Auth

API reference for Auth endpoints and webhooks

Retrieve bank account information to set up electronic funds transfers, such as ACH payments in the US, EFT payments in Canada, BACS payments in the UK, and IBAN / SIC payments in the EU.

Endpoints
/auth/getFetch account information
See also
/processor/token/createCreate a token for using Auth with a processing partner
/sandbox/processor_token/createCreate a token for testing Auth with a processing partner
/processor/stripe/bank_account_token/createCreate a token for using Auth with Stripe as a processing partner
Webhooks
AUTOMATICALLY_VERIFIEDItem has been verified
VERIFICATION_EXPIREDItem verification has failed

Endpoints

/auth/get

Retrieve auth data

The /auth/get endpoint returns the bank account and bank identification numbers (such as routing numbers, for US accounts) associated with an Item's checking and savings accounts, along with high-level account data and balances when available.
Note: This request may take some time to complete if auth was not specified as an initial product when creating the Item. This is because Plaid must communicate directly with the institution to retrieve the data.
Also note that /auth/get will not return data for any new accounts opened after the Item was created. To obtain data for new accounts, create a new Item.
Versioning note: In API version 2017-03-08, the schema of the numbers object returned by this endpoint is substantially different. For details, see Plaid API versioning.

auth/get

Request fields and example

client_id
string
Your Plaid API client_id. The client_id is required and may be provided either in the PLAID-CLIENT-ID header or as part of a request body.
secret
string
Your Plaid API secret. The secret is required and may be provided either in the PLAID-SECRET header or as part of a request body.
access_token
requiredstring
The access token associated with the Item data is being requested for.
options
object
An optional object to filter /auth/get results.
account_ids
[string]
A list of account_ids to retrieve for the Item. Note: An error will be returned if a provided account_id is not associated with the Item.
Select group for content switcher
1const request: AuthGetRequest = {
2  access_token: accessToken,
3};
4try {
5  const response = await plaidClient.authGet(request);
6  const accountData = response.data.accounts;
7  const numbers = response.data.numbers;
8} catch (error) {
9  // handle error
10}
auth/get

Response fields and example

accounts
[object]
The accounts for which numbers are being retrieved.
account_id
string
Plaid’s unique identifier for the account. This value will not change unless Plaid can't reconcile the account with the data returned by the financial institution. This may occur, for example, when the name of the account changes. If this happens a new account_id will be assigned to the account.
The account_id can also change if the access_token is deleted and the same credentials that were used to generate that access_token are used to generate a new access_token on a later date. In that case, the new account_id will be different from the old account_id.
If an account with a specific account_id disappears instead of changing, the account is likely closed. Closed accounts are not returned by the Plaid API.
Like all Plaid identifiers, the account_id is case sensitive.
balances
object
A set of fields describing the balance for an account. Balance information may be cached unless the balance object was returned by /accounts/balance/get.
available
nullable number
The amount of funds available to be withdrawn from the account, as determined by the financial institution.
For credit-type accounts, the available balance typically equals the limit less the current balance, less any pending outflows plus any pending inflows.
For depository-type accounts, the available balance typically equals the current balance less any pending outflows plus any pending inflows. For depository-type accounts, the available balance does not include the overdraft limit.
For investment-type accounts (or brokerage-type accounts for API versions 2018-05-22 and earlier), the available balance is the total cash available to withdraw as presented by the institution.
Note that not all institutions calculate the available balance. In the event that available balance is unavailable, Plaid will return an available balance value of null.
Available balance may be cached and is not guaranteed to be up-to-date in realtime unless the value was returned by /accounts/balance/get.
If current is null this field is guaranteed not to be null.

Format: double
current
nullable number
The total amount of funds in or owed by the account.
For credit-type accounts, a positive balance indicates the amount owed; a negative amount indicates the lender owing the account holder.
For loan-type accounts, the current balance is the principal remaining on the loan, except in the case of student loan accounts at Sallie Mae (ins_116944). For Sallie Mae student loans, the account's balance includes both principal and any outstanding interest.
For investment-type accounts (or brokerage-type accounts for API versions 2018-05-22 and earlier), the current balance is the total value of assets as presented by the institution.
Note that balance information may be cached unless the value was returned by /accounts/balance/get; if the Item is enabled for Transactions, the balance will be at least as recent as the most recent Transaction update. If you require realtime balance information, use the available balance as provided by /accounts/balance/get.
When returned by /accounts/balance/get, this field may be null. When this happens, available is guaranteed not to be null.

