Plaid logo
Docs
ALL DOCS

Auth

  • Introduction to Auth
  • Add Auth to your app
  • Move money with our partners
  • Add institution coverage
Plaid logo
Docs
Plaid.com
Get API keys
Open nav

Same Day Micro-deposits

Learn how to authenticate your users with a manually verified micro-deposit

Overview

Same Day Micro-deposits can be used to authenticate any bank account in the US, but especially for the ~2,000 institutions that don't support Instant Auth, Instant Match, or Automated Micro-deposit verification. Plaid will make a deposit that will post within one business day (using Same Day ACH, which is roughly two days faster than the standard micro-deposit experience of two to three days). Users are instructed to manually verify the code in the transaction description deposited in the account.

Same Day Micro-deposits Link flow

The Same Day Micro-deposit flow

A user connects their financial institution using the following connection flow:

  1. Starting on a page in your app, the user clicks an action that opens Plaid Link with the correct Auth configuration.
  2. Inside of Plaid Link, the user enters the micro-deposit initiation flow and provides their legal name, account and routing number.
  3. Upon successful authentication, Link closes with a public_token and a metadata account status of pending_manual_verification.
  4. Behind the scenes, Plaid sends a micro-deposit to the user's account that will post within one to two business days.
  5. After one to two days, the user is prompted to verify the code in the transaction description in their account, by opening Link with a generated link_token.

Plaid will not reverse the $0.01 micro-deposit credit.

When these steps are done, your user's Auth data is verified and ready to fetch.

Link configuration options

The Same Day Micro-deposit flow can be configured as an option at user failure points in Link, or as an upfront option for users to choose whether they want to Link automatically (via credential-based Auth Types - Instant Auth, Instant Match, and Automated Micro-deposits) or manually (via Same Day Micro-deposits).

The Same Day Micro-deposit flow is configured via the auth object in the /link/token/create request. This enables you to decide which sessions are enabled; for example, you can enable lower-risk users access to Same Day Micro-deposits while requiring that higher-risk users go through the credential-based Auth Types to reduce the higher risk exposure from Same Day Micro-deposits.

Learn more about how to optimize your configuration and manage risk under best practices.

Optional at user failure points in Link

For many customers, the Same Day Micro-deposits is best configured as an option when credential-based Auth Types fail. This maximizes the conversion of items that have broader coverage of additional data products (i.e. Balance, Identity, Transactions, etc), but also allows extended Auth coverage. The flow is only presented as an option when the user experiences a failure in Link. There is no active choice for the consumer up front in Link.

The following table describes the primary entry points into the manual micro-deposit flow when configured as an option at Link failure points:

ExitErrorInstitution SearchInstitution SearchInstitution Select
When user clicks X action buttonWhen user encounters any errorWhen no results are foundWhen user scrolls to end of resultsWhen institution health is poor
Auth Type Select

Auth Type Select is a Link configuration of Same Day Micro-deposits which shows a pane upfront, enabling consumers to actively choose between instant (i.e. Instant Auth, Instant Match, Automated Micro-deposits) and manual account authentication (i.e. Same Day Micro-deposits) at the start of the Plaid Link flow. By offering this choice, you can proactively offer the authentication method for consumers who either cannot or do not opt for credential-based Auth Types.

For instructions on how to enable the Auth Type Select flow, see Create a Link Token.

When to use Auth Type Select

Auth Type Select is best suited for developers who expect that a substantial portion of their consumers would prefer to authenticate manually, and who prefer to maximize Auth coverage over other data products. Examples of this may include Business Account Verification use cases where a high percentage of users are not expected to have access to credentials of a bank account, yet do have access to the transaction records, and therefore can verify micro-deposits.

Customers that see the greatest success with the Auth Type Select configuration have a substantial portion of users (over half, as a rule of thumb) who cannot or will not connect by logging into their bank, who have invested in fraud risk mitigations or have a low risk use case, and/or have very high intent users (such as users connecting a bank account to receive a payment).

Some developers observe an increase in conversion of verified Auth data with this configuration. However, this configuration reduces coverage of other products (like Balance or Identity) as those products are only available via credential-based Auth Types. When offered the manual option upfront, more users may choose to Link manually. Users who opt to connect via micro-deposits can have lower conversion than Instant Auth because the flow requires more steps for a user, including returning to Link the next day to verify micro-deposits. It may encourage users to connect via micro-deposits who would otherwise connect via credential-based Auth Types (if the micro-deposits option was not available upfront).

