Link iOS SDK

Reference for integrating with the Link iOS SDK

This guide covers the latest major version of the Link iOS SDK, which is version 2.x. If you are using an older version of the SDK, consult the migration guide.

Overview

The Plaid Link SDK is a quick and secure way to link bank accounts to Plaid from within your iOS app. LinkKit is a drop-in framework that handles connecting a financial institution to your app (credential validation, multi-factor authentication, error handling, etc.) without passing sensitive information to your server.

To get started with Plaid Link for iOS, clone the GitHub repository and try out the example application, which provides a reference implementation in both Swift and Objective-C. Youʼll want to sign up for free API keys through the Plaid Developer Dashboard to get started.

Initial iOS setup

Before writing code using the SDK, you must first perform some setup steps to register your app with Plaid and configure your project.

Register your redirect URI

Sign in to the Plaid Dashboard and go to the Team Settings -> API page.
Next to Allowed redirect URIs click Configure then Add New URI.
Enter your redirect URI, which you must also set up as a Universal Link for your application, for example: https://app.example.com/plaid/.
Click Save Changes.

These redirect URIs must be set up as Universal Links in your application. For details, see Apple's documentation on Allowing Apps and Websites to Link to Your Content.

Plaid does not support registering URLs with custom URL schemes as redirect URIs since they lack the security of Universal Links through the two-way association between your app and your website. Any application can register custom URL schemes and there is no further validation from iOS. If multiple applications have registered the same custom URL scheme, a different application may be launched each time the URL is opened. To complete Plaid OAuth flows, it is important that your application is opened and not any arbitrary application that has registered the same URL scheme.

Set up Universal Links

In order for Plaid to return control back to your application after a user completes a bank's OAuth flow, you must specify a redirect URI, which will be the URI from which Link will be re-launched to complete the OAuth flow. The redirect URI must be a Universal Link. An example of a typical redirect URI is: https://app.example.com/plaid.

Universal Links consist of the following parts:

An applinks entitlement for the Associated Domains capability in your app. For details, see Apple’s documentation on the Associated Domains Entitlement and the entitlements example in the LinkDemo-Swift example app.
An apple-app-site-association file on your website. For details, see Apple’s documentation on Supporting Associated Domains.
Code in your app handling the user activity when your app is opened via Universal Links. For details, see Apple's documentation on Supporting Universal Links in your app and the AppDelegate example in the LinkDemo-Swift example app. The Plaid Link SDK will ignore unexpected URLs passed to continue(from:) as per Apple’s recommendations, so there is no need to filter out unrelated URLs. Doing so may prevent a valid URL from being passed to continue(from:) and OAuth may not continue as expected.

Once you have enabled Universal Links, your iOS app is now set up and ready to start integrating with the Plaid SDK.

Ensure that the corresponding entry for the configured redirect URI in the apple-app-site-association file on your website continues to be available. If it is removed, OAuth sessions will fail until it is available again.

Installation

Plaid Link for iOS is an embeddable framework that is bundled and distributed within your application. There are several ways to obtain the necessary files and keep them up-to-date; we recommend using CocoaPods. Regardless of what you choose, submitting a new version of your application with the updated LinkKit.xcframework to the App Store is required.

Requirements

Xcode 11.5 or greater
iOS 11.0 or greater
The latest version of the LinkKit.xcframework

CocoaPods

If you haven’t already, install the latest version of CocoaPods.
If you don’t have an existing Podfile, run the following command to create one:
Create a new Podfile
1
```
pod init
```
Add this line to your Podfile:
Edit the Podfile to include the following line
1
```
pod 'Plaid'
```
Run the following command:
Install the Plaid and other CocoaPods
1
```
pod install
```
To update to newer releases in the future, run:
Update the Plaid and other CocoaPods
1
```
pod install
```

Upgrading

A new version of LinkKit.xcframework will be released around the 15th of every month. We recommend you keep up to date to provide the best Plaid Link experience in your application.

For details on each release see the GitHub releases and version release notes. To upgrade Plaid Link iOS from 1.x to 2.x, refer to the iOS 1.x to 2.x migration guide.

Opening Link

Before you can open Link, you need to first create a link_token. A link_token can be configured for different Link flows and is used to control much of Link’s behavior. To learn how to create a new link_token, see the API Reference entry for /link/token/create.

