Add Ocrolus to your app

Use Ocrolus with Plaid Assets to digitize data collection


Plaid and Ocrolus have partnered to offer lenders an easier way to access bank data to make informed loan decisions. Plaid enables businesses to instantly connect a customer's bank account, giving them the ability to authenticate and retrieve account details directly from the financial institution. Ocrolus digitizes bank and credit card statements from all US financial institutions to help lenders digitize their data collection for cash-flow analysis.

With the Plaid + Ocrolus integration, your users can verify their accounts in seconds by inputting their banking credentials in Plaid’s front-end module. Plaid will retrieve the relevant bank information and pass it to Ocrolus for further digestion and reporting in a seamless, secure fashion. Plaid’s mobile-friendly module handles input validation, error handling, and multi-factor authentication, providing a seamless onboarding experience to convert more users for your business.

Getting started

You'll first want to familiarize yourself with Plaid Link, a drop-in integration for the Plaid API that handles input validation, error handling, and multi-factor authentication. You will also need to create or be an existing Ocrolus customer in order to add a bank account.

Your customers will use Link to authenticate with their financial institution and select the bank account they wish to use for payment and verification of assets. From there, you'll receive a Plaid access_token, which you can use generate an Ocrolus processor_token and/or audit_copy_token, depending on your use case, which allow you to quickly and securely verify banking information via the Ocrolus API without having to store that sensitive information yourself.

Instructions

Set up your Plaid and Ocrolus accounts

You'll need accounts at both Plaid and Ocrolus in order to use the Plaid + Ocrolus integration. You'll also need to enable your Plaid account for the Ocrolus integration.

First, you will need to work with the Ocrolus team to sign up for an Ocrolus account, if you do not already have one.

Next, verify that your Plaid account is enabled for the integration. If you do not have a Plaid account, create one. Your account will be automatically enabled for integration access.

To verify that your Plaid account is enabled for the integration, go to the Integrations section of the account dashboard. If the integration is off, simply click the 'Enable' button for Ocrolus to enable the integration.

Create a link_token

In order to integrate with Plaid Link, you will first need to create a link_token. A link_token is a short-lived, one-time use token that is used to authenticate your app with Link. To create one, make a /link/token/create request with your client_id, secret, and a few other required parameters from your app server. View the documentation for a full list of link_token configurations.

To see your client_id and secret, visit the Plaid Dashboard.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
// Using Express
const express = require('express');
const app = express();
app.use(express.json());
const plaid = require('plaid');
const client = new plaid.Client({
clientID: process.env.PLAID_CLIENT_ID,
secret: process.env.PLAID_SECRET,
env: plaid.environments.sandbox,
});
app.post('/create_link_token', async (request, response) => {
try {
// Get the client_user_id by searching for the current user
const user = await User.find(...);
const clientUserId = user.id;
// Create the link_token with all of your configurations
const tokenResponse = await client.createLinkToken({
user: {
client_user_id: clientUserId,
},
client_name: 'Plaid Test App',
products: ["auth"],
country_codes: ['US'],
language: 'en',
webhook: 'https://webhook.sample.com',
});
response.json(tokenResponse);
} catch (e) {
// Display error on client
return response.send({ error: e.message });
}
});
Integrate with Plaid Link

Once you have a link_token, all it takes is a few lines of client-side JavaScript to launch Link. Then, in the onSuccess callback, you can call a simple server-side handler to exchange the Link public_token for a Plaid access_token and a Ocrolus processor_token.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
<button id="linkButton">Open Link - Institution Select</button>
<script src="https://cdn.plaid.com/link/v2/stable/link-initialize.js"></script>
<script>
(async function(){
var linkHandler = Plaid.create({
// Make a request to your server to fetch a new link_token.
token: (await $.post('/create_link_token')).link_token,
onLoad: function() {
// The Link module finished loading.
},
onSuccess: function(public_token, metadata) {
// The onSuccess function is called when the user has
// successfully authenticated and selected an account to
// use.
//
// When called, you will send the public_token
// and the selected account ID, metadata.account_id,
// to your backend app server.
//
// sendDataToBackendServer({
// public_token: public_token,
// account_id: metadata.account_id
// });
console.log('Public Token: ' + public_token);
console.log('Customer-selected account ID: ' + metadata.account_id);
},
onExit: function(err, metadata) {
// The user exited the Link flow.
if (err != null) {
// The user encountered a Plaid API error
// prior to exiting.
}
// metadata contains information about the institution
// that the user selected and the most recent
// API request IDs.
// Storing this information can be helpful for support.
},
});
})();
// Trigger the authentication view
document.getElementById('linkButton').onclick = function() {
linkHandler.open();
};
</script>