This configuration is best for customers who want to maximize Auth coverage and can tolerate reduced coverage of other products like Balance and Identity.

Demoing the flow in Link

You can try out the Same Day Micro-deposit flow in Link Demo. See more details in our testing guide.

  • To demo as Optional at user failure points in Link, specify Auth in the Product dropdown menu and then Launch Demo. Trigger empty search results (type in a search query like ‘xyz’) or the Exit Pane (by closing Link) and select Link with account numbers
  • To demo Auth Type Select, specify United States and Auth in the Country and Product dropdown menu respectively. Toggle on Auth Type Select, then Launch Demo.

Create a link_token

To integrate with the Same Day Micro-deposit flow, your application must be using Link Tokens rather than public keys. If you have not already migrated to Link Tokens, please do so following this guide.

Create a link_token with the following parameters:

  • products array should include only auth as a product when using same-day manual micro-deposit verification. While in most cases additional products can be added to existing Plaid Items, Items created for same-day manual micro-deposit verification are an exception and cannot be used with any Plaid products other than Auth.
  • country_codes set to ['US'] – Micro-deposit verification is currently only available in the United States.
  • auth object should specify "same_day_microdeposits_enabled": true
Select Language
Copy
1const request: LinkTokenCreateRequest = {
2 user: { client_user_id: new Date().getTime().toString() },
3 client_name: 'Plaid App',
4 products: [Products.Auth],
5 country_codes: [CountryCode.Us],
6 language: 'en',
7 auth: {
8 same_day_microdeposits_enabled: true,
9 },
10};
11try {
12 const response = await plaidClient.linkTokenCreate(request);
13 const linkToken = response.data.link_token;
14} catch (error) {
15 // handle error
16}

To configure same-day micro-deposits as an upfront option (i.e. Auth Type Select), in addition to the above steps:

  • "auth_type_select_enabled" boolean in the auth object should be set to true
Select Language
Copy
1const request: LinkTokenCreateRequest = {
2 user: { client_user_id: new Date().getTime().toString() },
3 client_name: 'Plaid App',
4 products: [Products.Auth],
5 country_codes: [CountryCode.Us],
6 language: 'en',
7 auth: {
8 same_day_microdeposits_enabled: true,
9 auth_type_select_enabled: true,
10 },
11};
12try {
13 const response = await plaidClient.linkTokenCreate(request);
14 const linkToken = response.data.link_token;
15} catch (error) {
16 // handle error
17}

Initialize Link with a link_token

After creating a link_token for the auth product, use it to initialize Plaid Link.

When the user successfully inputs their account and routing numbers, the onSuccess() callback function will return a public_token, with verification_status equal to 'pending_manual_verification'.

Copy
1const linkHandler = Plaid.create({
2 // Fetch a link_token configured for 'auth' from your app server
3 token: (await $.post('/create_link_token')).link_token,
4 onSuccess: (public_token, metadata) => {
5 // Send the public_token and connected accounts to your app server
6 $.post('/exchange_public_token', {
7 publicToken: public_token,
8 accounts: metadata.accounts,
9 });
10
11 metadata = {
12 ...,
13 link_session_id: String,
14 institution: {
15 name: null, // name is always null for same day micro-deposits
16 institution_id: null // institution_id is always null for same day micro-deposits
17 },
18 accounts: [{
19 id: 'vzeNDwK7KQIm4yEog683uElbp9GRLEFXGK98D',
20 mask: '1234',
21 name: null,
22 type: 'depository',
23 subtype: 'checking' | 'savings',
24 verification_status: 'pending_manual_verification'
25 }]
26 }
27 },
28 // ...
29});
30
31// Open Link on user-action
32linkHandler.open();
Display a "pending" status in your app

Because Same Day verification usually takes one business day to complete, we recommend displaying a UI in your app that communicates to a user that verification is currently pending.

You can use the verification_status key returned in the onSuccess metadata.accounts object once Plaid Link closes successfully.

Copy
1verification_status: 'pending_manual_verification';

You can also fetch the verification_status for an Item's account via the Plaid API, to obtain the latest account status.

Exchange the public token

In your own backend server, call the /item/public_token/exchange endpoint with the Link public_token received in the onSuccess callback to obtain an access_token. Persist the returned access_token and item_id in your database in relation to the user.

Note that micro-deposits will only be delivered to the ACH network in the Production environment, and not in Development. To test your integration outside of Production, see Testing same day micro-deposits in Sandbox.