For iOS the /link/token/create call must include the redirect_uri parameter and it must match the redirect URI you have configured with Plaid (see Register your redirect URI above).

Create a Configuration

Starting the Plaid Link for iOS experience begins with creating a link_token. Once the link_token is passed to your app, create an instance of LinkTokenConfiguration, then create a Handler using Plaid.create() passing the previously created LinkTokenConfiguration, and call open() on the handler passing your preferred presentation method. Note that each time you open Link, you will need to get a new link_token from your server and create a new LinkTokenConfiguration with it.

create

tokenString

Specify a link_token to authenticate your app with Link. This is a short lived, one-time use token that should be unique for each Link session. In addition to the primary flow, a link_token can be configured to launch Link in update mode for Items with expired credentials, or the Payment Initiation flow. See the /link/token/create endpoint for more details.

onSuccessclosure

A required closure that is called when a user successfully links an Item. The closure should expect a single LinkSuccess argument, containing the publicToken String and a metadata of type SuccessMetadata. See onSuccess below.

onExitclosure

An optional closure that is called when a user exits Link without successfully linking an Item, or when an error occurs during Link initialization. The closure should expect a single LinkExit argument, containing an optional error and a metadata of type ExitMetadata. See onExit below.

onEventclosure

An optional closure that is called when a user reaches certain points in the Link flow. The closure should expect a single LinkEvent argument, containing an eventName enum of type EventType and a metadata of type EventMetadata. See onEvent below.

Create a Configuration
1
2
3
4
5
6
var linkConfiguration = LinkTokenConfiguration(
    token: "<#LINK_TOKEN_FROM_SERVER#>",
    onSuccess: { linkSuccess in
        // Send the linkSuccess.publicToken to your app server.
    }
)

Create a Handler

A Handler is a one-time use object used to open a Link session. The Handler must be retained for the duration of the Plaid SDK flow. It will also be needed to respond to OAuth Universal Link redirects. For more details, see the OAuth guide.

Create a Handler
1
2
3
4
5
6
7
let result = Plaid.create(configuration)
switch result {
  case .failure(let error):
      logger.error("Unable to create Plaid handler due to: \(error)")
  case .success(let handler):
      self.handler = handler
}

Open Link

Finally, open Link by calling open on the Handler object. This will usually be done in a button’s target action.

Open Link
1
2
let method: PresentationMethod = .viewController(self)
handler.open(presentUsing: method)

Handling redirect URIs

When your app is opened via an Universal Link, it must check whether the opened URL is the redirect URI registered with Plaid and pass the URL to LinkKit to complete the account linking flow.

Continuing Link
1
2
3
4
if userActivity.activityType == NSUserActivityTypeBrowsingWeb, let redirectUri = userActivity.webpageURL {
  // NOTE: Your handler must be accessible from your application delegate or scene delegate.
  self.handler.continue(from: redirectUri)
}

onSuccess

The closure is called when a user successfully links an Item. It should take a single LinkSuccess argument, containing the publicToken String and a metadata of type SuccessMetadata.

onSuccess

linkSuccessLinkSuccess

Contains the publicToken and metadata for this successful flow.

publicTokenString

Displayed once a user has successfully linked their Item.

metadataLinkSuccess

Displayed once a user has successfully linked their Item.

institutionInstitution

An institution object. If the Item was created via Same-Day micro-deposit verification, will be null.

nameString

The full institution name, such as 'Wells Fargo'

institutionIDInstitutionID (String)

The Plaid institution identifier

accountsArray<Account>

A list of accounts attached to the connected Item

idAccountID (String)

The Plaid account_id

nameString

The official account name

maskOptional<AccountMask> (Optional<String>)

The last 2-4 alphanumeric characters of an account's official account number. Note that the mask may be non-unique between an Item's accounts, it may also not match the mask that the bank displays to the user. In some cases, the mask may be omitted from the callback as a fraud prevention measure; if this happens, it can instead be obtained by calling /accounts/get.

subtypeAccountSubtype

The account subtype and its type. See Account Types for a full list of possible values.

