Maintaining a public-key based integration

Details and guidance on maintaining a legacy public_key based Link integration for older Plaid API versions.

Overview

In July 2020, Plaid introduced the link_token, which replaces the static public_key. While integrations using the public_key are still supported, it is recommended that you upgrade your integration to use a link_token instead, as future Plaid development and features will be based on the link_token infrastructure. To start upgrading, see the Link token migration guide.

Plaid Link for Web

This section provides instructions for maintaining Plaid integrations using the deprecated public_key parameter. These instructions cannot be used for new integrations or for adding OAuth support to existing integrations. For up-to-date content on this topic, see the Link Web SDK instead. For instructions on updating an existing legacy integration, see the Link token migration guide.

Installation

Include the Plaid Link initialize script on each page of your site. It should always be loaded directly from https://cdn.plaid.com, rather than included in a bundle or hosted yourself.

1
<script src="https://cdn.plaid.com/link/v2/stable/link-initialize.js"></script>

Create

Plaid.create accepts one argument, a configuration Object, and returns an Object with two functions, open and exit. Calling open will display the Consent Pane view, and calling exit will close Link. Note: Control whether or not your Link integration uses the Account Select view from the Dashboard.

create_legacy
clientNamestring
Displayed once a user has successfully linked their Item.
envstring
The Plaid API environment on which to create user accounts. Possible values are development, sandbox, respectively. For Production use, use production.
keystring
The public_key associated with your account; available from the Dashboard.
productstring
A list of Plaid products you wish to use. Valid products are: transactions, auth, identity, assets, investments, liabilities, and payment_initiation. Example: ['auth', 'transactions']. balance is not a valid value, the Balance product does not require explicit initalization and will automatically be initialized when any other product is initialized. Only institutions that support all requested products will be shown in Link.
In Production, you will be billed for each product that you specify when initializing Link. Note that a product cannot be removed from an Item once the Item has been initialized with that product. To stop billing on an Item for subscription-based products, such as Liabilities, Investments, and Transactions, remove the Item via /item/remove.
onSuccesscallback
A function that is called when a user successfully links an Item. The function should expect two arguments, the public_token and a metadata object. See onSuccess.
onExitcallback
A function that is called when a user has specifically exited the Link flow or if Link failed to initialize. The function should expect two arguments, a nullable error object and a metadata object. See onExit.
onEventcallback
A function that is called when a user reaches certain points in the Link flow. The function should expect two arguments, an eventName string and a metadata object.
onLoadcallback
A function that is called when the Link module has finished loading. Calls to plaidLinkHandler.open() prior to the onLoad callback will be delayed until the module is fully loaded.
languagestring
Specify a Plaid-supported language to localize Link. English will be used by default. Supported languages:
  • English ('en')
  • French ('fr')
  • Spanish ('es')
  • Dutch ('nl')
When using a Link customization, language must be set to match the language used in the customization.
countryCodesstring
Specify an array of Plaid-supported country codes using the ISO-3166-1 alpha-2 country code standard. Note that if you initialize with a European country code, your users will see the European consent panel during the Link flow. Supported country codes are: US, CA, ES, FR, GB, IE, NL. If not specified, will default to ['US']. If Link is launched with multiple countryCodes, only products that you are enabled for in all countries will be used by Link.
If a Link customization is being used, the countries configured here should match those in the customization.
To use the Auth features Instant Match, Automated Micro-deposits, or Same-day Micro-deposits, countryCodes must be set to ['US'].
accountSubtypesobject
By default, Link will only display account types that are compatible with all products supplied in the product parameter. You can further limit the accounts shown in Link by using accountSubtypes to specify the account subtypes to be shown in Link. Only the specified subtypes will be shown. To indicate that all subtypes should be shown, use the value "all". If the accountSubtypes filter is used, any account type for which a filter is not specified will be entirely omitted from Link.
Example value:
{
"depository": ["checking", "savings"],
"credit": ["all"]
}
For a full list of valid types and subtypes, see the Account schema.
For institutions using OAuth, the filter will not affect the list of institutions shown by the bank in the OAuth window.
<accountType>: [accountSubtype]string
An object of accountTypes composed of an array of accountSubtypes to filter.
webhookstring
Specify a webhook to associate with an Item. Plaid fires a webhook when the Item requires updated credentials, when new data is available, or when Auth numbers have been successfully verified.
tokenstring
Specify a public_token to launch Link in update mode for a particular Item. This will cause Link to open directly to the authentication step for that Item's institution. Use the /item/public_token/create endpoint to generate a public_token for an Item.
linkCustomizationNamestring
Specify the name of a Link customization created in the Dashboard. The default customization is used if none is provided. When using a Link customization, the language in the customization must match the language configured via the language parameter.
oauthNoncestring
An oauthNonce is required to support OAuth authentication flows when launching or re-launching Link on a mobile device and using one or more European country codes. The nonce must be at least 16 characters long.
oauthRedirectUristring
An oauthRedirectUri is required to support OAuth authentication flows when launching Link on a mobile device. Note that any redirect URI must also be added to the Allowed redirect URIs list in the developer dashboard.
oauthStateIdstring
An oauthStateId is required to support OAuth authentication flows when re-launching Link on a mobile device.
paymentTokenstring
A paymentToken must be specified if you are using the Payment Initiation (UK and Europe) product. This will cause Link to open directly to the Payment Initiation flow. Use the /payment_initiation/payment/token/create endpoint to generate a payment_token.
userLegalNamestring
The end user's legal name
userPhoneNumberstring
The end user's phone number
userEmailAddressstring
The end user's email address
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
const handler = Plaid.create({
  clientName: 'Plaid Quickstart',
  env: 'sandbox',
  key: 'PUBLIC_KEY',
  product: ['transactions'],
  onSuccess: (public_token, metadata) => {},
  onLoad: () => {},
  onExit: (err, metadata) => {},
  onEvent: (eventName, metadata) => {},
  countryCodes: ['US'],
  webhook: 'https://requestb.in',
  linkCustomizationName: '',
  language: 'en',
  oauthNonce: null,
  oauthRedirectUri: null,
  oauthStateId: null,
  token: null,
  paymentToken: null,
});

