypes

The user has viewed data types on the data transparency consent pane.

The event has not been defined in the current version of the SDK. The unknown case has an associated value carrying the original event name as sent by the Plaid API.

EventMetadata struct

An object containing information about the event

accountNumberMask

Optional<String>

The account number mask extracted from the user-provided account number. If the user-inputted account number is four digits long, account_number_mask is empty. Emitted by SUBMIT_ACCOUNT_NUMBER.

Optional<ExitErrorCode>

The error code that the user encountered. Emitted by: error, exit.

Optional<String>

The error message that the user encountered. Emitted by: error, exit.

exitStatus

Optional<ExitStatus>

The status key indicates the point at which the user exited the Link flow. Emitted by: exit.

requiresQuestions

User prompted to answer security question(s).

requiresSelections

User prompted to answer multiple choice question(s).

requiresCode

User prompted to provide a one-time passcode.

chooseDevice

User prompted to select a device on which to receive a one-time passcode.

requiresCredentials

User prompted to provide credentials for the selected financial institution or has not yet selected a financial institution.

institutionNotFound

User exited the Link flow after unsuccessfully (no results returned) searching for a financial institution

The exit status has not been defined in the current version of the SDK. The unknown case has an associated value carrying the original exit status as sent by the Plaid API.

institutionID

Optional<InstitutionID> (Optional<String>)

The ID of the selected institution. Emitted by: all events.

institutionName

Optional<String>

The name of the selected institution. Emitted by: all events.

institutionSearchQuery

Optional<String>

The query used to search for institutions. Emitted by: searchInstitution.

isUpdateMode

Optional<String>

Indicates if the current Link session is an update mode session. Emitted by: OPEN.

matchReason

nullablestring

linkSessionID

String

The link_session_id is a unique identifier for a single session of Link. It's always available and will stay constant throughout the flow. Emitted by: all events.

mfaType

Optional<MFAType>

If set, the user has encountered one of the following MFA types: code, device, questions, selections. Emitted by: submitMFA and transitionView when viewName is mfa

requestID

Optional<String>

The request ID for the last request made by Link. This can be shared with Plaid Support to expedite investigation. Emitted by: all events.

routingNumber

Optional<String>

The routing number submitted by user at the micro-deposits routing number pane. Emitted by SUBMIT_ROUTING_NUMBER.

Optional<String>

dataTransparencyConsent

Date

An ISO 8601 representation of when the event occurred. For example 2017-09-14T14:42:19.350Z. Emitted by: all events.

viewName

Optional<ViewName>

The name of the view that is being transitioned to. Emitted by: transitionView.

acceptTOS

The view showing Terms of Service in the identity verification flow.

connected

The user has connected their account.

consent

We ask the user to consent to the privacy policy.

credential

Asking the user for their account credentials.

dataTransparency

We disclose the data types being shared.

We ask the user to consent to the privacy policy and disclose data types being shared.

documentaryVerification

The view requesting document verification in the identity verification flow (configured via "Fallback Settings" in the "Rulesets" section of the template editor).

An error has occurred.

exit

Confirming if the user wishes to close Link.

kycCheck

The view representing the "know your customer" step in the identity verification flow.

loading

Link is making a request to our servers.

matchedConsent

We ask the matched user to consent to the privacy policy and SMS terms.

matchedCredential

We ask the matched user for their account credentials to a matched institution.

matchedMfa

We ask the matched user for MFA authentication to verify their identity.

mfa

The user is asked by the institution for additional MFA authentication.

numbers

The user is asked to insert their account and routing numbers.

oauth

The user is informed they will authenticate with the financial institution via OAuth.

recaptcha

The user was presented with a Google reCAPTCHA to verify they are human.

riskCheck

The risk check step in the identity verification flow (configured via "Risk Rules" in the "Rulesets" section of the template editor).

screening

The watchlist screening step in the identity verification flow.

selectAccount

We ask the user to choose an account.

selectAuthType

The user is asked to choose whether to Link instantly or manually (i.e., with micro-deposits).

selectBrand

selectInstitution

We ask the user to choose their institution.

selectSavedAccount

The user is asked to select their saved accounts and/or new accounts for linking in the Link Remember Me flow.

selectSavedInstitution

The user is asked to pick a saved institution or link a new one in the Link Remember Me flow.

selfieCheck

The view in the identity verification flow which uses the camera to confirm there is real user that matches their ID documents.

submitPhone

The user is asked for their phone number in the Link Remember Me flow.

uploadDocuments

The user is asked to upload documents (for Income verification).

verifyPhone

The user is asked to verify their phone OTP in the Link Remember Me flow.

verifySMS

The SMS verification step in the identity verification flow.

The view has not been defined in the current version of the SDK. The unknown case has an associated value carrying the original view name as sent by the Plaid API.

metadataJSON

RawJSONMetadata (String)

Unprocessed metadata, formatted as JSON, sent from Plaid API.

Exit example
Select Language
1func linkViewController(
2  _ linkViewController: PLKPlaidLinkViewController,
3  didHandleEvent event: String,
4  metadata: [String : Any]?
5) {
6  NSLog("Link event: (event)\nmetadata: (metadata ?? [:])")
7}

Metadata schema
Select Language
1{
kPLKMetadataErrorTypeKey: 'ITEM_ERROR',
kPLKMetadataErrorCodeKey: 'INVALID_CREDENTIALS',
kPLKMetadataErrorMessageKey: 'the credentials were not correct',
kPLKMetadataExitStatusKey: '',
kPLKMetadataInstitutionIdKey: 'ins_4',
kPLKMetadataInstitutionNameKey: 'Wells Fargo',
kPLKMetadataInstitutionSearchQueryKey: 'wellsf',
kPLKMetadataLinkSessionIdKey: '30571e9b-d6c6-42ee-a7cf-c34768a8f62d',
kPLKMetadataMFATypeKey: '',
kPLKMetadataRequestIdKey: 'm8MDnv9okwxFNBV',
kPLKMetadataTimestampKey: '2017-09-14T14:42:19.350Z',
kPLKMetadataViewNameKey: 'ERROR'
14}

Plaid Link for Android

This section provides instructions for maintaining Plaid integrations using the deprecated public_key parameter. These instructions cannot be used for new integrations or for adding OAuth support to existing integrations. For up-to-date content on this topic, see the Link Android SDK instead. For instructions on updating an existing legacy integration, see the Link token migration guide.

Overview

Here you find instructions on how to integrate and use Plaid Link for Android. At the center of it lies LinkSdk: an embeddable framework managing the details of linking an account with Plaid.

To get up and running quickly with Plaid Link for Android, clone the GitHub repository and try out the example applications, which provide a reference implementation in Java and Kotlin. Youʼll want to sign up for free API keys through the Plaid Dashboard to get started.

Requirements

The latest version of Android Studio
A Plaid client_id and secret, available from the Plaid Dashboard
Android 5.0 (API level 21) and above

A new version of the Android SDK will be released around the 15th of every month. You should keep your version up-to-date to provide the best Plaid Link experience in your application.

Update your project plugins

In your root-level (project-level) Gradle file (build.gradle), add rules to include the Android Gradle plugin. Check that you have Google's Maven repository, as well.

build.gradle (Project-level)
1buildscript {
  repositories {
      // Check that you have the following line (if not, add it):
      google()  // Google's Maven repository
      mavenCentral() // Include to import Plaid Link Android SDK
      jcenter() // Include to import Plaid Link transitive dependencies
  }
  dependencies {
      // ...
  }
11}

Add the PlaidLink SDK to your app

In your module (app-level) Gradle file (usually app/build.gradle), add a line to the bottom of the file. The latest version of the PlaidLink SDK is and can be found on Maven Central.

build.gradle (App-level)
1android {
2  defaultConfig {
3    minSdkVersion 21 // or greater
4  }
5}
6
7dependencies {
8  // ...
9  implementation 'com.plaid.link:sdk-core:<insert latest version>'
10}

Register your app ID

To register your Android app ID:

Log in to the Plaid Dashboard
Navigate to the API pane on the Team Settings page
Configure one or more Android package names (e.g.com.plaid.example)
Save your changes

Your Android app is now set up and ready to start integrating with the Plaid SDK.

