Instant Auth, Instant Match, and Instant Micro-Deposits

Instant Auth supports more than 6,200 financial institutions with credential-based login. Instant Auth is the default Auth flow and does not require extra configuration steps if Auth is already configured in your app. For clarity and completeness, the section below explains how to configure Instant Auth.

The user signs in to their financial institution

You can try out the Instant Match flow in Link Demo. See more details in our testing guide.

Create a link_token with the following parameters:

• products array containing auth – If you are using only auth and no other products, auth must be specified in the Products array. Other products (such as identity) may be specified as well. If you are using multiple products, auth is not required to be specified in the products array, but including it is recommended for the best user experience.

1app.post('/api/create_link_token', async function (request, response) {
2  // Get the client_user_id by searching for the current user
3  const user = await User.find(...);
4  const clientUserId = user.id;
5  const request = {
6    user: {
7      // This should correspond to a unique id for the current user.
8      client_user_id: clientUserId,
9    },
10    client_name: 'Plaid Test App',
11    products: ['auth'],
12    language: 'en',
13    webhook: 'https://webhook.example.com',
14    redirect_uri: 'https://domainname.com/oauth-page.html',
15    country_codes: ['US'],
16  };
17  try {
18    const createTokenResponse = await client.linkTokenCreate(request);
19    response.json(createTokenResponse.data);
20  } catch (error) {
21    // handle error
22  }
23});

After creating a link_token for the auth product, use it to initialize Plaid Link.

When the user inputs their username and password for the financial institution, the onSuccess() callback function will return a public_token.

1Plaid.create({
2  // Fetch a link_token configured for 'auth' from your app server
3  token: (await $.post('/create_link_token')).link_token,
4  onSuccess: (public_token, metadata) => {
5    // Send the public_token and accounts to your app server
6    $.post('/exchange_public_token', {
7      publicToken: public_token,
8      accounts: metadata.accounts,
9    });
10  },
11});

In your own backend server, call the /item/public_token/exchange endpoint with the Link public_token received in the onSuccess callback to obtain an access_token. Persist the returned access_token and item_id in your database in relation to the user. You will use the access_token when making requests to the /auth/get endpoint.

1const publicToken = 'public-sandbox-b0e2c4ee-a763-4df5-bfe9-46a46bce993d';
2
3try {
4  // Obtain an access_token from the Link public_token
5  const tokenResponse = await client.itemPublicTokenExchange({
6      public_token: publicToken}),
7  const accessToken = tokenResponse.access_token;
8
9  // Instantly fetch Auth numbers
10  const request: AuthGetRequest = {
11    access_token: accessToken,
12  };
13  const response = await plaidClient.authGet(request);
14  const numbers = response.numbers;
15} catch (err) {
16  // handle error
17}

Check out the /auth/get API reference documentation to see the full Auth request and response schema.

1{
2  "numbers": {
3    "ach": [
4      {
5        "account_id": "vzeNDwK7KQIm4yEog683uElbp9GRLEFXGK98D",
6        "account": "9900009606",
7        "routing": "011401533",
8        "wire_routing": "021000021"
9      }
10    ],
11    "eft": [],
12    "international": [],
13    "bacs": []
14  },
15  "accounts": [{ Object }],
16  "item": { Object },
17  "request_id": "m8MDnv9okwxFNBV"
18}

Instant Match is available for approximately 800 U.S. additional financial institutions where Instant Auth is not available. Instant Match is enabled automatically for Auth customers and is automatically provided at supported institutions as a fallback experience when Instant Auth is not available. When using Instant Match, Plaid Link will prompt your user to enter their account number and routing number for a depository account. Plaid will then verify the last four digits of the user-provided account number against the account mask retrieved from the financial institution.

The user signs in to their financial institution

You can try out the Instant Match flow in Link Demo. See more details in our testing guide.

When using the Instant Match flow, the user can verify only a single account. Even if the Account Select properties allow selecting all or multiple accounts, the ability to select multiple depository accounts for Auth will be disabled in Link if the institution is using the Instant Match flow.

Instant Match will be enabled automatically if you configure the link_token with the following parameters:

• add "auth" to products array
• country_codes set to ['US'] (adding any other countries to the array will disable Instant Match)

Optionally, you can disable Instant Match on a per-session basis via the /link/token/create call, by setting "auth.instant_match_enabled": false in the request body. If you would like to disable Instant Match automatically for all Link sessions, contact your Account Manager or file a support ticket via the Dashboard.

