Instant Auth, Instant Match, and Instant Micro-Deposits
Learn how to authenticate your users instantly
Instant Auth
Instant Auth supports more than 3,800 financial institutions with credential-based login. Instant Auth is the default Auth flow and does not require extra configuration steps if Auth is already configured in your app. For clarity and completeness, the section below explains how to configure Instant Auth.
You can try out the Instant Match flow in Link Demo. See more details in our testing guide.
Configure & Create a link_token
Create a link_token with the following parameters:
productsarray containingauth– If you are using onlyauthand no other products,authmust be specified in the Products array. Other products (such asidentity) may be specified as well. If you are using multiple products,authis not required to be specified in the products array, but including it is recommended for the best user experience.
1app.post('/api/create_link_token', async function (request, response) {2 // Get the client_user_id by searching for the current user3 const user = await User.find(...);4 const clientUserId = user.id;5 const request = {6 user: {7 // This should correspond to a unique id for the current user.8 client_user_id: clientUserId,9 },10 client_name: 'Plaid Test App',11 products: ['auth'],12 language: 'en',13 webhook: 'https://webhook.example.com',14 redirect_uri: 'https://domainname.com/oauth-page.html',15 country_codes: ['US'],16 };17 try {18 const createTokenResponse = await client.linkTokenCreate(request);19 response.json(createTokenResponse.data);20 } catch (error) {21 // handle error22 }23});Initialize Link with a link_token
After creating a link_token for the auth product, use it to initialize Plaid Link.
When the user inputs their username and password for the financial institution,
the onSuccess() callback function will return a public_token.
1Plaid.create({2 // Fetch a link_token configured for 'auth' from your app server3 token: (await $.post('/create_link_token')).link_token,4 onSuccess: (public_token, metadata) => {5 // Send the public_token and accounts to your app server6 $.post('/exchange_public_token', {7 publicToken: public_token,8 accounts: metadata.accounts,9 });10 },11});Exchange the public_token and fetch Auth data
In your own backend server, call the /item/public_token/exchange
endpoint with the Link public_token received in the onSuccess callback to obtain an access_token.
Persist the returned access_token and item_id in your database in relation to the user. You will use
the access_token when making requests to the /auth/get endpoint.
1const publicToken = 'public-sandbox-b0e2c4ee-a763-4df5-bfe9-46a46bce993d';23try {4 // Obtain an access_token from the Link public_token5 const tokenResponse = await client.itemPublicTokenExchange({6 public_token: publicToken}),7 const accessToken = tokenResponse.access_token;89 // Instantly fetch Auth numbers10 const request: AuthGetRequest = {11 access_token: accessToken,12 };13 const response = await plaidClient.authGet(request);14 const numbers = response.numbers;15} catch (err) {16 // handle error17}Check out the /auth/get API reference documentation to see the full
Auth request and response schema.
1{2 "numbers": {3 "ach": [4 {5 "account_id": "vzeNDwK7KQIm4yEog683uElbp9GRLEFXGK98D",6 "account": "9900009606",7 "routing": "011401533",8 "wire_routing": "021000021"9 }10 ],11 "eft": [],12 "international": [],13 "bacs": []14 },15 "accounts": [{ Object }],16 "item": { Object },17 "request_id": "m8MDnv9okwxFNBV"18}Instant Match
Instant Match is available for approximately 1,500 U.S. additional financial institutions where Instant Auth is not available. Instant Match is enabled automatically for Auth customers and is automatically provided at supported institutions as a fallback experience when Instant Auth is not available. When using Instant Match, Plaid Link will prompt your user to enter their account number and routing number for a depository account. Plaid will then verify the last four digits of the user-provided account number against the account mask retrieved from the financial institution.
You can try out the Instant Match flow in Link Demo. See more details in our testing guide.
When using the Instant Match flow, the user can verify only a single account. Even if the Account Select properties allow selecting all or multiple accounts, the ability to select multiple depository accounts for Auth will be disabled in Link if the institution is using the Instant Match flow.
Configuring in Link
Instant Match will be enabled automatically if you configure the link_token with the following parameters:
- add
"auth"toproductsarray country_codesset to['US'](adding any other countries to the array will disable Instant Match)
Optionally, you can disable Instant Match on a per-session basis via the /link/token/create call, by setting "auth.instant_match_enabled": false in the request body. If you would like to disable Instant Match automatically for all Link sessions, contact your Account Manager or file a support ticket via the Dashboard.