Initialize Plaid Link Instance

Create an instance of Plaid Link by calling Plaid.initialize(application). Try to do this as early as possible to speed up opening Plaid Link.

openLink
Select Language
1import android.app.Application
2import com.plaid.link.Plaid
3
4class MyApplication : Application() {
5
6  override fun onCreate() {
7    super.onCreate()
8    Plaid.initialize(this)
9  }

Open Link

The Plaid object can be used to open Link with the given configuration. With Kotlin you can use the openPlaidLink extension function from an Activity or Fragment.

create_legacy

List

"depository": ["checking", "savings"],
"credit": ["all"]

}
For a full list of valid types and subtypes, see the Account schema.
For institutions using OAuth, the filter will not affect the list of institutions shown by the bank in the OAuth window.

String

Displayed once a user has successfully linked their Item.

List

Specify an array of Plaid-supported country codes using the ISO-3166-1 alpha-2 country code standard. Accepted values must use the native Android Locale country. If Link is launched with multiple countryCodes only products that you are enabled for in all specified countries will be available. Supported countries:

Canada: Locale.CA.country
France: Locale.FR.country
Ireland: Locale.IE.country
Netherlands: Locale.NL.country
Spain: Locale.ES.country
United Kingdom: Locale.UK.country
United States: Locale.US.country

If a Link customization is being used, the countries configured here should match those in the customization.
To use the Auth features Instant Match, Automated Micro-deposits, or Same-day Micro-deposits, countryCodes must be set to [Locale.US.country].

environment

String

The Plaid API environment on which to create user accounts. Available environments

Sandbox: PlaidEnvironment.SANDBOX
Development: PlaidEnvironment.DEVELOPMENT
Production: PlaidEnvironment.PRODUCTION

String

Specify a Plaid-supported language to localize Link. Accepted values must use the native Android Locale Language. English will be used by default. Supported languages:

English: Locale.ENGLISH.language
French: Locale.FRENCH.language
Spanish: Locale.SPANISH.language
Dutch: Locale.DUTCH.language

When using a Link customization, language must be set to match the language used in the customization.

products

List

A list of Plaid product(s) you wish to use. Only institutions that support all requested products will be shown in Link. Valid products:

Auth: PlaidProduct.AUTH
Transactions: PlaidProduct.TRANSACTIONS
Identity: PlaidProduct.IDENTITY
Assets: PlaidProduct.ASSETS
Investments: PlaidProduct.INVESTMENTS
Liabilities: PlaidProduct.LIABILITIES
PaymentInitiation: PlaidProduct.PAYMENT_INITIATION

In Production, you will be billed for each product that you specify when initializing Link. Note that a product cannot be removed from an Item once the Item has been initialized with that product. To stop billing on an Item for subscription-based products, such as Liabilities, Investments, and Transactions, remove the Item via /item/remove.

String

logLevel

enum

Set the level at which to log statements. Possible values are ASSERT, DEBUG, ERROR, INFO, VERBOSE, and WARN.

publicKey

String

The public_key associated with your account; available from the Dashboard.

string

Specify a payment_token or access_token. For link_token use a LinkTokenConfiguration instead.

userLegalName

string

The end user's legal name

userPhoneNumber

string

The end user's phone number

userEmailAddress

string

The end user's email address

String

Specify a webhook to associate with an Item. Plaid fires a webhook when the Item requires updated credentials, when new data is available, or when Auth numbers have been successfully verified.

extraParams

deprecatedmap<string, string>

Any additional params that need to be passed into the SDK can be added here.

openLink
Select Language
1import android.content.Intent
2import com.plaid.link.Plaid
3import com.plaid.linkbase.models.LinkConfiguration
4import com.plaid.linkbase.models.PlaidEnvironment
5import com.plaid.linkbase.models.PlaidProduct
6import com.plaid.link.configuration.LinkLogLevel
7
8class MainActivity : AppCompatActivity() {
9
10  override fun onCreate(savedInstanceState: Bundle?) {
11    super.onCreate(savedInstanceState)
12
13    // Open Link – this will usually be in a click listener
14    this@MainActivity.openPlaidLink(
15      linkConfiguration = linkConfiguration {
16        environment = PlaidEnvironment.SANDBOX
17        products = listOf(PlaidProduct.TRANSACTIONS)
18        clientName = "My Application name"
19        language = Locale.ENGLISH.language
20        countryCodes = listOf(Locale.US.country)
21        webhook = "https://requestb.in"
22        linkCustomizationName = "default"
23        publicToken = null
24        paymentToken = null
25      }
26    )
27  }
28}

Handling Results and Events

The onActivityResult handler is called for the onSuccess and onExit events. Use PlaidLinkResultHandler to parse the result out of the returned intent.

MainActivity.kt
Select Language
1import android.content.Intent
2
3import com.plaid.link.LinkActivity
4import com.plaid.link.Plaid
5import com.plaid.linkbase.models.LinkEventListener
6import com.plaid.linkbase.models.PlaidApiError
7import com.plaid.linkbase.models.PlaidEnvironment
8import com.plaid.linkbase.models.PlaidProduct
9
10class MainActivity : AppCompatActivity() {
11
12  private val resultHandler = PlaidLinkResultHandler(
13    onSuccess = { it: LinkConnection -> /* handle onSuccess */ }
14    onExit = { it: PlaidError -> /* handle onExit */ }
15  )
16
17  override fun onActivityResult(requestCode: Int, resultCode: Int, data: Intent?) {
18    super.onActivityResult(requestCode, resultCode, data)
19    if (!resultHandler.onActivityResult(requestCode, resultCode, data)) {
20      Log.i(MainActivity.class.getSimpleName(), "Not handled");
21    }
22  }
23
24  override fun onCreate(savedInstanceState: Bundle?) {
25    super.onCreate(savedInstanceState)
26
27    Plaid.setLinkEventListener { event -> Log.i("Event", event.toString()) }
28
29    ...
30  }
31}

onSuccess

The method is called when a user successfully links an Item. The onSuccess handler returns a LinkConnection class that includes the public_token, and additional Link metadata in the form of a LinkConnectionMetadata class.

onSuccess

publicToken

String

Displayed once a user has successfully linked their Item.

Object

Displayed once a user has successfully linked their Item.

List<LinkAccount>

A list of accounts attached to the connected Item. If Account Select is enabled via the developer dashboard, accounts will only include selected accounts.

id

string

The Plaid account_id

name

string

The official account name

mask

nullablestring

LinkAccountSubtype

The account subtype. See the Account schema for a full list of possible values

type

LinkAccountType

The account type. See the Account schema for a full list of possible values

nullablestring

The accounts object includes an Item's micro-deposit verification status. Possible values are:
pending_automatic_verification: The Item is pending automatic verification
pending_manual_verification: The Item is pending manual micro-deposit verification. Items remain in this state until the user successfully verifies the deposit.
automatically_verified: The Item has successfully been automatically verified
manually_verified: The Item has successfully been manually verified
verification_expired: Plaid was unable to automatically verify the deposit within 7 calendar days and will no longer attempt to validate the Item. Users may retry by submitting their information again through Link.
verification_failed: The Item failed manual micro-deposit verification because the user exhausted all 3 verification attempts. Users may retry by submitting their information again through Link.
null: The Item is not using micro-deposit verification.

nullableobject

An institution object. If the Item was created via Same-Day micro-deposit verification, will be null.

name

string

The full institution name, such as 'Wells Fargo'

string

The Plaid institution identifier

nullableString

A unique identifier associated with a user's actions and events through the Link flow. Include this identifier when opening a support ticket for faster turnaround.

nullableMap

The data directly returned from the server with no client side changes.