Select group for content switcher
Select Language
Copy
1// publicToken and accountID are sent from your app to your backend-server
2const accountID = 'vzeNDwK7KQIm4yEog683uElbp9GRLEFXGK98D';
3const publicToken = 'public-sandbox-b0e2c4ee-a763-4df5-bfe9-46a46bce993d';
4
5// Obtain an access_token from the Link public_token
6const response = await client
7 .itemPublicTokenExchange({
8 public_token: publicToken,
9 })
10 .catch((err) => {
11 // handle error
12 });
13const accessToken = response.access_token;
Copy
1{
2 "access_token": "access-sandbox-5cd6e1b1-1b5b-459d-9284-366e2da89755",
3 "item_id": "M5eVJqLnv3tbzdngLDp9FL5OlDNxlNhlE55op",
4 "request_id": "m8MDnv9okwxFNBV"
5}

Check the account verification status (optional)

In some cases you may want to implement logic in your app to display the verification_status of an Item that is pending manual verification. The /accounts/get API endpoint allows you to query this information.

To be notified via webhook when Plaid has sent the micro-deposit to your end user, see micro-deposit events.

Select group for content switcher
Select Language
Copy
1// Fetch the accountID and accessToken from your database
2const accountID = 'vzeNDwK7KQIm4yEog683uElbp9GRLEFXGK98D';
3const accessToken = 'access-sandbox-5cd6e1b1-1b5b-459d-9284-366e2da89755';
4const request: AccountsGetRequest = {
5 access_token: accessToken,
6};
7const response = await client.accountsGet(request).catch((err) => {
8 // handle error
9});
10const account = response.accounts.find((a) => a.account_id === accountID);
11const verificationStatus = account.verification_status;
Copy
1{
2 "accounts": [
3 {
4 "account_id": "vzeNDwK7KQIm4yEog683uElbp9GRLEFXGK98D",
5 "balances": { Object },
6 "mask": "0000",
7 "name": null,
8 "official_name": null,
9 "type": "depository"
10 "subtype": "checking" | "savings",
11 "verification_status":
12 "pending_manual_verification" |
13 "manually_verified" |
14 "verification_failed",
15 },
16 ...
17 ],
18 "item": { Object },
19 "request_id": String
20}

Prompt user to verify micro-deposit code in Link

After one to two business days, the micro-deposit sent to the user's account is expected to be posted. To securely verify a Same Day Micro-deposits account, your user needs to come back into Link to verify the code in the transaction description.

To optimize conversion, we strongly recommend sending your user a notification (e.g. email, SMS, push notification) prompting them to come back into your app and verify the micro-deposit code. To be notified via webhook when Plaid has sent the micro-deposit to your end user, see micro-deposit events.

Verification of Same Day Micro-deposits is performed in two steps:

  1. In your backend server, create a new link_token from the associated access_token for the given user.
  2. Pass the generated link_token into your client-side app, using the token parameter in the Link configuration. This will automatically trigger the micro-deposit verification flow in Link.
Create a new link_token from a persistent access_token

Generate a link_token for verifying micro-deposits by passing the user's associated access_token to the /link/token/create API endpoint. Note that the products field should not be set because the micro-deposits verification flow does not change the products associated with the given access_token.

Select group for content switcher
Select Language
Copy
1// Using Express
2app.post('/api/create_link_token', async function (request, response) {
3 // Get the client_user_id by searching for the current user
4 const user = await User.find(...);
5 const clientUserId = user.id;
6 const request = {
7 user: {
8 client_user_id: clientUserId,
9 },
10 client_name: 'Plaid Test App',
11 language: 'en',
12 webhook: 'https://webhook.sample.com',
13 country_codes: [CountryCode.Us],
14 access_token: 'ENTER_YOUR_ACCESS_TOKEN',
15 };
16 try {
17 const createTokenResponse = await client.linkTokenCreate(request);
18 response.json(createTokenResponse.data);
19 } catch (error) {
20 // handle error
21 }
22});
Initialize Link with the generated link_token

In your client-side app, pass the generated link_token into the Link token parameter. Link will automatically detect that Same Day verification is required for the Item and will open directly into the verification flow (see the image above).

In Link, the user will be prompted to log in to their personal banking portal to confirm the code in the micro-deposit transaction description. Upon successful entry of the code, the onSuccess callback will be fired, with an updated verification_status: 'manually_verified'.

There is no time limit for the user to verify the deposit. A user has three attempts to enter the code correctly, after which the Item will be permanently locked for security reasons. See INCORRECT_DEPOSIT_VERIFICATION and PRODUCT_NOT_READY for errors that may occur during the micro-deposit initiation and verification flow.