1const request: LinkTokenCreateRequest = {2 user: { client_user_id: new Date().getTime().toString() },3 client_name: 'Plaid App',4 products: [Products.Auth],5 country_codes: [CountryCode.Us],6 language: 'en',7};8try {9 const response = await plaidClient.linkTokenCreate(request);10 const linkToken = response.data.link_token;11} catch (error) {12 // handle error13}Handling Link events
For a user who goes through the Instant Match flow, the TRANSITION_VIEW (view_name = NUMBERS) event will occur after SUBMIT_CREDENTIALS, and in the onSuccess callback the verification_status will be null because the user would have been verified instantly.
1OPEN (view_name = CONSENT)2TRANSITION_VIEW view_name = SELECT_INSTITUTION)3SEARCH_INSTITUTION4SELECT_INSTITUTION5TRANSITION_VIEW (view_name = CREDENTIAL)6SUBMIT_CREDENTIALS7TRANSITION_VIEW (view_name = LOADING)8TRANSITION_VIEW (view_name = MFA, mfa_type = code)9SUBMIT_MFA (mfa_type = code)10TRANSITION_VIEW (view_name = LOADING)11TRANSITION_VIEW (view_name = SELECT_ACCOUNT)12TRANSITION_VIEW (view_name = NUMBERS)13TRANSITION_VIEW (view_name = LOADING)14TRANSITION_VIEW (view_name = CONNECTED)15HANDOFF16onSuccess (verification_status: null)Instant Micro-deposits
Instant Micro-deposits is the Plaid product term for our ability to authenticate any bank account in the US that is supported by RTP or FedNow. For over 20 Plaid-supported banks, Instant Micro-deposits is the fastest and highest-converting form of Auth support available.
Instant Micro-deposit flow
- Starting on a page in your app, the user clicks an action that opens Plaid Link.
- Inside of Plaid Link, the user enters the micro-deposit initiation flow and provides their legal name, account and routing number.
- Plaid sends a micro-deposit to the user's account that will post within 5 seconds, and directs the user to log into their bank account to obtain the code from the micro-deposit description.
- The user enters the code from the micro-deposit description into Plaid Link.
- Upon success, Link closes with a
public_tokenand ametadataaccount status ofmanually_verified.
Plaid will not reverse the \$0.01 micro-deposit credit.
When these steps are done, your user's Auth data is verified and ready to fetch.
Configuring in Link
Instant Micro-deposits will be enabled automatically if you configure the link_token with the following parameters:
- Set the
productsarray to["auth"]. While in most cases additional products can be added to existing Plaid Items, Items created for micro-deposit verification are an exception and cannot be used with any Plaid products other than Auth or Transfer.
Approximately 30% of Items verified by Instant micro-deposits can also be verified by /identity/match. For more details on using Identity Match with these Items, see Identity Match.
country_codesset to['US'](adding any other countries to the array will disable Instant Micro-deposits)- Add
auth.instant_microdeposits_enabled: trueto the/link/token/createrequest body.
Beginning November 1, 2023, Instant Micro-deposits will be enabled by default for all eligible Auth sessions if auth.instant_microdeposits_enabled is not set. If your use case requires that you call /accounts/balance/get and cannot function if you cannot call that endpoint, you should disable Instant Micro-deposits.
Optionally, you can disable Instant Micro-deposits on a per-session basis via the /link/token/create call, by setting "auth.instant_microdeposits_enabled": false in the request body. If you would like to disable Instant Micro-deposits automatically for all Link sessions, contact your Account Manager or file a support ticket via the Dashboard.
Entering the Instant Micro-deposit flow
Your user will enter the Instant Micro-deposit flow in the following scenarios:
- The user selects an eligible institution that is not enabled for Instant Auth, Instant Match, or Automated Micro-deposits.
- The Link session has Same Day Micro-deposits enabled and the user enters an eligible routing number during the Same Day Micro-deposits flow. In this case, the session will be "upgraded" to use Instant Micro-deposits rather than Same-Day Micro-deposits.
Instant Micro-deposit events
When a user goes through the Instant micro-deposits flow, the session will have the TRANSITION_VIEW (view_name = NUMBERS) event, and in the onSuccess callback the verification_status will be manually_verified.
Testing the Instant Micro-deposit flow
For credentials that can be used to test Instant Micro-deposits in Sandbox, see Auth testing flows.