MainActivity
Select Language
1class MainActivity : AppCompatActivity() {
2
private val resultHandler = PlaidLinkResultHandler(
  // ...
  onSuccess = { it: LinkConnection ->
    // Send public_token to your server, exchange for access_token
    val publicToken = it.publicToken
8
    val metadata = it.linkConnectionMetadata
    val accountId = metadata.accounts.first().accountId
    val accountName = metadata.accounts.first().accountName
    val accountNumber = metadata.accounts.first().accountNumber
    val accountType = metadata.accounts.first().accountType
    val accountSubType = metadata.accounts.first().accountSubType
    val institutionId = metadata.institutionId
    val institutionName = metadata.institutionName
  }
)
19}

onExit

The onExit handler is called when a user exits Link without successfully linking an Item, or when an error occurs during Link initialization. The PlaidError returned from the onExit handler is meant to help you guide your users after they have exited Link. We recommend storing the error and metadata information server-side in a way that can be associated with the user. You’ll also need to include this and any other relevant information in Plaid Support requests for the user.

onExit

Map<String, Object>

An object that contains the error type, error code, and error message of the error that was last encountered by the user. If no error was encountered, error will be null.

displayMessage

nullableString

A user-friendly representation of the error code. null if the error is not related to user action. This may change over time and is not safe for programmatic use.

String

The particular error code. Each errorType has a specific set of errorCodes. A code of 499 indicates a client-side exception.

json

String

A string representation of the error code.

String

A broad categorization of the error.

String

A developer-friendly representation of the error code.

errorJson

nullableString

The data directly returned from the server with no client side changes.

LinkExitMetadata

Map<String, Object>

An object containing information about the exit event

nullableString

A unique identifier associated with a user's actions and events through the Link flow. Include this identifier when opening a support ticket for faster turnaround.

nullableobject

An institution object. If the Item was created via Same-Day micro-deposit verification, will be null.

name

string

The full institution name, such as 'Wells Fargo'

string

The Plaid institution identifier

nullableString

The point at which the user exited the Link flow. One of the following values.

User prompted to answer security questions

User prompted to answer multiple choice question(s)

requires_recaptcha

User prompted to solve a reCAPTCHA challenge

User prompted to provide a one-time passcode

User prompted to select a device on which to receive a one-time passcode

User prompted to provide credentials for the selected financial institution or has not yet selected a financial institution

User prompted to select one or more financial accounts to share

User exited the Link flow after unsuccessfully (no results returned) searching for a financial institution

User exited the Link flow after discovering their selected institution is no longer supported by Plaid

An exit status that is not handled by the current version of the SDK

nullableString

The request ID for the last request made by Link. This can be shared with Plaid Support to expedite investigation

MainActivity
Select Language
1class MainActivity : AppCompatActivity() {
2
private val resultHandler = PlaidLinkResultHandler(
  // ...
  onExit = {
    PlaidError error = it.error?
    String errorType = error.errorType
    String errorCode = error.errorCode
    String errorMessage = error.errorMessage
    String displayMessage = error.displayMessage
11
    LinkExitMetadata metadata = it.linkExitMetadata
    String institutionId = metadata.institutionId
    String institutionName = metadata.institutionName
    String linkSessionId = metadata.linkSessionId;
    String requestId = metadata.requestId;
  },
)
19}

onEvent

The onEvent callback is called at certain points in the Link flow. Unlike the handlers for onSuccess and onExit, the onEvent handler is initialized as a global lambda passed to the Plaid class. OPEN events will be sent immediately upon Link’s opening, and remaining events will be sent by the time onSuccess or onExit is called. If you need the exact time when an event happened, use the timestamp property.
The following onEvent callbacks are stable, which means that they will not be deprecated or changed: OPEN, EXIT, HANDOFF, SELECT_INSTITUTION, ERROR, BANK_INCOME_INSIGHTS_COMPLETED, IDENTITY_VERIFICATION_PASS_SESSION, IDENTITY_VERIFICATION_FAIL_SESSION. The remaining callback events are informational and subject to change.

onEvent

String

A string representing the event that has just occurred in the Link flow.

The user has completed the Assets and Bank Income Insights flow.

The user closed the third-party website or mobile app without completing the OAuth flow.

The user has chosen to link a new institution instead of linking a saved institution. This event is only emitted in the Link Remember Me flow.

A recoverable error occurred in the Link flow, see the error_code metadata.

EXIT

The user has exited without completing the Link flow and the onExit callback is fired.

The user encountered an error while completing the third-party's OAuth login flow.

IDENTITY_VERIFICATION_START_STEP

The user has exited Link after successfully linking an Item.

The user has started a step of the Identity Verification flow. The step is indicated by view_name.

IDENTITY_VERIFICATION_PASS_STEP

The user has passed a step of the Identity Verification flow. The step is indicated by view_name.

IDENTITY_VERIFICATION_FAIL_STEP

The user has failed a step of the Identity Verification flow. The step is indicated by view_name.

IDENTITY_VERIFICATION_PENDING_REVIEW_STEP

The user has reached the pending review state.

IDENTITY_VERIFICATION_CREATE_SESSION

The user has started a new Identity Verification session.

IDENTITY_VERIFICATION_RESUME_SESSION

The user has resumed an existing Identity Verification session.

IDENTITY_VERIFICATION_PASS_SESSION

The user has successfully completed their Identity Verification session.

IDENTITY_VERIFICATION_FAIL_SESSION

The user has failed their Identity Verification session.

IDENTITY_VERIFICATION_PENDING_REVIEW_SESSION

The user has completed their Identity Verification session, which is now in a pending review state.

IDENTITY_VERIFICATION_OPEN_UI

The user has opened the UI of their Identity Verification session.

IDENTITY_VERIFICATION_RESUME_UI

The user has resumed the UI of their Identity Verification session.

IDENTITY_VERIFICATION_CLOSE_UI

The user has closed the UI of their Identity Verification session.

The user selected a verification method for a matched institution. This event is emitted only during the Returning User Experience flow.

OPEN

The user has opened Link.

The user has opened my.plaid.com. This event is only emitted when Link is initialized with Assets as a product.

The user has navigated to a third-party website or mobile app in order to complete the OAuth login flow.

The user has searched for an institution.

The user has opted to not provide their phone number to Plaid. This event is only emitted in the Link Remember Me flow.

The user selected a brand, e.g. Bank of America. The SELECT_BRAND event is only emitted for large financial institutions with multiple online banking portals.

The user selected an institution with a DEGRADED health status and was shown a corresponding message.

The user selected an institution with a DOWN health status and was shown a corresponding message.

The user selected an institution Plaid does not support all requested products for and was shown a corresponding message.

The user selected an institution.

The user has submitted an account number. This event emits the account_number_mask metadata to indicate the mask of the account number the user provided.

The user has submitted credentials.

The user has submitted MFA.

The user has submitted their phone number. This event is only emitted in the Link Remember Me flow.

The user has submitted a routing number. This event emits the routing_number metadata to indicate user's routing number.

The TRANSITION_VIEW event indicates that the user has moved from one view to the next.

The user is asked to upload documents (for Income verification).

The user has successfully verified their phone number using OTP. This event is only emitted in the Link Remember Me flow.

The user has viewed data types on the data transparency consent pane.

UNKNOWN

The UNKNOWN event indicates that the event is not handled by the current version of the SDK.

LinkEventMetadata

Map<String, Object>

An object containing information about the event.

accountNumberMask

String

The account number mask extracted from the user-provided account number. If the user-inputted account number is four digits long, account_number_mask is empty. Emitted by SUBMIT_ACCOUNT_NUMBER.

String

The error code that the user encountered. Emitted by: ERROR, EXIT.

String

The error message that the user encountered. Emitted by: ERROR, EXIT.

