Plaid Link Auth Flow

Plaid and Dwolla have partnered to offer businesses an easier way to connect to the U.S. banking system. Plaid enables businesses to instantly authenticate a customer's bank account, giving them the ability to leverage the Dwolla API to connect to the ACH network for sending and receiving payments. Dwolla’s solution offers frictionless ACH payments for companies looking to automate their current payments process and scale their business.

With the Plaid + Dwolla integration, your users can verify their accounts in seconds by inputting their banking credentials in Plaid’s front-end module. Plaid’s mobile-friendly module handles input validation, error handling, and multi-factor authentication–providing a seamless onboarding experience to convert more users for your business.

As part of the integration, Dwolla customers can access Plaid’s full suite of APIs for clean, categorized transaction data, real-time balances, and more.

To get started, sign up for Plaid API keys or try out the Plaid demo.

Get API keys
Try out the demo

Getting Started

You'll first want to familiarize yourself with Plaid Link, a drop-in integration for the Plaid API that handles input validation, error handling, and multi-factor authentication. You will also need to create or be an existing Dwolla customer in order to add a bank funding source.

Your customers will use Link to authenticate with their financial institution and select the bank account they wish to use for ACH transactions. From there, you'll receive a Plaid access_token and a Dwolla processor_token, which allows you to quickly and securely verify a bank funding source via Dwolla's API without having to store any sensitive banking information. Utilizing Plaid + Dwolla enables a seamless workflow for sending and receiving payments.

Instructions

Step 1: Set up your Plaid and Dwolla accounts

You'll need accounts at both Plaid and Dwolla in order to use the Plaid + Dwolla integration. You'll also need to enable your Plaid account for the Dwolla integration.

First, you will need to work with the Dwolla team to sign up for an Dwolla account, if you do not already have one.

Next, verify that your Plaid account is enabled for the integration. If you do not have a Plaid account, create one. Your account will be automatically enabled for integration access.

To verify that your Plaid account is enabled for the integration, go to the Integrations section of the account dashboard.

If the integration is off, simply click the 'Enable' button for Dwolla to enable the integration.

Use the Dwolla Sandbox to test the Plaid + Dwolla integration for free.

Step 2: Fetch a Link token

A link_token is a one-time use token that is used to initialize Plaid Link. You can create a link_token and configure it for your specific Link flow by calling the /link/token/create endpoint from your server.

Fetch a Link token

Step 3: Integrate with Plaid Link

Integrating with Link is easy. All it takes is a few lines of client-side JavaScript and a small server-side handler to exchange the Link public_token for a Plaid access_token and a Dwolla processor_token.

Integrate with Link

    <button id="link-button">Link Account</button>
    <script src="https://cdn.plaid.com/link/v2/stable/link-initialize.js"></script>
    <script type="text/javascript">
    (async function() {
      const fetchLinkToken = async () => {
        const response = await fetch('/create_link_token', { method: 'POST' });
        const responseJSON = await response.json();
        return responseJSON.link_token;
      };

      const configs = {
        // 1. Pass a new link_token to Link.
        token: await fetchLinkToken(),
        onSuccess: async function(public_token, metadata) {
          // 2a. Send the public_token to your app server.
          // The onSuccess function is called when the user has successfully
          // authenticated and selected an account to use.
          await fetch('/get_access_token', { 
            method: 'POST',
            body: JSON.stringify({ public_token: public_token }),
          });
        },
        onExit: async function(err, metadata) {
          // 2b. Gracefully handle the invalid link token error. A link token
          // can become invalidated if it expires, has already been used
          // for a link session, or is associated with too many invalid logins.
          if (err != null && err.error_code === 'INVALID_LINK_TOKEN') {
            linkHandler.destroy();
            linkHandler = Plaid.create({
              ...configs,
              token: await fetchLinkToken(),
            });
          }
          if (err != null) {
            // Handle any other types of errors.
          }
          // metadata contains information about the institution that the
          // user selected and the most recent API request IDs.
          // Storing this information can be helpful for support.
        },
      };

      var linkHandler = Plaid.create(configs);

      document.getElementById('link-button').onclick = function() {
        linkHandler.open();
      };
    })();
    </script>

See the parameter reference for complete documentation on possible configurations.

Plaid.create accepts one argument, a configuration Object, and returns an Object with two functions, open and exit . Calling open will display the "Institution Select" view and calling exit will close Link.

Step 4: Write server-side handler

Plaid’s Link module handles the entire onboarding flow securely and quickly, but does not actually retrieve account data for a user. Instead, the Link module returns a public_token and an account_id (a property on the metadata object) via the onSuccess callback.

This public_token must be exchanged for a Plaid access_token using the /item/public_token/exchange API endpoint. Once you have the access_token for the Item, you'll create a Dwolla processor_token. You'll send this token to Dwolla and they will use it to securely retrieve account and routing numbers from Plaid.