onSuccess

The onSuccess callback is called when a user successfully links an Item. It takes two arguments: the public_token and a metadata object.

onSuccess
public_tokenstring
Displayed once a user has successfully linked their Item.
metadataobject
Displayed once a user has successfully linked their Item.
institutionobject
An institution object. If the Item was created via Same-Day micro-deposit verification, will be null.
namestring
The full institution name, such as 'Wells Fargo'
institution_idstring
The Plaid institution identifier
accountsobject
A list of accounts attached to the connected Item. If Account Select is enabled via the developer dashboard, accounts will only include selected accounts.
idstring
The Plaid account_id
namestring
The official account name
maskstring
The last 2-4 alphanumeric characters of an account's official account number. Note that the mask may be non-unique between an Item's accounts, it may also not match the mask that the bank displays to the user. In some cases, the mask may be omitted from the callback as a fraud prevention measure; if this happens, it can instead be obtained by calling /accounts/get.
typestring
The account type. See the Account schema for a full list of possible values
subtypestring
The account subtype. See the Account schema for a full list of possible values
verification_statusstring
When micro-deposit-based verification is being used, the accounts object includes an Item's verification_status. Possible values are:
pending_automatic_verification: The Item is pending automatic verification
pending_manual_verification: The Item is pending manual micro-deposit verification. Items remain in this state until the user successfully verifies the two amounts.
automatically_verified: The Item has successfully been automatically verified
manually_verified: The Item has successfully been manually verified
verification_expired: Plaid was unable to automatically verify the deposit within 7 calendar days and will no longer attempt to validate the Item. Users may retry by submitting their information again through Link.
verification_failed: The Item failed manual micro-deposit verification because the user exhausted all 3 verification attempts. Users may retry by submitting their information again through Link.
accountdeprecatedobject
Deprecated. Use accounts instead.
link_session_idstring
A unique identifier associated with a user's actions and events through the Link flow. Include this identifier when opening a support ticket for faster turnaround.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
const handler = Plaid.create({
  ...,
  onSuccess: (public_token, metadata) => {
    fetch('//yourserver.com/exchange_public_token', {
      method: 'POST',
      body: {
        public_token: public_token,
        accounts: metadata.accounts,
        institution: metadata.institution,
        link_session_id: metadata.link_session_id,
      },
    });
  }
});
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
{
  institution: {
    name: 'Wells Fargo',
    institution_id: 'ins_4'
  },
  accounts: [
    {
      id: 'ygPnJweommTWNr9doD6ZfGR6GGVQy7fyREmWy',
      name: 'Plaid Checking',
      mask: '0000',
      type: 'depository',
      subtype: 'checking',
      verification_status: ''
    },
    {
      id: '9ebEyJAl33FRrZNLBG8ECxD9xxpwWnuRNZ1V4',
      name: 'Plaid Saving',
      mask: '1111',
      type: 'depository',
      subtype: 'savings'
    }
    ...
  ],
  link_session_id: '79e772be-547d-4c9c-8b76-4ac4ed4c441a'
}