String

The error type that the user encountered. Emitted by: ERROR, EXIT.

exitStatus

String

The status key indicates the point at which the user exited the Link flow. Emitted by: EXIT.

institutionId

String

The ID of the selected institution. Emitted by: all events.

institutionName

String

The name of the selected institution. Emitted by: all events.

institutionSearchQuery

String

The query used to search for institutions. Emitted by: SEARCH_INSTITUTION.

isUpdateMode

String

Indicates if the current Link session is an update mode session. Emitted by: OPEN.

matchReason

nullablestring

routingNumber

Optional<String>

The routing number submitted by user at the micro-deposits routing number pane. Emitted by SUBMIT_ROUTING_NUMBER.

String

The link_session_id is a unique identifier for a single session of Link. It's always available and will stay constant throughout the flow. Emitted by: all events.

mfaType

String

If set, the user has encountered one of the following MFA types: code device questions selections. Emitted by: SUBMIT_MFA and TRANSITION_VIEW when view_name is MFA.

String

The request ID for the last request made by Link. This can be shared with Plaid Support to expedite investigation. Emitted by: all events.

String

String

An ISO 8601 representation of when the event occurred. For example 2017-09-14T14:42:19.350Z. Emitted by: all events.

viewName

String

The name of the view that is being transitioned to. Emitted by: TRANSITION_VIEW.

The view showing Terms of Service in the identity verification flow.

The user has connected their account.

We ask the user to consent to the privacy policy.

Asking the user for their account credentials.

We disclose the data types being shared.

We ask the user to consent to the privacy policy and disclose data types being shared.

The view requesting document verification in the identity verification flow (configured via "Fallback Settings" in the "Rulesets" section of the template editor).

An error has occurred.

EXIT

Confirming if the user wishes to close Link.

The view representing the "know your customer" step in the identity verification flow.

Link is making a request to our servers.

We ask the matched user to consent to the privacy policy and SMS terms.

We ask the matched user for their account credentials to a matched institution.

We ask the matched user for MFA authentication to verify their identity.

MFA

The user is asked by the institution for additional MFA authentication.

The user is asked to insert their account and routing numbers.

The user is informed they will authenticate with the financial institution via OAuth.

The user was presented with a Google reCAPTCHA to verify they are human.

The risk check step in the identity verification flow (configured via "Risk Rules" in the "Rulesets" section of the template editor).

The watchlist screening step in the identity verification flow.

We ask the user to choose an account.

The user is asked to choose whether to Link instantly or manually (i.e., with micro-deposits).

We ask the user to choose their institution.

The user is asked to select their saved accounts and/or new accounts for linking in the Link Remember Me flow.

The user is asked to pick a saved institution or link a new one in the Link Remember Me flow.

The view in the identity verification flow which uses the camera to confirm there is real user that matches their ID documents.

The user is asked for their phone number in the Link Remember Me flow.

The user is asked to upload documents (for Income verification).

The user is asked to verify their phone OTP in the Link Remember Me flow.

The SMS verification step in the identity verification flow.

nullableString

The data directly returned from the server with no client side changes.

MainActivity
Select Language
1class MainActivity : AppCompatActivity() {
2
3  override fun onCreate(savedInstanceState: Bundle?) {
4
5    Plaid.setLinkEventListener(linkEventListener = {
6      Log.i("Event", it.toString())
7    })
8  }
9}

Plaid Link for React Native

This section provides instructions for maintaining Plaid integrations using the deprecated public_key parameter. These instructions cannot be used for new integrations or for adding OAuth support to existing integrations. For up-to-date content on this topic, see the Link React Native SDK instead. For instructions on updating an existing legacy integration, see the Link token migration guide.

To get started with Plaid Link for React Native youʼll want to sign up for free API keys through the Plaid Dashboard.

Requirements

React Native Version 0.61.3 or higher
See the Android setup guide and iOS setup guide for platform-specific requirements

A new version of the React Native SDK will be released around the 20th of every month. You should keep your version up-to-date to provide the best Plaid Link experience in your application.

Version Compatibility

React Native SDK	Android SDK	iOS SDK	Status
7.x.x	3.2.x	>=2.0.7	Active
6.x.x	3.x.x	>=2.0.1	Active
5.x.x	2.1.x	>=1.1.34	Active
4.x.x	2.0.x	<=1.1.33	Active
3.x.x	1.x.x	<=1.1.33	Deprecated
2.x.x	0.3.x	<=1.1.27	Deprecated
1.x.x	< 0.3.x	<=1.1.24	Deprecated

Getting Started

Installing the SDK

In your react-native project directory, run:

 
1npm install --save react-native-plaid-link-sdk

Next Steps

To set up the SDK for use in your Android application, see the Android setup guide.
To set up the SDK for use in your iOS application, see the iOS setup guide.

PlaidLink

PlaidLink is the the React component used to open Link from a React Native application. PlaidLink renders a Pressable component, which wraps the component you provide and intercepts onPress events to open Link.

plaidLink_legacy

onSuccess

LinkSuccessListener

A function that is called when a user successfully links an Item. The function should expect one argument.

publicKeyConfig

deprecatedLinkPublicKeyConfiguration

A configuration used to open Link with a a public key

publicKey

String

The public_key associated with your account; available from the Dashboard.

oauthConfiguration

Values used to configure the application for OAuth

string

An oauthRedirectUri is required to support OAuth authentication flows when launching Link on a mobile device and using one or more European country codes. Note that any redirect URI must also be added to the Allowed redirect URIs list in the developer dashboard.

string

Displayed once a user has successfully linked their Item.

Array<string>

environment

PlaidEnvironment

The Plaid API environment on which to create user accounts. Possible values are sandbox, development, and production.

Array<PlaidProduct>

Array<LinkAccountSubtype>

"depository": ["checking", "savings"],
"credit": ["all"]

}
For a full list of valid types and subtypes, see the Account schema.
For institutions using OAuth, the filter will not affect the list of institutions shown by the bank in the OAuth window.

string

string

Specify a link_token to authenticate your app with Link. This is a short lived, one-time use token that should be unique for each Link session. In addition to the primary flow, a link_token can be configured to launch Link in update mode. See the /link/token/create endpoint for a full list of configurations.

userLegalName

string

The end user's legal name

userPhoneNumber

string

The end user's phone number

userEmailAddress

string

The end user's email address

string

Specify a webhook to associate with an Item. Plaid fires a webhook when the Item requires updated credentials, when new data is available, or when Auth numbers have been successfully verified.

logLevel

LinkLogLevel

Set the level at which to log statements

Possible values: DEBUG, INFO, WARN, ERROR

extraParams

Record<string, any>

You do not need to use this field unless specifically instructed to by Plaid.

onExit

LinkExitListener

A function that is called when a user exits Link without successfully linking an Item, or when an error occurs during Link initialization. The function should expect one argument.

children

React.ReactNode

The underlying component to render

 
1<PlaidLink
publicKeyConfig={{
  clientName: 'Client Name',
  publicKey: '<INSERT PUBLIC KEY>',
  environment: PlaidEnvironment.SANDBOX,
  products: Array.of(PlaidProduct.AUTH),
  language: 'en',
  countryCodes: Array.of('US'),
  logLevel: LinkLogLevel.DEBUG,
  oauthConfiguration: {
    nonce: '',
    redirectUri: 'https://myapp.example.com',
  },
}}
onSuccess={(success: LinkSuccess) => {
  console.log(success);
}}
onExit={(exit: LinkExit) => {
  console.log(exit);
}}
21>
<Text>Add Account</Text>
23</PlaidLink>

onSuccess

The onSuccess callback returns a LinkSuccess object.

onSuccess

publicToken

String

Displayed once a user has successfully linked their Item.

LinkSuccessMetadata

Displayed once a user has successfully linked their Item.

Array<LinkAccount>

A list of accounts attached to the connected Item. If Account Select is enabled via the developer dashboard, accounts will only include selected accounts.

id

string

The Plaid account_id

name

nullablestring

The official account name

mask

nullablestring

type

LinkAccountType

The account type. See the Account schema for a full list of possible values

LinkAccountSubtype

The account subtype. See the Account schema for a full list of possible values

pending_automatic_verification

nullableLinkAccountVerificationStatus

Indicates an Item's micro-deposit-based verification status.

