Instant Auth, Instant Match, and Instant Micro-Deposits
Learn how to authenticate your users instantly
Instant Auth
Instant Auth supports more than 6,200 financial institutions with credential-based login. Instant Auth is the default Auth flow and does not require extra configuration steps if Auth is already configured in your app. For clarity and completeness, the section below explains how to configure Instant Auth.
You can try out the Instant Match flow in Link Demo. See more details in our testing guide.
Configure & Create a link_token
Create a link_token
with the following parameters:
products
array containingauth
– If you are using onlyauth
and no other products,auth
must be specified in the Products array. Other products (such asidentity
) may be specified as well. If you are using multiple products,auth
is not required to be specified in the products array, but including it is recommended for the best user experience.
1app.post('/api/create_link_token', async function (request, response) {2 // Get the client_user_id by searching for the current user3 const user = await User.find(...);4 const clientUserId = user.id;5 const request = {6 user: {7 // This should correspond to a unique id for the current user.8 client_user_id: clientUserId,9 },10 client_name: 'Plaid Test App',11 products: ['auth'],12 language: 'en',13 webhook: 'https://webhook.example.com',14 redirect_uri: 'https://domainname.com/oauth-page.html',15 country_codes: ['US'],16 };17 try {18 const createTokenResponse = await client.linkTokenCreate(request);19 response.json(createTokenResponse.data);20 } catch (error) {21 // handle error22 }23});
Initialize Link with a link_token
After creating a link_token
for the auth
product, use it to initialize Plaid Link.
When the user inputs their username and password for the financial institution,
the onSuccess()
callback function will return a public_token
.
1Plaid.create({2 // Fetch a link_token configured for 'auth' from your app server3 token: (await $.post('/create_link_token')).link_token,4 onSuccess: (public_token, metadata) => {5 // Send the public_token and accounts to your app server6 $.post('/exchange_public_token', {7 publicToken: public_token,8 accounts: metadata.accounts,9 });10 },11});
Exchange the public_token and fetch Auth data
In your own backend server, call the /item/public_token/exchange
endpoint with the Link public_token
received in the onSuccess
callback to obtain an access_token
.
Persist the returned access_token
and item_id
in your database in relation to the user. You will use
the access_token
when making requests to the /auth/get
endpoint.
1const publicToken = 'public-sandbox-b0e2c4ee-a763-4df5-bfe9-46a46bce993d';2
3try {4 // Obtain an access_token from the Link public_token5 const tokenResponse = await client.itemPublicTokenExchange({6 public_token: publicToken}),7 const accessToken = tokenResponse.access_token;8
9 // Instantly fetch Auth numbers10 const request: AuthGetRequest = {11 access_token: accessToken,12 };13 const response = await plaidClient.authGet(request);14 const numbers = response.numbers;15} catch (err) {16 // handle error17}
Check out the /auth/get
API reference documentation to see the full
Auth request and response schema.
1{2 "numbers": {3 "ach": [4 {5 "account_id": "vzeNDwK7KQIm4yEog683uElbp9GRLEFXGK98D",6 "account": "9900009606",7 "routing": "011401533",8 "wire_routing": "021000021"9 }10 ],11 "eft": [],12 "international": [],13 "bacs": []14 },15 "accounts": [{ Object }],16 "item": { Object },17 "request_id": "m8MDnv9okwxFNBV"18}
Instant Match
Instant Match is available for approximately 800 U.S. additional financial institutions where Instant Auth is not available. Instant Match is enabled automatically for Auth customers and is automatically provided at supported institutions as a fallback experience when Instant Auth is not available. When using Instant Match, Plaid Link will prompt your user to enter their account number and routing number for a depository account. Plaid will then verify the last four digits of the user-provided account number against the account mask retrieved from the financial institution.
You can try out the Instant Match flow in Link Demo. See more details in our testing guide.
When using the Instant Match flow, the user can verify only a single account. Even if the Account Select properties allow selecting all or multiple accounts, the ability to select multiple depository accounts for Auth will be disabled in Link if the institution is using the Instant Match flow.
Configuring in Link
Instant Match will be enabled automatically if you configure the link_token
with the following parameters:
- add
"auth"
toproducts
array country_codes
set to['US']
(adding any other countries to the array will disable Instant Match)
Optionally, you can disable Instant Match on a per-session basis via the /link/token/create
call, by setting "auth.instant_match_enabled": false
in the request body. If you would like to disable Instant Match automatically for all Link sessions, contact your Account Manager or file a support ticket via the Dashboard.