1const request: LinkTokenCreateRequest = {
2  user: { client_user_id: new Date().getTime().toString() },
3  client_name: 'Plaid App',
4  products: [Products.Auth],
5  country_codes: [CountryCode.Us],
6  language: 'en',
7};
8try {
9  const response = await plaidClient.linkTokenCreate(request);
10  const linkToken = response.data.link_token;
11} catch (error) {
12  // handle error
13}

For a user who goes through the Instant Match flow, the TRANSITION_VIEW (view_name = NUMBERS) event will occur after SUBMIT_CREDENTIALS, and in the onSuccess callback the verification_status will be null because the user would have been verified instantly.

1OPEN (view_name = CONSENT)
2TRANSITION_VIEW view_name = SELECT_INSTITUTION)
3SEARCH_INSTITUTION
4SELECT_INSTITUTION
5TRANSITION_VIEW (view_name = CREDENTIAL)
6SUBMIT_CREDENTIALS
7TRANSITION_VIEW (view_name = LOADING)
8TRANSITION_VIEW (view_name = MFA, mfa_type = code)
9SUBMIT_MFA (mfa_type = code)
10TRANSITION_VIEW (view_name = LOADING)
11TRANSITION_VIEW (view_name = SELECT_ACCOUNT)
12TRANSITION_VIEW (view_name = NUMBERS)
13TRANSITION_VIEW (view_name = LOADING)
14TRANSITION_VIEW (view_name = CONNECTED)
15HANDOFF
16onSuccess (verification_status: null)

Instant Micro-deposits is the Plaid product term for our ability to authenticate any bank account in the US that is supported by RTP or FedNow. For over 80 Plaid-supported banks, Instant Micro-deposits is the fastest and highest-converting form of Auth support available. If both Instant Micro-deposits and Same Day Micro-deposits are enabled, any user who attempts a micro-deposit with one of the over 400 eligible RTP or FedNow routing numbers will automatically experience the Instant Micro-deposits flow and be able to verify instantly.

The user opens Plaid Link.

1. Starting on a page in your app, the user clicks an action that opens Plaid Link.
2. Inside of Plaid Link, the user enters the micro-deposit initiation flow and provides their legal name, account and routing number.
3. Plaid sends a micro-deposit to the user's account that will post within 5 seconds, and directs the user to log into their bank account to obtain the code from the micro-deposit description.
4. The user enters the code from the micro-deposit description into Plaid Link.
5. Upon success, Link closes with a public_token and a metadata account status of manually_verified.

When these steps are done, your user's Auth data is verified and ready to fetch.

Instant Micro-deposits will be enabled if you configure the link_token with the following parameters:

• Set the products array to ["auth"]. While in most cases additional products can be added to existing Plaid Items, Items created for micro-deposit verification are an exception and cannot be used with any Plaid products other than Auth or Transfer.

• country_codes set to ['US'] (adding any other countries to the array will disable Instant Micro-deposits)
• auth.instant_microdeposits_enabled set to true. For Plaid teams created prior to November 2023 this setting is not required; for newer teams, it must be manually configured.

Optionally, you can disable Instant Match on a per-session basis via the /link/token/create call, by setting "auth.instant_microdeposits_enabled": false in the request body. If you would like to disable Instant Match automatically for all Link sessions, contact your Account Manager or file a support ticket via the Dashboard.

Your user will enter the Instant Micro-deposit flow in the following scenarios:

• The user selects an eligible institution that is not enabled for Instant Auth, Instant Match, or Automated Micro-deposits.
• The Link session has Same Day Micro-deposits enabled and the user enters an eligible routing number during the Same Day Micro-deposits flow. In this case, the session will be "upgraded" to use Instant Micro-deposits rather than Same-Day Micro-deposits.

Instant Micro-deposit events

When a user goes through the Instant micro-deposits flow, the session will have the TRANSITION_VIEW (view_name = NUMBERS) event and a TRANSITION_VIEW (view_name = INSTANT_MICRODEPOSIT_AUTHORIZED) event after the user authorizes Plaid to send a micro-deposit to the submitted account and routing number. In the onSuccess callback the verification_status will be manually_verified since, unlike Same Day Micro-deposits, Instant Micro-deposits will resolve to either a success or fail state within a single Link session.

For credentials that can be used to test Instant Micro-deposits in Sandbox, see Auth testing flows.