verificationStatusOptional<VerificationStatus>

When micro-deposit-based verification is being used, the accounts object includes an Item's verification_status. Possible values are:
pending_automatic_verification: The Item is pending automatic verification.
pending_manual_verification: The Item is pending manual micro-deposit verification. Items remain in this state until the user successfully verifies the two amounts.
automatically_verified: The Item has successfully been automatically verified.
manually_verified: The Item has successfully been manually verified.
verification_expired: Plaid was unable to automatically verify the deposit within 7 calendar days and will no longer attempt to validate the Item. Users may retry by submitting their information again through Link.
verification_failed: The Item failed manual micro-deposit verification because the user exhausted all 3 verification attempts. Users may retry by submitting their information again through Link.

linkSessionIDString

A unique identifier associated with a user's actions and events through the Link flow. Include this identifier when opening a support ticket for faster turnaround.

metadataJSONString

Unprocessed metadata, formatted as JSON, sent from the Plaid API.

Handle Link success
1
2
3
onSuccess: { linkSuccess in
  // Send the linkSuccess.publicToken to your app server.
}

onExit

This optional closure is called when a user exits Link without successfully linking an Item, or when an error occurs during Link initialization. It should take a single LinkExit argument, containing an optional error and a metadata of type ExitMetadata.

onExit

linkExitLinkExit

Contains the optional error and metadata for when the flow was exited.

errorOptional<ExitError>

An Error type that contains the errorCode, errorMessage, and displayMessage of the error that was last encountered by the user. If no error was encountered, error will be nil.

errorCodeExitErrorCode

The error code and error type that the user encountered. Each errorCode has an associated errorType, which is a broad categorization of the error.

errorMessageString

A developer-friendly representation of the error code.

displayMessageOptional<String>

A user-friendly representation of the error code or nil if the error is not related to user action. This may change over time and is not safe for programmatic use.

metadataExitMetadata

Displayed once a user has successfully linked their Item.

statusOptional<ExitStatus>

The status key indicates the point at which the user exited the Link flow.

requiresQuestions

User prompted to answer security question(s).

requiresSelections

User prompted to answer multiple choice question(s).

requiresCode

User prompted to provide a one-time passcode.

chooseDevice

User prompted to select a device on which to receive a one-time passcode.

requiresCredentials

User prompted to provide credentials for the selected financial institution or has not yet selected a financial institution.

institutionNotFound

User exited the Link flow after unsuccessfully (no results returned) searching for a financial institution

unknown

The exit status has not been defined in the current version of the SDK. The unknown case has an associated value carrying the original exit status as sent by the Plaid API.

institutionOptional<Institution>

An institution object. If the Item was created via Same-Day micro-deposit verification, will be omitted.

institutionIDInstitutionID (String)

The Plaid specific identifier for the institution.

nameString

The full institution name, such as 'Wells Fargo'.

linkSessionIDOptional<String>

A unique identifier associated with a user's actions and events through the Link flow. Include this identifier when opening a support ticket for faster turnaround.

requestIDOptional<String>

The request ID for the last request made by Link. This can be shared with Plaid Support to expedite investigation.

metadataJSONRawJSONMetadata (String)

Unprocessed metadata, formatted as JSON, sent from Plaid API.

Handle Link exit
1
2
3
linkConfiguration.onExit = { linkExit in
  // Optionally handle linkExit data according to your application's needs
}

onEvent

This optional closure is called when certain events in the Plaid Link flow have occurred, for example, when the user selected an institution. This enables your application to gain further insight into what is going on as the user goes through the Plaid Link flow.
The following onEvent callbacks are stable, which means that they will not be deprecated or changed: open, exit, handoff, selectInstitution, error. The remaining callback events are informational and subject to change.

onEvent

linkEventLinkEvent

Contains the eventName and metadata for the Link event.

eventNameEventName

An enum representing the event that has just occurred in the Link flow.

closeOAuth

The user closed the third-party website or mobile app without completing the OAuth flow.

error

A recoverable error occurred in the Link flow, see the errorCode in the `metadata.

exit

The user has exited without completing the Link flow and the onExit callback is fired.

failOAuth

The user encountered an error while completing the third-party's OAuth login flow.

handoff

The user has exited Link after successfully linking an Item.