The Item is pending automatic verification

pending_manual_verification

The Item is pending manual micro-deposit verification. Items remain in this state until the user successfully verifies the deposit.

automatically_verified

The Item has successfully been automatically verified

manually_verified

The Item has successfully been manually verified

verification_expired

Plaid was unable to automatically verify the deposit within 7 calendar days and will no longer attempt to validate the Item. Users may retry by submitting their information again through Link.

verification_failed

The Item failed manual micro-deposit verification because the user exhausted all 3 verification attempts. Users may retry by submitting their information again through Link.

null

The Item is not using micro-deposit verification.

nullableobject

An institution object. If the Item was created via Same-Day micro-deposit verification, will be null.

name

string

The full institution name, such as 'Wells Fargo'

id

string

The Plaid institution identifier

nullableString

A unique identifier associated with a user's actions and events through the Link flow. Include this identifier when opening a support ticket for faster turnaround.

nullableMap

The data directly returned from the server with no client side changes.

onSuccess example
1const onSuccess = (success: LinkSuccess) => {
fetch('https://yourserver.com/get_access_token', {
  method: 'POST',
  body: {
    publicToken: linkSuccess.publicToken,
    accounts: linkSuccess.metadata.accounts,
    institution: linkSuccess.metadata.institution,
    linkSessionId: linkSuccess.metadata.linkSessionId,
  },
});
11};

onExit

LinkError

An object that contains the error type, error code, and error message of the error that was last encountered by the user. If no error was encountered, error will be null.

displayMessage

nullableString

A user-friendly representation of the error code. null if the error is not related to user action. This may change over time and is not safe for programmatic use.

LinkErrorCode

The particular error code. Each errorType has a specific set of errorCodes. A code of 499 indicates a client-side exception.

LinkErrorType

A broad categorization of the error.

String

A developer-friendly representation of the error code.

errorJson

nullableString

The data directly returned from the server with no client side changes.

Map<String, Object>

An object containing information about the exit event

nullableString

A unique identifier associated with a user's actions and events through the Link flow. Include this identifier when opening a support ticket for faster turnaround.

nullableLinkInstitution

An institution object. If the Item was created via Same-Day micro-deposit verification, will be null.

name

string

The full institution name, such as 'Wells Fargo'

id

string

The Plaid institution identifier

nullableLinkExitMetadataStatus

The point at which the user exited the Link flow. One of the following values

User prompted to answer security questions

User prompted to answer multiple choice question(s)

requires_recaptcha

User prompted to solve a reCAPTCHA challenge

User prompted to provide a one-time passcode

User prompted to select a device on which to receive a one-time passcode

User prompted to provide credentials for the selected financial institution or has not yet selected a financial institution

User prompted to select one or more financial accounts to share

requires_oauth

User prompted to enter an OAuth flow

User exited the Link flow after unsuccessfully (no results returned) searching for a financial institution

User exited the Link flow after discovering their selected institution is no longer supported by Plaid

An exit status that is not handled by the current version of the SDK

nullableString

The request ID for the last request made by Link. This can be shared with Plaid Support to expedite investigation

nullableMap

The data directly returned from the server with no client side changes.

onExit example
1const onExit = (linkExit: LinkExit) => {
supportHandler.report({
  error: linkExit.error,
  institution: linkExit.metadata.institution,
  linkSessionId: linkExit.metadata.linkSessionId,
  requestId: linkExitlinkExit.metadata.requestId,
  status: linkExit.metadata.status,
});
9};

onEvent

The React Native Plaid module emits onEvent events throughout the account linking process. To receive these events use the usePlaidEmitter hook.

onEvent

LinkEventName

A string representing the event that has just occurred in the Link flow.

The user has completed the Assets and Bank Income Insights flow.

The user closed the third-party website or mobile app without completing the OAuth flow.

The user has chosen to link a new institution instead of linking a saved institution. This event is only emitted in the Link Remember Me flow.

A recoverable error occurred in the Link flow, see the error_code metadata.

EXIT

The user has exited without completing the Link flow and the onExit callback is fired.

The user encountered an error while completing the third-party's OAuth login flow.

IDENTITY_VERIFICATION_START_STEP

The user has exited Link after successfully linking an Item.

The user has started a step of the Identity Verification flow. The step is indicated by view_name.

IDENTITY_VERIFICATION_PASS_STEP

The user has passed a step of the Identity Verification flow. The step is indicated by view_name.

IDENTITY_VERIFICATION_FAIL_STEP

The user has failed a step of the Identity Verification flow. The step is indicated by view_name.

IDENTITY_VERIFICATION_PENDING_REVIEW_STEP

The user has reached the pending review state.

IDENTITY_VERIFICATION_CREATE_SESSION

The user has started a new Identity Verification session.

IDENTITY_VERIFICATION_RESUME_SESSION

The user has resumed an existing Identity Verification session.

IDENTITY_VERIFICATION_PASS_SESSION

The user has successfully completed their Identity Verification session.

IDENTITY_VERIFICATION_PENDING_REVIEW_SESSION

The user has completed their Identity Verification session, which is now in a pending review state.

IDENTITY_VERIFICATION_FAIL_SESSION

The user has failed their Identity Verification session.

IDENTITY_VERIFICATION_OPEN_UI

The user has opened the UI of their Identity Verification session.

IDENTITY_VERIFICATION_RESUME_UI

The user has resumed the UI of their Identity Verification session.

IDENTITY_VERIFICATION_CLOSE_UI

The user has closed the UI of their Identity Verification session.

The user selected a verification method for a matched institution. This event is emitted only during the Returning User Experience flow.

OPEN

The user has opened Link.

The user has opened my.plaid.com. This event is only sent when Link is initialized with Assets as a product.

The user has navigated to a third-party website or mobile app in order to complete the OAuth login flow.

The user has searched for an institution.

The user selected a brand, e.g. Bank of America. The SELECT_BRAND event is only emitted for large financial institutions with multiple online banking portals.

The user selected an institution with a DEGRADED health status and was shown a corresponding message.

The user selected an institution with a DOWN health status and was shown a corresponding message.

The user selected an institution Plaid does not support all requested products for and was shown a corresponding message.

The user selected an institution.

The user has opted to not provide their phone number to Plaid. This event is only emitted in the Link Remember Me flow.

The user has submitted an account number. This event emits the account_number_mask metadata to indicate the mask of the account number the user provided.

The user has submitted credentials.

The user has submitted MFA.

The user has submitted their phone number. This event is only emitted in the Link Remember Me flow.

The user has submitted a routing number. This event emits the routing_number metadata to indicate user's routing number.

The TRANSITION_VIEW event indicates that the user has moved from one view to the next.

The user has successfully verified their phone number using OTP. This event is only emitted in the Link Remember Me flow.

The user has viewed data types on the data transparency consent pane.

UNKNOWN

The UNKNOWN event indicates that the event is not handled by the current version of the SDK.

LinkEventMetadata

An object containing information about the event.

submitAccountNumber

String

The account number mask extracted from the user-provided account number. If the user-inputted account number is four digits long, account_number_mask is empty. Emitted by SUBMIT_ACCOUNT_NUMBER.

String

The error code that the user encountered. Emitted by: ERROR, EXIT.

String

The error message that the user encountered. Emitted by: ERROR, EXIT.

String

The error type that the user encountered. Emitted by: ERROR, EXIT.

exitStatus

String

The status key indicates the point at which the user exited the Link flow. Emitted by: EXIT.

institutionId

String

The ID of the selected institution. Emitted by: all events.

institutionName

String

The name of the selected institution. Emitted by: all events.

institutionSearchQuery

String

The query used to search for institutions. Emitted by: SEARCH_INSTITUTION.

isUpdateMode

String

Indicates if the current Link session is an update mode session. Emitted by: OPEN.

matchReason

nullablestring

routingNumber

Optional<String>

The routing number submitted by user at the micro-deposits routing number pane. Emitted by SUBMIT_ROUTING_NUMBER.