onExit

The onExit callback is called when a user exits Link without successfully linking an Item, or when an error occurs during Link initialization. It takes two arguments, a nullable error object and a metadata object. The metadata parameter is always present, though some values may be null.

onExit
errorobject
A nullable object that contains the error type, code, and message of the error that was last encountered by the user. If no error was encountered, error will be null.
error_typeString
A broad categorization of the error.
error_codeString
The particular error code. Each error_type has a specific set of error_codes.
error_messageString
A developer-friendly representation of the error code.
display_messageString
A user-friendly representation of the error code. null if the error is not related to user action. This may change over time and is not safe for programmatic use.
metadataobject
Displayed once a user has successfully linked their Item.
institutionobject
An institution object. If the Item was created via Same-Day micro-deposit verification, will be null.
namestring
The full institution name, such as Wells Fargo
institution_idstring
The Plaid institution identifier
statusstring
The point at which the user exited the Link flow. One of the following values.
requires_questions
User prompted to answer security questions
requires_selections
User prompted to answer multiple choice question(s)
requires_code
User prompted to provide a one-time passcode
choose_device
User prompted to select a device on which to receive a one-time passcode
requires_credentials
User prompted to provide credentials for the selected financial institution or has not yet selected a financial institution
requires_oauth
User prompted to enter an OAuth flow
institution_not_found
User exited the Link flow after unsuccessfully (no results returned) searching for a financial institution
link_session_idstring
A unique identifier associated with a user's actions and events through the Link flow. Include this identifier when opening a support ticket for faster turnaround.
request_idstring
The request ID for the last request made by Link. This can be shared with Plaid Support to expedite investigation.
1
2
3
4
5
6
7
8
9
10
11
12
13
const handler = Plaid.create({
  ...,
  onExit: (error, metadata) => {
    // Save data from the onExit handler
    supportHandler.report({
      error: error,
      institution: metadata.institution,
      link_session_id: metadata.link_session_id,
      plaid_request_id: metadata.request_id,
      status: metadata.status,
    });
  },
});
1
2
3
4
5
6
{
  error_type: 'ITEM_ERROR',
  error_code: 'INVALID_CREDENTIALS',
  error_message: 'the credentials were not correct',
  display_message: 'The credentials were not correct.',
}
1
2
3
4
5
6
7
8
9
{
  institution: {
    name: 'Wells Fargo',
    institution_id: 'ins_4'
  },
  status: 'requires_credentials',
  link_session_id: '36e201e0-2280-46f0-a6ee-6d417b450438',
  request_id: '8C7jNbDScC24THu'
}

onEvent

The onEvent callback is called at certain points in the Link flow. It takes two arguments, an eventName string and a metadata object.
The metadata parameter is always present, though some values may be null. Note that new eventNames, metadata keys, or view names may be added without notice.
The onEvent callback is not guaranteed to fire exactly at the time of a user action in Link. If you need to determine the exact time when an event happened, use the timestamp in the metadata.
The following callback events are stable, which means that they will not be deprecated or changed: OPEN, EXIT, HANDOFF, SELECT_INSTITUTION, ERROR. The remaining callback events are informational and subject to change.

