Instant Auth, Instant Match, and Instant Micro-Deposits

Learn how to authenticate your users instantly

Instant Auth

Instant Auth supports more than 3,800 financial institutions with credential-based login. Instant Auth is the default Auth flow and does not require extra configuration steps if Auth is already configured in your app. For clarity and completeness, the section below explains how to configure Instant Auth.

The user signs in to their financial institution
The user signs in to their financial institution
They select the account(s) to share with your application
And the account is verified

You can try out the Instant Match flow in Link Demo. See more details in our testing guide.

Configure & Create a link_token

Create a link_token with the following parameters:

  • products array containing auth – If you are using only auth and no other products, auth must be specified in the Products array. Other products (such as identity) may be specified as well. If you are using multiple products, auth is not required to be specified in the products array, but including it is recommended for the best user experience.
1app.post('/api/create_link_token', async function (request, response) {
2  // Get the client_user_id by searching for the current user
3  const user = await User.find(...);
4  const clientUserId = user.id;
5  const request = {
6    user: {
7      // This should correspond to a unique id for the current user.
8      client_user_id: clientUserId,
9    },
10    client_name: 'Plaid Test App',
11    products: ['auth'],
12    language: 'en',
13    webhook: 'https://webhook.example.com',
14    redirect_uri: 'https://domainname.com/oauth-page.html',
15    country_codes: ['US'],
16  };
17  try {
18    const createTokenResponse = await client.linkTokenCreate(request);
19    response.json(createTokenResponse.data);
20  } catch (error) {
21    // handle error
22  }
23});
Initialize Link with a link_token

After creating a link_token for the auth product, use it to initialize Plaid Link.

When the user inputs their username and password for the financial institution, the onSuccess() callback function will return a public_token.

1Plaid.create({
2  // Fetch a link_token configured for 'auth' from your app server
3  token: (await $.post('/create_link_token')).link_token,
4  onSuccess: (public_token, metadata) => {
5    // Send the public_token and accounts to your app server
6    $.post('/exchange_public_token', {
7      publicToken: public_token,
8      accounts: metadata.accounts,
9    });
10  },
11});
Exchange the public_token and fetch Auth data

In your own backend server, call the /item/public_token/exchange endpoint with the Link public_token received in the onSuccess callback to obtain an access_token. Persist the returned access_token and item_id in your database in relation to the user. You will use the access_token when making requests to the /auth/get endpoint.

Select group for content switcher
1const publicToken = 'public-sandbox-b0e2c4ee-a763-4df5-bfe9-46a46bce993d';
2

3try {
4  // Obtain an access_token from the Link public_token
5  const tokenResponse = await client.itemPublicTokenExchange({
6      public_token: publicToken}),
7  const accessToken = tokenResponse.access_token;
8

9  // Instantly fetch Auth numbers
10  const request: AuthGetRequest = {
11    access_token: accessToken,
12  };
13  const response = await plaidClient.authGet(request);
14  const numbers = response.numbers;
15} catch (err) {
16  // handle error
17}

Check out the /auth/get API reference documentation to see the full Auth request and response schema.

1{
2  "numbers": {
3    "ach": [
4      {
5        "account_id": "vzeNDwK7KQIm4yEog683uElbp9GRLEFXGK98D",
6        "account": "9900009606",
7        "routing": "011401533",
8        "wire_routing": "021000021"
9      }
10    ],
11    "eft": [],
12    "international": [],
13    "bacs": []
14  },
15  "accounts": [{ Object }],
16  "item": { Object },
17  "request_id": "m8MDnv9okwxFNBV"
18}

Instant Match

Instant Match is available for approximately 1,500 U.S. additional financial institutions where Instant Auth is not available. Instant Match is enabled automatically for Auth customers and is automatically provided at supported institutions as a fallback experience when Instant Auth is not available. When using Instant Match, Plaid Link will prompt your user to enter their account number and routing number for a depository account. Plaid will then verify the last four digits of the user-provided account number against the account mask retrieved from the financial institution.

The user signs in to their financial institution
The user signs in to their financial institution
They select the account(s) to share with your application
They verify their bank's routing number...
...and their account number.
If those numbers match the accounts masks that Plaid has retrieved, the account is verified

You can try out the Instant Match flow in Link Demo. See more details in our testing guide.

When using the Instant Match flow, the user can verify only a single account. Even if the Account Select properties allow selecting all or multiple accounts, the ability to select multiple depository accounts for Auth will be disabled in Link if the institution is using the Instant Match flow.

Configuring in Link

Instant Match will be enabled automatically if you configure the link_token with the following parameters:

  • add "auth" to products array
  • country_codes set to ['US'] (adding any other countries to the array will disable Instant Match)

Optionally, you can disable Instant Match on a per-session basis via the /link/token/create call, by setting "auth.instant_match_enabled": false in the request body. If you would like to disable Instant Match automatically for all Link sessions, contact your Account Manager or file a support ticket via the Dashboard.