Format: double
limit
nullable number
For credit-type accounts, this represents the credit limit.
For depository-type accounts, this represents the pre-arranged overdraft limit, which is common for current (checking) accounts in Europe.
In North America, this field is typically only available for credit-type accounts.

Format: double
iso_currency_code
nullable string
The ISO-4217 currency code of the balance. Always null if unofficial_currency_code is non-null.
unofficial_currency_code
nullable string
The unofficial currency code associated with the balance. Always null if iso_currency_code is non-null. Unofficial currency codes are used for currencies that do not have official ISO currency codes, such as cryptocurrencies and the currencies of certain countries.
See the currency code schema for a full listing of supported unofficial_currency_codes.
last_updated_datetime
nullable string
Timestamp in ISO 8601 format (YYYY-MM-DDTHH:mm:ssZ) indicating the last time that the balance for the given account has been updated
This is currently only provided when the min_last_updated_datetime is passed when calling /accounts/balance/get for ins_128026 (Capital One).

Format: date-time
mask
nullable string
The last 2-4 alphanumeric characters of an account's official account number. Note that the mask may be non-unique between an Item's accounts, and it may also not match the mask that the bank displays to the user.
name
string
The name of the account, either assigned by the user or by the financial institution itself
official_name
nullable string
The official name of the account as given by the financial institution
type
string
investment: Investment account. In API versions 2018-05-22 and earlier, this type is called brokerage instead.
credit: Credit card
depository: Depository account
loan: Loan account
other: Non-specified account type
See the Account type schema for a full listing of account types and corresponding subtypes.

Possible values: investment, credit, depository, loan, brokerage, other
subtype
nullable string
See the Account type schema for a full listing of account types and corresponding subtypes.

Possible values: 401a, 401k, 403B, 457b, 529, brokerage, cash isa, education savings account, ebt, fixed annuity, gic, health reimbursement arrangement, hsa, isa, ira, lif, life insurance, lira, lrif, lrsp, non-taxable brokerage account, other, other insurance, other annuity, prif, rdsp, resp, rlif, rrif, pension, profit sharing plan, retirement, roth, roth 401k, rrsp, sep ira, simple ira, sipp, stock plan, thrift savings plan, tfsa, trust, ugma, utma, variable annuity, credit card, paypal, cd, checking, savings, money market, prepaid, auto, business, commercial, construction, consumer, home equity, loan, mortgage, overdraft, line of credit, student, cash management, keogh, mutual fund, recurring, rewards, safe deposit, sarsep, payroll, null
verification_status
string
The current verification status of an Auth Item initiated through Automated or Manual micro-deposits. Returned for Auth Items only.
pending_automatic_verification: The Item is pending automatic verification
pending_manual_verification: The Item is pending manual micro-deposit verification. Items remain in this state until the user successfully verifies the two amounts.
automatically_verified: The Item has successfully been automatically verified
manually_verified: The Item has successfully been manually verified
verification_expired: Plaid was unable to automatically verify the deposit within 7 calendar days and will no longer attempt to validate the Item. Users may retry by submitting their information again through Link.
verification_failed: The Item failed manual micro-deposit verification because the user exhausted all 3 verification attempts. Users may retry by submitting their information again through Link.

Possible values: automatically_verified, pending_automatic_verification, pending_manual_verification, manually_verified, verification_expired, verification_failed
numbers
object
An object containing identifying numbers used for making electronic transfers to and from the accounts. The identifying number type (ACH, EFT, IBAN, or BACS) used will depend on the country of the account. An account may have more than one number type. If a particular identifying number type is not used by any accounts for which data has been requested, the array for that type will be empty.
ach
[object]
An array of ACH numbers identifying accounts.
account_id
string
The Plaid account ID associated with the account numbers
account
string
The ACH account number for the account.
Note that when using OAuth with Chase Bank (ins_56), Chase will issue "tokenized" routing and account numbers, which are not the user's actual account and routing numbers. These tokenized numbers should work identically to normal account and routing numbers. The digits returned in the mask field will continue to reflect the actual account number, rather than the tokenized account number; for this reason, when displaying account numbers to the user to help them identify their account in your UI, always use the mask rather than truncating the account number. If a user revokes their permissions to your app, the tokenized numbers will continue to work for ACH deposits, but not withdrawals.
routing
string
The ACH routing number for the account. If the institution is ins_56, this may be a tokenized routing number. For more information, see the description of the account field.
wire_routing
nullable string
The wire transfer routing number for the account, if available
eft
[object]
An array of EFT numbers identifying accounts.
account_id
string
The Plaid account ID associated with the account numbers
account
string
The EFT account number for the account
institution
string
The EFT institution number for the account
branch
string
The EFT branch number for the account
international
[object]
An array of IBAN numbers identifying accounts.
account_id
string
The Plaid account ID associated with the account numbers
iban
string
The International Bank Account Number (IBAN) for the account
bic
string
The Bank Identifier Code (BIC) for the account
bacs
[object]
An array of BACS numbers identifying accounts.
account_id
string
The Plaid account ID associated with the account numbers
account
string
The BACS account number for the account
sort_code
string
The BACS sort code for the account
item
object
Metadata about the Item.
item_id
string
The Plaid Item ID. The item_id is always unique; linking the same account at the same institution twice will result in two Items with different item_id values. Like all Plaid identifiers, the item_id is case-sensitive.
institution_id
nullable string
The Plaid Institution ID associated with the Item. Field is null for Items created via Same Day Micro-deposits.
webhook
nullable string
The URL registered to receive webhooks for the Item.
error
nullable object
We use standard HTTP response codes for success and failure notifications, and our errors are further classified by error_type. In general, 200 HTTP codes correspond to success, 40X codes are for developer- or user-related failures, and 50X codes are for Plaid-related issues. Error fields will be null if no error has occurred.
error_type
string
A broad categorization of the error. Safe for programmatic use.