onEvent
eventNamestring
A string representing the event that has just occurred in the Link flow.
CLOSE_OAUTH
The user closed the third-party website or mobile app without completing the OAuth flow.
ERROR
A recoverable error occurred in the Link flow, see the error_code metadata.
EXIT
The user has exited without completing the Link flow and the onExit callback is fired.
FAIL_OAUTH
The user encountered an error while completing the third-party's OAuth login flow.
HANDOFF
The user has exited Link after successfully linking an Item.
MATCHED_SELECT_INSTITUTION
The user selected an institution that was presented as a matched institution.
MATCHED_SELECT_VERIFY_METHOD
The user selected a verification method for a matched institution.
OPEN
The user has opened Link.
OPEN_MY_PLAID
The user has opened my.plaid.com. This event is only sent when Link is initialized with Assets as a product
OPEN_OAUTH
The user has navigated to a third-party website or mobile app in order to complete the OAuth login flow.
SEARCH_INSTITUTION
The user has searched for an institution.
SELECT_BRAND
The user selected a brand, e.g. Bank of America. The SELECT_BRAND event is only emitted for large financial institutions with multiple online banking portals.
SELECT_INSTITUTION
The user selected an institution.
SUBMIT_CREDENTIALS
The user has submitted credentials.
SUBMIT_MFA
The user has submitted MFA.
TRANSITION_VIEW
The TRANSITION_VIEW event indicates that the user has moved from one view to the next.
metadataobject
An object containing information about the event.
error_typestring
The error type that the user encountered. Emitted by: ERROR, EXIT.
error_codestring
The error code that the user encountered. Emitted by ERROR, EXIT.
error_messagestring
The error message that the user encountered. Emitted by: ERROR, EXIT.
exit_statusstring
The status key indicates the point at which the user exited the Link flow. Emitted by: EXIT
institution_idstring
The ID of the selected institution. Emitted by: all events.
institution_namestring
The name of the selected institution. Emitted by: all events.
institution_search_querystring
The query used to search for institutions. Emitted by: SEARCH_INSTITUTION.
mfa_typestring
If set, the user has encountered one of the following MFA types: code, device, questions, selections. Emitted by: SUBMIT_MFA and TRANSITION_VIEW when view_name is MFA
view_namestring
The name of the view that is being transitioned to. Emitted by: TRANSITION_VIEW.
CONNECTED
The user has connected their account.
CONSENT
We ask the user to consent to the privacy policy.
CREDENTIAL
Asking the user for their account credentials.
ERROR
An error has occurred.
EXIT
Confirming if the user wishes to close Link.
LOADING
Link is making a request to our servers.
MATCHED_CONSENT
We ask the matched user to consent to the privacy policy and SMS terms.
MATCHED_CREDENTIAL
We ask the matched user for their account credentials to a matched institution.
MATCHED_MFA
We ask the matched user for MFA authentication to verify their identity.
MFA
The user is asked by the institution for additional MFA authentication.
NUMBERS
The user is asked to insert their account and routing numbers.
RECAPTCHA
The user was presented with a Google reCAPTCHA to verify they are human.
SELECT_ACCOUNT
We ask the user to choose an account.
SELECT_BRAND
The user selected a brand, e.g. Bank of America. The brand selection interface occurs before the institution select pane and is only provided for large financial institutions with multiple online banking portals.
SELECT_INSTITUTION
We ask the user to choose their institution.
request_idstring
The request ID for the last request made by Link. This can be shared with Plaid Support to expedite investigation. Emitted by: all events.
link_session_idstring
The link_session_id is a unique identifier for a single session of Link. It's always available and will stay constant throughout the flow. Emitted by: all events.
timestampstring
An ISO 8601 representation of when the event occurred. For example 2017-09-14T14:42:19.350Z. Emitted by: all events.
selectionstring
The verification method for a matched institution selected by the user. Possible values are phoneotp, password. Emitted by: MATCHED_SELECT_VERIFY_METHOD.
1
2
3
4
5
6
7
const handler = Plaid.create({
  ...,
  onEvent: (eventName, metadata) => {
    // send event and metadata to self-hosted analytics
    analytics.send(eventName, metadata);
  },
});
1
2
3
4
5
6
7
8
9
10
11
12
13
14
{
  error_type: 'ITEM_ERROR',
  error_code: 'INVALID_CREDENTIALS',
  error_message: 'the credentials were not correct',
  exit_status: null,
  institution_id: 'ins_4',
  institution_name: 'Wells Fargo',
  institution_search_query: 'wellsf',
  mfa_type: null,
  view_name: 'ERROR'
  request_id: 'm8MDnv9okwxFNBV',
  link_session_id: '30571e9b-d6c6-42ee-a7cf-c34768a8f62d',
  timestamp: '2017-09-14T14:42:19.350Z',
}

open()

Calling open will display the Consent Pane view to your user, starting the Link flow. Once open is called, you will begin receiving events via the onEvent callback.