See the Link parameter reference for complete documentation on possible configurations.

Plaid.create accepts one argument, a configuration Object, and returns an Object with three functions, open, exit, and destroy. Calling open will display the "Institution Select" view, calling exit will close Link, and calling destroy will clean up the iframe.

Write server-side handler

The Link module handles the entire onboarding flow securely and quickly, but does not actually retrieve account data for a user. Instead, the Link module returns a public_token and an accounts array, which is a property on the metadata object, via the onSuccess callback. Exchange this public_token for a Plaid access_token using the /item/public_token/exchange API endpoint.

Once you have the access_token for the Item, you can create an Ocrolus processor_token and/or audit_copy_token. You'll send these tokens to Ocrolus and they will use them to securely retrieve banking information from Plaid.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
const plaid = require('plaid');
// Change sandbox to development to test with live users;
// Change to production when you're ready to go live!
const plaidClient = new plaid.Client({
clientID: PLAID_CLIENT_ID,
secret: PLAID_SECRET,
env: plaid.environments.sandbox
});
// Exchange the public_token from Plaid Link for an access token.
plaidClient.exchangePublicToken(public_token, function(err, res) {
const accessToken = res.access_token;
// Create a processor token for a specific account id.
plaidClient.createProcessorToken(
accessToken,
accountId,
'ocrolus',
function(err, res) {
const processorToken = res.processor_token;
}
);
});
// Create an Asset Report for the specific access token.
const assetReportDaysRequested = 60;
const assetReportOptions = {};
client.createAssetReport(
[accessToken],
assetReportDaysRequested,
assetReportOptions,
function(err, res) {
if (err != null) {
// handle error
}
const assetReportId = res.asset_report_id;
const assetReportToken = res.asset_report_token;
const ocrolusAuditorId = 'ocrolus';
// Create an audit copy token for the Asset Report.
client.createAuditCopy(
assetReportToken,
ocrolusAuditorId,
function(err, res) {
if (err != null) {
// handle error
}
const auditCopyToken = res.audit_copy_token;
}
)
}
)
});

For a valid request, the API will return a JSON response similar to:

1
2
3
4
{
"processor_token": "processor-sandbox-0asd1-a92nc",
"request_id": "UNIQUE_REQUEST_ID"
}

For a valid audit_copy_token request, the API will return a JSON response similar to:

1
2
3
4
{
"audit_copy_token": "a-sandbox-3TAU2CWVYBDVRHUCAAAI27ULU4",
"request_id": "UNIQUE_REQUEST_ID"
}

For more information on creating Asset Report audit_copy_tokens, see the documentation for the Assets product.

Testing your Ocrolus integration

You can create Ocrolus processor_tokens in Sandbox (sandbox.plaid.com, allows testing with simulated users). To test the integration in Sandbox mode, use the Plaid Sandbox credentials when launching Link with a link_token created in the Sandbox environment.

To move to Development (a free environment that allows limited access with real users) or Production, request access from the Dashboard. You will want to ensure that you have valid Ocrolus Production credentials prior to connecting bank accounts in the Ocrolus API with Plaid.

Support and questions

Find answers to many common integration questions and concerns—such as pricing, sandbox and test mode usage, and more, in our docs.

If you're still stuck, open a support ticket with information describing the issue that you're experiencing and we'll get back to you as soon as we can.