Possible values: INVALID_REQUEST, INVALID_RESULT, INVALID_INPUT, INSTITUTION_ERROR, RATE_LIMIT_EXCEEDED, API_ERROR, ITEM_ERROR, ASSET_REPORT_ERROR, RECAPTCHA_ERROR, OAUTH_ERROR, PAYMENT_ERROR, BANK_TRANSFER_ERROR, INCOME_VERIFICATION_ERROR
error_code
string
The particular error code. Safe for programmatic use.
error_message
string
A developer-friendly representation of the error code. This may change over time and is not safe for programmatic use.
display_message
nullable string
A user-friendly representation of the error code. null if the error is not related to user action.
This may change over time and is not safe for programmatic use.
request_id
string
A unique ID identifying the request, to be used for troubleshooting purposes. This field will be omitted in errors provided by webhooks.
causes
array
In the Assets product, a request can pertain to more than one Item. If an error is returned for such a request, causes will return an array of errors containing a breakdown of these errors on the individual Item level, if any can be identified.
causes will only be provided for the error_type ASSET_REPORT_ERROR. causes will also not be populated inside an error nested within a warning object.
status
nullable number
The HTTP status code associated with the error. This will only be returned in the response body when the error information is provided via a webhook.
documentation_url
string
The URL of a Plaid documentation page with more information about the error
suggested_action
nullable string
Suggested steps for resolving the error
available_products
[string]
A list of products available for the Item that have not yet been accessed. The contents of this array will be mutually exclusive with billed_products.

Possible values: assets, auth, balance, identity, investments, liabilities, payment_initiation, transactions, credit_details, income, income_verification, deposit_switch, standing_orders, transfer, employment, recurring_transactions
billed_products
[string]
A list of products that have been billed for the Item. The contents of this array will be mutually exclusive with available_products. Note - billed_products is populated in all environments but only requests in Production are billed. Also note that products that are billed on a pay-per-call basis rather than a pay-per-Item basis, such as balance, will not appear here.

Possible values: assets, auth, balance, identity, investments, liabilities, payment_initiation, transactions, credit_details, income, income_verification, deposit_switch, standing_orders, transfer, employment, recurring_transactions
products
[string]
A list of authorized products for the Item.

Possible values: assets, auth, balance, identity, investments, liabilities, payment_initiation, transactions, credit_details, income, income_verification, deposit_switch, standing_orders, transfer, employment, recurring_transactions
consented_products
[string]
Beta: A list of products that have gone through consent collection for the Item. Only present for those enabled in the beta.

Possible values: assets, auth, balance, identity, investments, liabilities, payment_initiation, transactions, credit_details, income, income_verification, deposit_switch, standing_orders, transfer, employment, recurring_transactions
consent_expiration_time
nullable string
The RFC 3339 timestamp after which the consent provided by the end user will expire. Upon consent expiration, the item will enter the ITEM_LOGIN_REQUIRED error state. To circumvent the ITEM_LOGIN_REQUIRED error and maintain continuous consent, the end user can reauthenticate via Link’s update mode in advance of the consent expiration time.
Note - This is only relevant for certain OAuth-based institutions. For all other institutions, this field will be null.