matchedSelectInstitution

The user selected an institution that was presented as a matched institution.

matchedSelectVerifyMethod

The user selected a verification method for a matched institution.

open

The user has opened Link.

openMyPlaid

The user has opened my.plaid.com. This event is only sent when Link is initialized with Assets as a product.

openOAuth

The user has navigated to a third-party website or mobile app in order to complete the OAuth login flow.

searchInstitution

The user has searched for an institution.

selectBrand

The user selected a brand, e.g. Bank of America. The brand selection interface occurs before the institution select pane and is only provided for large financial institutions with multiple online banking portals.

selectInstitution

The user selected an institution.

submitCredentials

The user has submitted credentials.

submitMFA

The user has submitted MFA.

transitionView

The transitionView event indicates that the user has moved from one view to the next.

unknown

The event has not been defined in the current version of the SDK. The unknown case has an associated value carrying the original event name as sent by the Plaid API.

metadataEventMetadata struct

An object containing information about the event

errorCodeOptional<ExitErrorCode>

The error code that the user encountered. Emitted by: error, exit.

errorMessageOptional<String>

The error message that the user encountered. Emitted by: error, exit.

exitStatusOptional<ExitStatus>

The status key indicates the point at which the user exited the Link flow. Emitted by: exit.

requiresQuestions

User prompted to answer security question(s).

requiresSelections

User prompted to answer multiple choice question(s).

requiresCode

User prompted to provide a one-time passcode.

chooseDevice

User prompted to select a device on which to receive a one-time passcode.

requiresCredentials

User prompted to provide credentials for the selected financial institution or has not yet selected a financial institution.

institutionNotFound

User exited the Link flow after unsuccessfully (no results returned) searching for a financial institution

unknown

The exit status has not been defined in the current version of the SDK. The unknown case has an associated value carrying the original exit status as sent by the Plaid API.

institutionIDOptional<InstitutionID> (Optional<String>)

The ID of the selected institution. Emitted by: all events.

institutionNameOptional<String>

The name of the selected institution. Emitted by: all events.

institutionSearchQueryOptional<String>

The query used to search for institutions. Emitted by: searchInstitution.

linkSessionIDString

The link_session_id is a unique identifier for a single session of Link. It's always available and will stay constant throughout the flow. Emitted by: all events.

mfaTypeOptional<MFAType>

If set, the user has encountered one of the following MFA types: code, device, questions, selections. Emitted by: submitMFA and transitionView when viewName is mfa

requestIDOptional<String>

The request ID for the last request made by Link. This can be shared with Plaid Support to expedite investigation. Emitted by: all events.

selectionOptional<String>

The verification method for a matched institution selected by the user. Possible values are phoneotp, password. Emitted by: matchedSelectVerifyMethod.

timestampDate

An ISO 8601 representation of when the event occurred. For example 2017-09-14T14:42:19.350Z. Emitted by: all events.

viewNameOptional<ViewName>

The name of the view that is being transitioned to. Emitted by: transitionView.

connected

The user has connected their account.

consent

We ask the user to consent to the privacy policy.

credential

Asking the user for their account credentials.

error

An error has occurred.

exit

Confirming if the user wishes to close Link.

loading

Link is making a request to our servers.

matchedConsent

We ask the matched user to consent to the privacy policy and SMS terms.

matchedCredential

We ask the matched user for their account credentials to a matched institution.

matchedMfa

We ask the matched user for MFA authentication to verify their identity.

mfa

The user is asked by the institution for additional MFA authentication.

numbers

The user is asked to insert their account and routing numbers.

recaptcha

The user was presented with a Google reCAPTCHA to verify they are human.

selectAccount

We ask the user to choose an account.

selectBrand

selectInstitution

We ask the user to choose their institution.

unknown

The view has not been defined in the current version of the SDK. The unknown case has an associated value carrying the original view name as sent by the Plaid API.

metadataJSONRawJSONMetadata (String)

Unprocessed metadata, formatted as JSON, sent from Plaid API.

Handle Link event
1
2
3
linkConfiguration.onEvent = { linkEvent in
  // Optionally handle linkEvent data according to your application's needs
}

Next steps

Once you've gotten Link working, see Link best practices for recommendations on further improving the Link flow.