You can create valid Dwolla processor_tokens in the following Plaid API environments:

Server-side handler

const plaid = require('plaid');

// Change sandbox to development to test with live users;
// Change to production when you're ready to go live!
const plaidClient = new plaid.Client({
  clientID: PLAID_CLIENT_ID,
  secret: PLAID_SECRET,
  env: plaid.environments.sandbox
});

// Exchange the public_token from Plaid Link for an access token.
plaidClient.exchangePublicToken(public_token, function(err, res) {
  const accessToken = res.access_token;
  // Create a processor token for a specific account id.
  plaidClient.createProcessorToken(
    accessToken,
    accountId,
    'dwolla',
    function(err, res) {
      const processorToken = res.processor_token;
    }
  );
});


# Exchange the public token from Plaid Link for an access token.
curl \
  -H 'Content-Type: application/json' \
  -d '{
    "client_id": "PLAID_CLIENT_ID",
    "secret": "PLAID_SECRET",
    "public_token": "PUBLIC_TOKEN"
  }' \
  -X POST \
  https://sandbox.plaid.com/item/public_token/exchange

# Create a processor token for a specific account id.
curl \
  -H 'Content-Type: application/json' \
  -d '{
    "client_id": "PLAID_CLIENT_ID",
    "secret": "PLAID_SECRET",
    "access_token": "ACCESS_TOKEN",
    "account_id": "ACCOUNT_ID",
    "processor": "dwolla"
  }' \
  -X POST \
  https://sandbox.plaid.com/processor/token/create


require 'plaid'

# Change sandbox to development to test with live users;
# Change to production when you're ready to go live!
client = Plaid::Client.new(env: :sandbox,
                           client_id: PLAID_CLIENT_ID,
                           secret: PLAID_SECRET)

# Exchange the public token from Plaid Link for an access token.
exchange_response = client.item.public_token.exchange(public_token)
access_token = exchange_response.access_token

# Create a processor token for a specific account id.
create_response = client.processor_token.create(access_token, account_id, "dwolla")
processor_token = create_response.processor_token


// Change sandbox to development to test with live users;
// Change to production when you're ready to go live!
PlaidClient plaidClient = PlaidClient.newBuilder()
  .clientIdAndSecret(PLAID_CLIENT_ID, PLAID_SECRET)
  .sandboxBaseUrl()
  .build();

// Exchange the public token from Plaid Link for an access token.
Response<ItemPublicTokenExchangeResponse> exchangeResponse = plaidClient.service()
  .itemPublicTokenExchange(new ItemPublicTokenExchangeRequest(public_token))
  .execute();

// Create a processor token for a specific account id.
if (exchangeResponse.isSuccessful()) {
  String accessToken = exchangeResponse.body().getAccessToken();
  Response<ItemDwollaProcessorTokenCreateResponse> dwollaResponse = client().service()
    .itemDwollaProcessorTokenCreate(new ItemDwollaProcessorTokenCreateRequest(accessToken, account_id))
    .execute();

  if (dwollaResponse.isSuccessful()) {
    String dwollaProcessorToken = dwollaResponse.body().getProcessorToken();
  }
}


from plaid import Client

# Change sandbox to development to test with live users;
# Change to production when you're ready to go live!
client = Client(
  client_id=PLAID_CLIENT_ID,
  secret=PLAID_SECRET,
  environment='sandbox'
)

# Exchange the public token from Plaid Link for an access token.
exchange_token_response = client.Item.public_token.exchange(public_token)
access_token = exchange_token_response['access_token']

# Create a processor token for a specific account id.
create_response = client.Processor.ProcessorTokenCreate(access_token, account_id, "dwolla")
processor_token = create_response['processor_token']

For a valid request, the API will return a JSON response similar to:

Processor Token response

{
"processor_token": "processor-sandbox-0asd1-a92nc",
"request_id": "[Unique request ID]"
}

For possible error codes, see the full listing of Plaid error codes.

Step 5: Test with sandbox credentials

Link's sandbox mode is compatible with Plaid's Sandbox API environment. To test the integration in sandbox mode, simply use the Plaid sandbox credentials.

Step 6: Get ready for production

Your account is immediately enabled for our sandbox environment. To move to Production, please request access from the Dashboard. You will want to ensure that you have valid Dwolla Production credentials prior to verifying bank funding sources in the Dwolla API with Plaid.

Support and questions

Find answers to many common integration questions and concerns—such as pricing, sandbox and test mode usage, and more—at our Help Center and docs.

If you're still stuck, open a support ticket with information describing the issue that you're experiencing and we'll get back to you as soon as we can.

We use cookies to improve your experience and our websites. By using this site, you agree to the use of cookies as described in our Cookie Policy.