String

The linkSessionId is a unique identifier for a single session of Link. It's always available and will stay constant throughout the flow. Emitted by: all events.

mfaType

String

If set, the user has encountered one of the following MFA types: code device questions selections. Emitted by: SUBMIT_MFA and TRANSITION_VIEW when view_name is MFA.

String

The request ID for the last request made by Link. This can be shared with Plaid Support to expedite investigation. Emitted by: all events.

String

String

An ISO 8601 representation of when the event occurred. For example, 2017-09-14T14:42:19.350Z. Emitted by: all events.

viewName

LinkEventViewName

The name of the view that is being transitioned to. Emitted by: TRANSITION_VIEW.

The view showing Terms of Service in the identity verification flow.

The user has connected their account.

We ask the user to consent to the privacy policy.

Asking the user for their account credentials.

We disclose the data types being shared.

We ask the user to consent to the privacy policy and disclose data types being shared.

The view requesting document verification in the identity verification flow (configured via "Fallback Settings" in the "Rulesets" section of the template editor).

An error has occurred.

EXIT

Confirming if the user wishes to close Link.

The view representing the "know your customer" step in the identity verification flow.

Link is making a request to our servers.

We ask the matched user to consent to the privacy policy and SMS terms.

We ask the matched user for their account credentials to a matched institution.

We ask the matched user for MFA authentication to verify their identity.

MFA

The user is asked by the institution for additional MFA authentication.

The user is asked to insert their account and routing numbers.

The user is informed they will authenticate with the financial institution via OAuth.

The user was presented with a Google reCAPTCHA to verify they are human.

The risk check step in the identity verification flow (configured via "Risk Rules" in the "Rulesets" section of the template editor).

The watchlist screening step in the identity verification flow.

We ask the user to choose an account.

The user is asked to choose whether to Link instantly or manually (i.e., with micro-deposits).

We ask the user to choose their institution.

The user is asked to select their saved accounts and/or new accounts for linking in the Link Remember Me flow.

The user is asked to pick a saved institution or link a new one in the Link Remember Me flow.

The view in the identity verification flow which uses the camera to confirm there is real user that matches their ID documents.

The user is asked for their phone number in the Link Remember Me flow.

The user is asked to upload documents (for Income verification).

The user is asked to verify their phone OTP in the Link Remember Me flow.

The SMS verification step in the identity verification flow.

 
1usePlaidEmitter((event: LinkEvent) => {
2  console.log(event);
3});

OAuth

Using Plaid Link with an OAuth flow requires some additional setup instructions. For details, see the OAuth guide.

Upgrading

To upgrade from version 6.x to 7.x, see the 6.x to 7.x migration guide.
To upgrade from version 5.x to 7.x, see the 5.x to 7.x migration guide.

Plaid Link for Webviews

This section provides instructions for maintaining Plaid integrations using the deprecated public_key parameter. These instructions cannot be used for new integrations or for adding OAuth support to existing integrations. For up-to-date content on this topic, see the Link Webview SDK instead. For instructions on updating an existing legacy integration, see the Link token migration guide.

Here you will find instructions on how to integrate and use Plaid Link inside a Webview. We recommend starting with one of our sample Webview apps:

Each example app is runnable (on both simulators and devices) and includes code to initialize Link and process events sent from Link to your app via HTTP redirects.

Installation

Link is optimized to work within Webviews, including on iOS and Android. The Link initialization URL to use for Webviews is:

Link Webview initialization URL
1https://cdn.plaid.com/link/v2/stable/link.html

The Link configuration options for a Webview integration are passed via querystring rather than via a client-side JavaScript call. See the create section below for details on the available initialization parameters.

Communication between Link and your app

Communication between the Webview and your app is handled by HTTP redirects rather than client-side JavaScript callbacks. These redirects should be intercepted by your app. The example apps include sample code to do this.

All redirect URLs have the scheme plaidlink. The event type is communicated via the URL host and data is passed via the querystring.

HTTP redirect scheme
1plaidlink://

There are three supported events, connected, exit, and event, which are documented below.

Create

create_legacy

isWebview

boolean

Set to true, to trigger the Webview integration.

string

Displayed once a user has successfully linked their Item.

env

string

The Plaid API environment on which to create user accounts. Possible values are development, sandbox, respectively. For Production use, use production.

key

string

The public_key associated with your account; available from the Dashboard.

string

A list of Plaid products you wish to use. Valid products are: transactions, auth, identity, assets, investments, liabilities, and payment_initiation. Example: auth,transactions. balance is not a valid value, the Balance product does not require explicit initialization and will automatically be initialized when any other product is initialized. Only institutions that support all requested products will be shown in Link.
In Production, you will be billed for each product that you specify when initializing Link. Note that a product cannot be removed from an Item once the Item has been initialized with that product. To stop billing on an Item for subscription-based products, such as Liabilities, Investments, and Transactions, remove the Item via /item/remove.

string

Specify a Plaid-supported language to localize Link. English will be used by default. Supported languages:

English (en)
French (fr)
Spanish (es)
Dutch (nl)

When using a Link customization, language must be set to match the language used in the customization.

string

<accountType>: [accountSubtype]

object

"depository": ["checking", "savings"],
"credit": ["all"]

}
For a full list of valid types and subtypes, see the Account schema.
For institutions using OAuth, the filter will not affect the list of institutions shown by the bank in the OAuth window.

string

An object of accountTypes composed of an array of accountSubtypes to filter

string

Specify a webhook to associate with an Item. Plaid fires a webhook when the Item requires updated credentials, when new data is available, or when Auth numbers have been successfully verified.

string

string

string

string

An oauthRedirectUri is required to support OAuth authentication flows when launching Link on a mobile device and using one or more European country codes.

oauthStateId

string

An oauthStateId is required to support OAuth authentication flows when re-launching Link on a mobile device and using one or more European country codes.

paymentToken

string

Create example
1https://cdn.plaid.com/link/v2/stable/link.html
?isWebview=true
&clientName=Your%20App
&env=sandbox
&key=PUBLIC_KEY
&product=transactions,auth
&language=en
&countryCodes=US,CA
&webhook=https%3A%2F%2Fyourappurl.com
&linkCustomizationName=default
&token=
&paymentToken=
&oauthNonce=
&oauthRedirectUri=
&oauthStateId=

connected

The connected event is analogous to the onSuccess callback in Link Web and is sent when a user successfully links an Item. The following information is available from the querystring event:

connected

public_token

string

Displayed once a user has successfully linked their Item.

string

The full institution name, such as 'Wells Fargo'

string

The Plaid institution identifier

object

A JSON-stringified representation of the account(s) attached to the connected Item. If Account Select is enabled via the developer dashboard, accounts will only include selected accounts.

_id

string

The Plaid account_id

meta

object

The account metadata

name

string

The official account name

number

nullablestring

type

string

The account type. See the Account schema for a full list of possible values

string

The account subtype. See the Account schema for a full list of possible values

string

When all Auth features are enabled by initializing Link with the user object, the accounts object includes an Item's verification_status. See Auth accounts for a full list of possible values.

class_type

nullablestring

If micro-deposit verification is being used, indicates whether the account being verified is a business or personal account.

transfer_status

nullablestring

The status of a transfer. Returned only when Transfer UI is implemented.

COMPLETE – The transfer was completed.
INCOMPLETE – The transfer could not be completed. For help, see Troubleshooting transfers.

Possible values: COMPLETE, INCOMPLETE

string

A unique identifier associated with a user's actions and events through the Link flow. Include this identifier when opening a support ticket for faster turnaround.