Copy
1const linkHandler = Plaid.create({
2 token: await fetchLinkTokenForMicrodepositsVerification(),
3 onSuccess: (public_token, metadata) => {
4 metadata = {
5 accounts: [{
6 ...,
7 verification_status: 'manually_verified',
8 }],
9 };
10 },
11 // ...
12});
13
14// Open Link to verify micro-deposit amounts
15linkHandler.open();

An Item's access_token does not change when verifying micro-deposits, so there is no need to repeat the exchange token process.

Fetch Auth data

Finally, we can retrieve Auth data once the user has manually verified their account through Same Day Micro-deposits:

Select group for content switcher
Select Language
Copy
1const accessToken = 'access-sandbox-5cd6e1b1-1b5b-459d-9284-366e2da89755';
2
3// Instantly fetch Auth numbers
4const request: AuthGetRequest = {
5 access_token: accessToken,
6};
7const response = await client.authGet(request).catch((err) => {
8 // handle error
9});
10const numbers = response.numbers;
Copy
1{
2 "numbers": {
3 "ach": [
4 {
5 "account_id": "vzeNDwK7KQIm4yEog683uElbp9GRLEFXGK98D",
6 "account": "9900009606",
7 "routing": "011401533",
8 "wire_routing": "021000021"
9 }
10 ],
11 "eft": [],
12 "international": [],
13 "bacs": []
14 },
15 "accounts": [
16 {
17 "account_id": "vzeNDwK7KQIm4yEog683uElbp9GRLEFXGK98D",
18 "balances": { Object },
19 "mask": "0000",
20 "name": null,
21 "official_name": null,
22 "verification_status": "manually_verified",
23 "subtype": "checking" | "savings",
24 "type": "depository"
25 }
26 ],
27 "item": { Object },
28 "request_id": "m8MDnv9okwxFNBV"
29}

Check out the /auth/get API reference documentation to see the full Auth request and response schema.

Micro-deposit transaction description

When the micro-deposit post to your end user's bank account, the transaction description will be written with the format:

Copy
1#XXX <clientName> ACCTVERIFY

The # will be followed with the three letter code required for verification. The <clientName> is defined by the value of the client_name parameter that was used to create the link_token that initialized Link.

Business or corporate accounts

Users with business or corporate accounts that have ACH debit blocks enabled on their account may need to authorize Plaid's Company / Tax ID, 1460820571, to avoid any issues with linking their accounts.

Handling Link events

When a user goes through the Same Day micro-deposits flow, the session will have the TRANSITION_VIEW (view_name = NUMBERS) event, and in the onSuccess callback the verification_status will be pending_manual_verification because the user will have to return to Link to verify their micro-deposit at a later Link session

Copy
1OPEN (view_name = CONSENT)
2TRANSITION_VIEW (view_name = SELECT_INSTITUTION)
3SEARCH_INSTITUTION
4TRANSITION_VIEW (view_name = NUMBERS)
5TRANSITION_VIEW (view_name = LOADING)
6TRANSITION_VIEW (view_name = CONNECTED)
7HANDOFF
8onSuccess (verification_status: pending_manual_verification)

When a user goes through the Same Day micro-deposits flow with the Auth Type Select configuration, you will additionally see TRANSITION_VIEW (view_name = SELECT_AUTH_TYPE) and also SELECT_AUTH_TYPE (selection = flow_type_manual)

Copy
1OPEN (view_name = CONSENT)
2TRANSITION_VIEW (view_name = SELECT_AUTH_TYPE)
3SELECT_AUTH_TYPE (selection = flow_type_manual)
4TRANSITION_VIEW (view_name = NUMBERS)
5TRANSITION_VIEW (view_name = LOADING)
6TRANSITION_VIEW (view_name = CONNECTED)
7HANDOFF
8onSuccess (verification_status: pending_manual_verification)

Legacy flow

If you have been approved by Plaid to maintain our legacy micro-deposits flow, Plaid will make two deposits that post within one business day (using Same Day ACH, which is roughly two days faster than the standard micro-deposit experience of two to three days). Users are instructed to manually verify the deposited amounts within one business day. All other technical specifications are the same as above.

Testing in Sandbox

Learn how to test each Auth flow in the Sandbox

View guide

Micro-deposit events

Learn how to use Bank Transfers (beta) webhooks to receive micro-deposit status updates

View guide
Was this helpful?
Developer community
GitHub
GitHub
Stack Overflow
Stack Overflow
YouTube
YouTube
Twitter
Twitter
Discord
Discord