1const request: LinkTokenCreateRequest = {2 user: { client_user_id: new Date().getTime().toString() },3 client_name: 'Plaid App',4 products: [Products.Auth],5 country_codes: [CountryCode.Us],6 language: 'en',7};8try {9 const response = await plaidClient.linkTokenCreate(request);10 const linkToken = response.data.link_token;11} catch (error) {12 // handle error13}
Handling Link events
For a user who goes through the Instant Match flow, the TRANSITION_VIEW (view_name = NUMBERS)
event will occur after SUBMIT_CREDENTIALS
, and in the onSuccess
callback the verification_status
will be null
because the user would have been verified instantly.
1OPEN (view_name = CONSENT)2TRANSITION_VIEW view_name = SELECT_INSTITUTION)3SEARCH_INSTITUTION4SELECT_INSTITUTION5TRANSITION_VIEW (view_name = CREDENTIAL)6SUBMIT_CREDENTIALS7TRANSITION_VIEW (view_name = LOADING)8TRANSITION_VIEW (view_name = MFA, mfa_type = code)9SUBMIT_MFA (mfa_type = code)10TRANSITION_VIEW (view_name = LOADING)11TRANSITION_VIEW (view_name = SELECT_ACCOUNT)12TRANSITION_VIEW (view_name = NUMBERS)13TRANSITION_VIEW (view_name = LOADING)14TRANSITION_VIEW (view_name = CONNECTED)15HANDOFF16onSuccess (verification_status: null)
Instant Micro-deposits
Instant Micro-deposits is the Plaid product term for our ability to authenticate any bank account in the US that is supported by RTP or FedNow. For over 80 Plaid-supported banks, Instant Micro-deposits is the fastest and highest-converting form of Auth support available. If both Instant Micro-deposits and Same Day Micro-deposits are enabled, any user who attempts a micro-deposit with one of the over 400 eligible RTP or FedNow routing numbers will automatically experience the Instant Micro-deposits flow and be able to verify instantly.
Instant Micro-deposit flow
- Starting on a page in your app, the user clicks an action that opens Plaid Link.
- Inside of Plaid Link, the user enters the micro-deposit initiation flow and provides their legal name, account and routing number.
- Plaid sends a micro-deposit to the user's account that will post within 5 seconds, and directs the user to log into their bank account to obtain the code from the micro-deposit description.
- The user enters the code from the micro-deposit description into Plaid Link.
- Upon success, Link closes with a
public_token
and ametadata
account status ofmanually_verified
.
Plaid will not reverse the $0.01 micro-deposit credit.
When these steps are done, your user's Auth data is verified and ready to fetch.
Configuring in Link
Instant Micro-deposits will be enabled if you configure the link_token
with the following parameters:
- Set the
products
array to["auth"]
. While in most cases additional products can be added to existing Plaid Items, Items created for micro-deposit verification are an exception and cannot be used with any Plaid products other than Auth or Transfer.
Approximately 30% of Items verified by Instant micro-deposits can also be verified by /identity/match
. For more details on using Identity Match with these Items, see Identity Match.
country_codes
set to['US']
(adding any other countries to the array will disable Instant Micro-deposits)auth.instant_microdeposits_enabled
set totrue
. For Plaid teams created prior to November 2023 this setting is not required; for newer teams, it must be manually configured.
If you would like to enable or disable Instant Micro-deposits automatically for all Link sessions, contact your Account Manager or file a support ticket via the Dashboard. Optionally, you can disable Instant Micro-deposits on a per-session basis via the /link/token/create
call, by setting "auth.instant_microdeposits_enabled": false
in the request body.
Entering the Instant Micro-deposit flow
Your user will enter the Instant Micro-deposit flow in the following scenarios:
- The user selects an eligible institution that is not enabled for Instant Auth, Instant Match, or Automated Micro-deposits.
- The Link session has Same Day Micro-deposits enabled and the user enters an eligible routing number during the Same Day Micro-deposits flow. In this case, the session will be "upgraded" to use Instant Micro-deposits rather than Same-Day Micro-deposits.
Instant Micro-deposit events
When a user goes through the Instant micro-deposits flow, the session will have the TRANSITION_VIEW
(view_name = NUMBERS
) event and a TRANSITION_VIEW
(view_name = INSTANT_MICRODEPOSIT_AUTHORIZED
) event after the user authorizes Plaid to send a micro-deposit to the submitted account and routing number. In the onSuccess
callback the verification_status
will be manually_verified
since, unlike Same Day Micro-deposits, Instant Micro-deposits will resolve to either a success or fail state within a single Link session.
Testing the Instant Micro-deposit flow
For credentials that can be used to test Instant Micro-deposits in Sandbox, see Auth testing flows.