Connected event example
1plaidlink://connected
?public_token=public-sandbox-fb7cca4a-82e6-4707
&institution_id=ins_3
&institution_name=Chase
&accounts='[{"name":"Plaid Savings","id":"QPO8Jo8vdDHMepg41PBwckXm4KdK1yUdmXOwK", "mask": "0000", "type": "depository", "subtype": "checking"}]'
&link_session_id=79e772be-547d-4c9c-8b76-4ac4ed4c441a

accounts schema example
1accounts= [
{
  id: 'ygPnJweommTWNr9doD6ZfGR6GGVQy7fyREmWy',
  name: 'Plaid Checking',
  mask: '0000',
  type: 'depository',
  subtype: 'checking',
  verification_status: ''
},
{
  id: '9ebEyJAl33FRrZNLBG8ECxD9xxpwWnuRNZ1V4',
  name: 'Plaid Saving',
  mask: '1111',
  type: 'depository',
  subtype: 'savings'
}
...
18]

exit

The exit event is analogous to the onExit callback and is sent when a user exits Link without successfully linking an Item, or when an error occurs during Link initialization. Note that on Android devices, an exit event will not be sent if the user exits Link through a system action, such as hitting the browser back button. The following information is available from the querystring:

exit

string

The point at which the user exited the Link flow. One of the following values.

User prompted to answer security questions

User prompted to answer multiple choice question(s)

User prompted to provide a one-time passcode

User prompted to select a device on which to receive a one-time passcode

User prompted to provide credentials for the selected financial institution or has not yet selected a financial institution

User prompted to select one or more financial accounts to share

requires_oauth

User prompted to enter an OAuth flow

User exited the Link flow after unsuccessfully (no results returned) searching for a financial institution

User exited the Link flow after discovering their selected institution is no longer supported by Plaid

String

A broad categorization of the error.

String

The particular error code. Each error_type has a specific set of error_codes.

String

A developer-friendly representation of the error code.

display_message

nullableString

A user-friendly representation of the error code. null if the error is not related to user action. This may change over time and is not safe for programmatic use.

string

The full institution name, such as Wells Fargo

string

The Plaid institution identifier

string

A unique identifier associated with a user's actions and events through the Link flow. Include this identifier when opening a support ticket for faster turnaround.

string

The request ID for the last request made by Link. This can be shared with Plaid Support to expedite investigation.

onExit example
1plaidlink://exit
?status=requires_credentials
&error_type=ITEM_ERROR
&error_code=ITEM_LOGIN_REQUIRED
&error_display_message=The%20credentials%20were%20not%20correct.%20Please%20try%20again.
&error_message=the%20credentials%20were%20not%20correct
&institution_id=ins_3
&institution_name=Chase
&link_session_id=79e772be-547d-4c9c-8b76-4ac4ed4c441a
&request_id=m8MDnv9okwxFNBV

event

The event message is analogous to the Link Web onEvent callback and is called as the user moves through the Link flow. The querystring will always contain all possible keys, though not all keys will have values. The event_name will dictate which keys are populated.

event

event_name

string

A string representing the event that has just occurred in the Link flow.

The user has completed the Assets and Bank Income Insights flow.

The user closed the third-party website or mobile app without completing the OAuth flow.

The user has chosen to link a new institution instead of linking a saved institution. This event is only emitted in the Link Remember Me flow.

A recoverable error occurred in the Link flow, see the error_code metadata.

EXIT

The user has exited without completing the Link flow and the exit callback is fired.

The user encountered an error while completing the third-party's OAuth login flow.

The user has exited Link after successfully linking an Item.

The user selected a verification method for a matched institution. This event is emitted only during the Returning User Experience flow.

OPEN

The user has opened Link.

The user has opened my.plaid.com. This event is only sent when Link is initialized with Assets as a product

The user has navigated to a third-party website or mobile app in order to complete the OAuth login flow.

The user has searched for an institution.

The user selected a brand, e.g. Bank of America. The SELECT_BRAND event is only emitted for large financial institutions with multiple online banking portals.

The user selected an institution with a DEGRADED health status and was shown a corresponding message.

The user selected an institution with a DOWN health status and was shown a corresponding message.

The user selected an institution Plaid does not support all requested products for and was shown a corresponding message.

The user selected an institution.

The user has opted to not provide their phone number to Plaid. This event is only emitted in the Link Remember Me flow.

The user has submitted an account number. This event emits the account_number_mask metadata to indicate the mask of the account number the user provided.

SUBMIT_DOCUMENTS_SUCCESS

The user has submitted credentials.

SUBMIT_DOCUMENTS

The user is being prompted to submit documents for an Income verification flow.

SUBMIT_DOCUMENTS_ERROR

The user encountered an error when submitting documents for an Income verification flow.

The user has successfully submitted documents for an Income verification flow.

The user has submitted MFA.

The user has submitted their phone number. This event is only emitted in the Link Remember Me flow.

The user has submitted a routing number. This event emits the routing_number metadata to indicate user's routing number.

The TRANSITION_VIEW event indicates that the user has moved from one view to the next.

The user has successfully verified their phone number using OTP. This event is only emitted in the Link Remember Me flow.

The user has viewed data types on the data transparency consent pane.

nullablestring

The error type that the user encountered. Emitted by: ERROR, EXIT.

nullablestring

The error code that the user encountered. Emitted by ERROR, EXIT.

nullablestring

The error message that the user encountered. Emitted by: ERROR, EXIT.

exit_status

nullablestring

The status key indicates the point at which the user exited the Link flow. Emitted by: EXIT

nullablestring

The ID of the selected institution. Emitted by: all events.

institution_search_query

nullablestring

The name of the selected institution. Emitted by: all events.

nullablestring

The query used to search for institutions. Emitted by: SEARCH_INSTITUTION.

is_update_mode

nullablestring

Indicates if the current Link session is an update mode session. Emitted by: OPEN.

match_reason

nullablestring

mfa_type

nullablestring

If set, the user has encountered one of the following MFA types: code, device, questions, selections. Emitted by: SUBMIT_MFA and TRANSITION_VIEW when view_name is MFA

view_name

nullablestring

The name of the view that is being transitioned to. Emitted by: TRANSITION_VIEW.

The view showing Terms of Service in the identity verification flow.

The user has connected their account.

We ask the user to consent to the privacy policy.

Asking the user for their account credentials.

We disclose the data types being shared.

We ask the user to consent to the privacy policy and disclose data types being shared.

The view requesting document verification in the identity verification flow (configured via "Fallback Settings" in the "Rulesets" section of the template editor).

An error has occurred.

EXIT

Confirming if the user wishes to close Link.

The view representing the "know your customer" step in the identity verification flow.

Link is making a request to our servers.

We ask the matched user to consent to the privacy policy and SMS terms.

We ask the matched user for their account credentials to a matched institution.

We ask the matched user for MFA authentication to verify their identity.

MFA

The user is asked by the institution for additional MFA authentication.

The user is asked to insert their account and routing numbers.

The user is informed they will authenticate with the financial institution via OAuth.

The user was presented with a Google reCAPTCHA to verify they are human.

The risk check step in the identity verification flow (configured via "Risk Rules" in the "Rulesets" section of the template editor).

The watchlist screening step in the identity verification flow.

We ask the user to choose an account.

We ask the user to choose their institution.

The user is asked to select their saved accounts and/or new accounts for linking in the Link Remember Me flow.

The user is asked to pick a saved institution or link a new one in the Link Remember Me flow.

The view in the identity verification flow which uses the camera to confirm there is real user that matches their ID documents.

The user is asked for their phone number in the Link Remember Me flow.

The user is asked to verify their phone OTP in the Link Remember Me flow.