1const request: LinkTokenCreateRequest = {
2  user: { client_user_id: new Date().getTime().toString() },
3  client_name: 'Plaid App',
4  products: [Products.Auth],
5  country_codes: [CountryCode.Us],
6  language: 'en',
7};
8try {
9  const response = await plaidClient.linkTokenCreate(request);
10  const linkToken = response.data.link_token;
11} catch (error) {
12  // handle error
13}
Handling Link events

For a user who goes through the Instant Match flow, the TRANSITION_VIEW (view_name = NUMBERS) event will occur after SUBMIT_CREDENTIALS, and in the onSuccess callback the verification_status will be null because the user would have been verified instantly.

1OPEN (view_name = CONSENT)
2TRANSITION_VIEW view_name = SELECT_INSTITUTION)
3SEARCH_INSTITUTION
4SELECT_INSTITUTION
5TRANSITION_VIEW (view_name = CREDENTIAL)
6SUBMIT_CREDENTIALS
7TRANSITION_VIEW (view_name = LOADING)
8TRANSITION_VIEW (view_name = MFA, mfa_type = code)
9SUBMIT_MFA (mfa_type = code)
10TRANSITION_VIEW (view_name = LOADING)
11TRANSITION_VIEW (view_name = SELECT_ACCOUNT)
12TRANSITION_VIEW (view_name = NUMBERS)
13TRANSITION_VIEW (view_name = LOADING)
14TRANSITION_VIEW (view_name = CONNECTED)
15HANDOFF
16onSuccess (verification_status: null)

Instant Micro-deposits

Instant Micro-deposits is the Plaid product term for our ability to authenticate any bank account in the US that is supported by RTP or FedNow. For over 80 Plaid-supported banks, Instant Micro-deposits is the fastest and highest-converting form of Auth support available. If both Instant Micro-deposits and Same Day Micro-deposits are enabled, any user who attempts a micro-deposit with one of the over 400 eligible RTP or FedNow routing numbers will automatically experience the Instant Micro-deposits flow and be able to verify instantly.

Instant Micro-deposit flow
The user opens Plaid Link.
The user opens Plaid Link.
They select their institution.
They enter their account information...
...legal name...
...and the account type.
The user authorizes Plaid to make a deposit, and the deposit is made immediately.
The user is then prompted to enter the code associated with the deposit.
If the code matches the one that Plaid generated with the deposit description, the user's account is verified.
  1. Starting on a page in your app, the user clicks an action that opens Plaid Link.
  2. Inside of Plaid Link, the user enters the micro-deposit initiation flow and provides their legal name, account and routing number.
  3. Plaid sends a micro-deposit to the user's account that will post within 5 seconds, and directs the user to log into their bank account to obtain the code from the micro-deposit description.
  4. The user enters the code from the micro-deposit description into Plaid Link.
  5. Upon success, Link closes with a public_token and a metadata account status of manually_verified.

Plaid will not reverse the $0.01 micro-deposit credit.

When these steps are done, your user's Auth data is verified and ready to fetch.

Configuring in Link

Instant Micro-deposits will be enabled if you configure the link_token with the following parameters:

  • Set the products array to ["auth"]. While in most cases additional products can be added to existing Plaid Items, Items created for micro-deposit verification are an exception and cannot be used with any Plaid products other than Auth or Transfer.

Approximately 30% of Items verified by Instant micro-deposits can also be verified by /identity/match. For more details on using Identity Match with these Items, see Identity Match.

  • country_codes set to ['US'] (adding any other countries to the array will disable Instant Micro-deposits)
  • auth.instant_microdeposits_enabled set to true. For Plaid teams created prior to November 2023 this setting is not required; for newer teams, it must be manually configured.

If you would like to enable or disable Instant Micro-deposits automatically for all Link sessions, contact your Account Manager or file a support ticket via the Dashboard. Optionally, you can disable Instant Micro-deposits on a per-session basis via the /link/token/create call, by setting "auth.instant_microdeposits_enabled": false in the request body.

Entering the Instant Micro-deposit flow

Your user will enter the Instant Micro-deposit flow in the following scenarios:

  • The user selects an eligible institution that is not enabled for Instant Auth, Instant Match, or Automated Micro-deposits.
  • The Link session has Same Day Micro-deposits enabled and the user enters an eligible routing number during the Same Day Micro-deposits flow. In this case, the session will be "upgraded" to use Instant Micro-deposits rather than Same-Day Micro-deposits.
Instant Micro-deposit events

When a user goes through the Instant micro-deposits flow, the session will have the TRANSITION_VIEW (view_name = NUMBERS) event and a TRANSITION_VIEW (view_name = INSTANT_MICRODEPOSIT_AUTHORIZED) event after the user authorizes Plaid to send a micro-deposit to the submitted account and routing number. In the onSuccess callback the verification_status will be manually_verified since, unlike Same Day Micro-deposits, Instant Micro-deposits will resolve to either a success or fail state within a single Link session.

Testing the Instant Micro-deposit flow

For credentials that can be used to test Instant Micro-deposits in Sandbox, see Auth testing flows.

Automated Micro-deposits

Integrate the automated micro-deposit flow

View guide

Same Day Micro-deposits

Integrate the manual micro-deposit flow

View guide

Testing in Sandbox

Learn how to test each Auth flow in the Sandbox

View guide