Format: date-time
update_type
string
Indicates whether an Item requires user interaction to be updated, which can be the case for Items with some forms of two-factor authentication.
background - Item can be updated in the background
user_present_required - Item requires user interaction to be updated

Possible values: background, user_present_required
request_id
string
A unique identifier for the request, which can be used for troubleshooting. This identifier, like all Plaid identifiers, is case sensitive.
1{
2  "accounts": [
3    {
4      "account_id": "vzeNDwK7KQIm4yEog683uElbp9GRLEFXGK98D",
5      "balances": {
6        "available": 100,
7        "current": 110,
8        "limit": null,
9        "iso_currency_code": "USD",
10        "unofficial_currency_code": null
11      },
12      "mask": "9606",
13      "name": "Plaid Checking",
14      "official_name": "Plaid Gold Checking",
15      "subtype": "checking",
16      "type": "depository"
17    }
18  ],
19  "numbers": {
20    "ach": [
21      {
22        "account": "9900009606",
23        "account_id": "vzeNDwK7KQIm4yEog683uElbp9GRLEFXGK98D",
24        "routing": "011401533",
25        "wire_routing": "021000021"
26      }
27    ],
28    "eft": [
29      {
30        "account": "111122223333",
31        "account_id": "vzeNDwK7KQIm4yEog683uElbp9GRLEFXGK98D",
32        "institution": "021",
33        "branch": "01140"
34      }
35    ],
36    "international": [
37      {
38        "account_id": "vzeNDwK7KQIm4yEog683uElbp9GRLEFXGK98D",
39        "bic": "NWBKGB21",
40        "iban": "GB29NWBK60161331926819"
41      }
42    ],
43    "bacs": [
44      {
45        "account": "31926819",
46        "account_id": "vzeNDwK7KQIm4yEog683uElbp9GRLEFXGK98D",
47        "sort_code": "601613"
48      }
49    ]
50  },
51  "item": {
52    "available_products": [
53      "balance",
54      "identity",
55      "payment_initiation",
56      "transactions"
57    ],
58    "billed_products": [
59      "assets",
60      "auth"
61    ],
62    "consent_expiration_time": null,
63    "error": null,
64    "institution_id": "ins_117650",
65    "item_id": "DWVAAPWq4RHGlEaNyGKRTAnPLaEmo8Cvq7na6",
66    "update_type": "background",
67    "webhook": "https://www.genericwebhookurl.com/webhook"
68  },
69  "request_id": "m8MDnv9okwxFNBV"
70}

Webhooks

Updates are sent for Items that are linked using automated micro-deposits. All webhooks related to Auth have a webhook_type of AUTH.

When an automated micro-deposit is created, Plaid sends a webhook upon successful verification. If verification does not succeed after seven days for an automated micro-deposit, Plaid sends a VERIFICATION_EXPIRED webhook. If you attempt to retrieve an automated micro-deposit Item before verification succeeds, you’ll receive a response with the HTTP status code 400 and a Plaid error code of PRODUCT_NOT_READY. Note that Plaid does not send webhooks to report on the verification status of Same-Day micro-deposits, but you may use Bank Transfers webhooks to access the underlying ACH events of micro-deposits.

AUTOMATICALLY_VERIFIED

Fired when an Item is verified via automated micro-deposits. We recommend communicating to your users when this event is received to notify them that their account is verified and ready for use.

webhook_type
string
AUTH
webhook_code
string
AUTOMATICALLY_VERIFIED
account_id
string
The account_id of the account associated with the webhook
item_id
string
The item_id of the Item associated with this webhook, warning, or error
1{
2  "webhook_type": "AUTH",
3  "webhook_code": "AUTOMATICALLY_VERIFIED",
4  "item_id": "eVBnVMp7zdTJLkRNr33Rs6zr7KNJqBFL9DrE6",
5  "account_id": "dVzbVMLjrxTnLjX4G66XUp5GLklm4oiZy88yK"
6}

VERIFICATION_EXPIRED

Fired when an Item was not verified via automated micro-deposits after seven days since the automated micro-deposit was made.

webhook_type
string
AUTH
webhook_code
string
VERIFICATION_EXPIRED
item_id
string
The item_id of the Item associated with this webhook, warning, or error
account_id
string
The account_id of the account associated with the webhook
1{
2  "webhook_type": "AUTH",
3  "webhook_code": "VERIFICATION_EXPIRED",
4  "item_id": "eVBnVMp7zdTJLkRNr33Rs6zr7KNJqBFL9DrE6",
5  "account_id": "BxBXxLj1m4HMXBm9WZZmCWVbPjX16EHwv99vp"
6}