The SMS verification step in the identity verification flow.

string

The request ID for the last request made by Link. This can be shared with Plaid Support to expedite investigation. Emitted by: all events.

string

The link_session_id is a unique identifier for a single session of Link. It's always available and will stay constant throughout the flow. Emitted by: all events.

string

An ISO 8601 representation of when the event occurred. For example 2017-09-14T14:42:19.350Z. Emitted by: all events.

payment_token_expiration_time

nullablestring

Either the verification method for a matched institution selected by the user or the Flexible Auth flow type selected by the user. If selection is used to describe selected verification method, then possible values are phoneotp or password; if selection is used to describe the selected Flexible Auth flow, then possible values are flow_type_manual or flow_type_instant. Emitted by: MATCHED_SELECT_VERIFY_METHOD and SELECT_AUTH_TYPE.

event example
1plaidlink://event
&event_name=SELECT_INSTITUTION
?error_type=ITEM_ERROR
&error_code=ITEM_LOGIN_REQUIRED
&error_message=the%20credentials%20were%20not%20correct
&exit_status
&institution_id=ins_55
&institution_name=HSBC
&institution_search_query=h
&mfa_type
&view_name=ERROR
&request_id
&link_session_id=821f45a8-854a-4dbb-8e5f-73f75350e7e7
&timestamp=2018-10-05T15%3A22%3A50.542Z

Update mode

When to use update mode

Over time, Items may need to refresh authentication information. This can happen if the user changes a password, if MFA requirements change, or if the login becomes locked. An Item can also require its authentication refreshed if it was only authorized for a limited amount of time and that authorization has expired or is about to expire. This can commonly happen to Items from European institutions that comply with the PSD2 regulation, which mandates that access to an Item can only be granted for 90 days at a time before it must be refreshed. Receiving an ITEM_LOGIN_REQUIRED error or a PENDING_EXPIRATION webhook indicates that the Item should be re-initialized via update mode.

Using update mode

To use update mode for an Item, initialize Link with a public_token for the Item that you wish to update. You can obtain the public_token using the /item/public_token/create endpoint:

 
Select Language
1// Create a one-time use public_token for the Item.
2// This public_token can be used to initialize Link
3// in update mode for the user
4app.get('/create_public_token', function(request, response, next) {
5  client.createPublicToken(ACCESS_TOKEN, function(err, res) {
6    if(error != null) {
7      console.log(msg + "\n" + JSON.stringify(err));
8      response.json({error: JSON.stringify(err)}):
9    } else {
10      // Use the public_token to initialize Link
11      var PUBLIC_TOKEN = res.public_token;
12      response.json({public_token: PUBLIC_TOKEN});
13    }
14  });
15});

Link auto-detects the appropriate institution and handles the credential and multi-factor authentication process, if needed.

An Item's access_token does not change when using Link in update mode, so there is no need to repeat the exchange token process.

 
1// Initialize Link with the token parameter
2// set to the generated public_token for the Item
3const linkHandler = Plaid.create({
env: 'sandbox',
clientName: 'Client Name',
key: 'PUBLIC_KEY',
product: ['transactions'],
token: 'GENERATED_PUBLIC_TOKEN',
onSuccess: (public_token, metadata) => {
  // You do not need to repeat the /item/public_token/exchange
  // process when a user uses Link in update mode.
  // The Item's access_token has not changed.
},
onExit: (err, metadata) => {
  // The user exited the Link flow.
  if (err != null) {
    // The user encountered a Plaid API error prior
    // to exiting.
  }
  // metadata contains the most recent API request ID and the
  // Link session ID. Storing this information is helpful
  // for support.
},
24});

Link will automatically detect the institution ID associated with the public_token and present the appropriate credential view to your user.

Related errors

Below is a list of errors that you may encounter in update mode or that may cause you to launch the update mode flow:

ITEM_LOGIN_REQUIRED – The financial institution indicated that the user's password or MFA information has changed. They will need to reauthenticate via Link's update mode.
INVALID_UPDATED_USERNAME – The username associated with an item is no longer valid.

OAuth Integration (Europe)

This section provides instructions for maintaining Plaid integrations using the deprecated public_key parameter. These instructions cannot be used for new integrations or for adding OAuth support to existing integrations. For instructions on updating an existing legacy integration, see the Link token migration guide.

Some European institutions use an OAuth authentication flow, in which Plaid Link redirects the end user to their bank’s website or mobile app to authenticate. If you are initializing Link with one or more European country codes, your integration may require changes in order to support OAuth authentication flows.

Integration Type	Changes Required
Desktop web	No
Mobile web	Yes
WebView	Yes
Android SDK	No
iOS SDK	Yes
React Native for Android	No
React Native for iOS	Yes

If your integration requires changes, you will need to launch Link twice, once before and once after the OAuth redirect. The first time, you will need to provide two additional configuration parameters, oauthNonce and oauthRedirectUri. After the user completes the OAuth flow, Plaid will redirect back to your application via the oauthRedirectUri with a query parameter called oauth_state_id. To complete the Link flow, dismiss the first Link instance and re-initialize Link with two configuration parameters, the oauthNonce from the original Link initialization, as well as the oauthStateId from the oauth_state_id query parameter.

For security, the oauthNonce must be uniquely generated for each login and must be at least 16 characters long. We recommend using a UUID.

Before re-initializing Link, you should re-authenticate the end user to prevent a confused deputy problem. This can be accomplished by including one or more query parameters in your oauthRedirectUri. For example, you could include a parameter called user_id. Before re-initializing Link, you would check that the user_id in the redirect URI matches the user_id in your application state (e.g. a cookie).

Note that in mobile web browsers, if the end user has their bank’s mobile app installed, they will be redirected to the bank’s mobile app to authenticate, after which they will be redirected back to your web application in a new tab.

Allowed redirect URIs

To prevent open redirect attacks, your oauthRedirectUri must be configured through the Plaid Dashboard. For security, the oauthRedirectUri cannot contain the oauthNonce.

App links

For mobile app integrations, the oauthRedirectUri must be registered as an app link to enable app-to-app authentication flows. You will need to configure an Android App Link or an Apple App Association File. Custom URI schemes are not supported; a proper universal link must be used.

Payment Initiation (UK and Europe)

This section provides instructions for maintaining Plaid integrations using the deprecated public_key parameter. These instructions cannot be used for new integrations or for adding OAuth support to existing integrations. For up-to-date content on this topic, see Payment Initiation instead. For instructions on updating an existing legacy integration, see the Link token migration guide.

The UK Payment Initiation API enables payment transfers within your app. Plaid supports both domestic payments denominated in pound sterling (typically via the Faster Payments network, although this is up to the institution) and international payments denominated in euro (typically via SEPA Credit Transfer). Each time a client wants to receive a payment, the end user must authorize the payment in Link before the payment can be initiated.

Note: The revised EU Directive on Payment Services ("PSD2") regulations require strong customer authentication ("SCA") for each payment order.

Initializing Link

To initialize Link for Payment Initiation, set payment_initiation as the only product and include the payment token. If an item has previously been created for the end user making the payment, a public_token can be included to initialize Link directly to the institution associated with the existing Item.

Creating a payment token

Create payment token

The /payment_initiation/payment/token/create endpoint has been deprecated. New Plaid customers will be unable to use this endpoint, and existing customers are encouraged to migrate to the newer, link_token-based flow. The recommended flow is to provide the payment_id to /link/token/create, which returns a link_token used to initialize Link.
The /payment_initiation/payment/token/create is used to create a payment_token, which can then be used in Link initialization to enter a payment initiation flow. You can only use a payment_token once. If this attempt fails, the end user aborts the flow, or the token expires, you will need to create a new payment token. Creating a new payment token does not require end user input.

payment_initiation/payment/token/create

Request fields and example

client_id

string

Your Plaid API client_id. The client_id is required and may be provided either in the PLAID-CLIENT-ID header or as part of a request body.

secret

string

Your Plaid API secret. The secret is required and may be provided either in the PLAID-SECRET header or as part of a request body.

payment_id

requiredstring

The payment_id returned from /payment_initiation/payment/create.

 
Select Language
1const response = await client.createPaymentToken(paymentID).catch((err) => {
2  // handle error
3});
4const paymentToken = response.payment_token;
5const paymentTokenExpirationTime = response.payment_token_expiration_time;

payment_initiation/payment/token/create

Response fields and example

payment_token

string

A payment_token that can be provided to Link initialization to enter the payment initiation flow

string

The date and time at which the token will expire, in ISO 8601 format. A payment_token expires after 15 minutes.

Format: date-time