1
2
3
4
const handler = Plaid.create({ ... });
// Open Link
handler.open();

exit()

The exit function allows you to programmatically close Link. Calling exit will trigger either the onExit or onSuccess callbacks.
The exit function takes a single, optional argument, a configuration Object.

exit
forceboolean
If true, Link will exit immediately. If false, or the option is not provided, an exit confirmation screen may be presented to the user.
1
2
3
4
5
const handler = Plaid.create({ ... });
// Graceful exit - Link may display a confirmation screen
// depending on how far the user is in the flow
handler.exit();
1
2
3
4
const handler = Plaid.create({ ... });
// Force exit - Link exits immediately
handler.exit({ force: true });

destroy()

The destroy function allows you to destroy the Link handler instance, properly removing any DOM artifacts that were created by it. Use destroy() when creating new replacement Link handler instances in the onExit callback.

1
2
3
4
const handler = Plaid.create({ ... })
// Destroy and clean up the Link handler & iFrame
handler.destroy();

Plaid Link for iOS

This section provides instructions for maintaining Plaid integrations using the deprecated public_key parameter. These instructions cannot be used for new integrations or for adding OAuth support to existing integrations. For up-to-date content on this topic, see the Link iOS SDK instead. For instructions on updating an existing legacy integration, see the Link token migration guide.

Overview

Here you find instructions on how to integrate and use Plaid Link for iOS. At the center of it lies LinkKit.framework: an embeddable framework managing the details of linking an account with Plaid.

To get up and running quickly with Plaid Link for iOS clone the Github repository and try out the example applications, which provide a reference implementation in Swift and Objective-C. Youʼll want to sign up for free API keys to get started.

Installation

Plaid Link for iOS is an embedabble framework that is bundled and distributed within your application. There are several ways to obtain the necessary files and keep them up-to-date; we recommend using CocoaPods or Carthage. Regardless of what you choose, submitting a new version of your application with the updated LinkKit.framework to the App Store is required.

Requirements

A new version of LinkKit.framework will be released around the 15th of every month. We recommend you keep up to date to provide the best Plaid Link experience in your application.

CocoaPods
  1. If you haven't already, install the latest version of CocoaPods.
  2. If you don't have an existing Podfile, run the following command to create one:
    1
    pod init
  3. Add this line to your Podfile:
    1
    pod 'Plaid'
  4. Run the following command:
    1
    pod install
  5. Add a custom Run Script build phase (we recommend naming it Prepare for Distribution ) with the script below, which prepares the LinkKit.framework for distribution through the App Store.
    1
    2
    3
    LINK_ROOT=${PODS_ROOT:+$PODS_ROOT/Plaid/ios}
    cp "${LINK_ROOT:-$PROJECT_DIR}"/LinkKit.framework/prepare_for_distribution.sh "${CODESIGNING_FOLDER_PATH}"/Frameworks/LinkKit.framework/prepare_for_distribution.sh
    "${CODESIGNING_FOLDER_PATH}"/Frameworks/LinkKit.framework/prepare_for_distribution.sh
  6. To update to newer releases in the future run:
    1
    pod install
Carthage
  1. If you haven't already, install the latest version of Carthage.
  2. If you don't have an existing Podfile, run the following command to create one:
    1
    pod init
  3. Add this line to your Podfile:
    1
    github "plaid/plaid-link-ios"
  4. Add a custom Run Script build phase (we recommend naming it Prepare for Distribution) with the script below, which prepares the LinkKit.framework for distribution through the App Store.
    1
    2
    3
    LINK_ROOT=${PODS_ROOT:+$PODS_ROOT/Plaid/ios}
    cp "${LINK_ROOT:-$PROJECT_DIR}"/LinkKit.framework/prepare_for_distribution.sh "${CODESIGNING_FOLDER_PATH}"/Frameworks/LinkKit.framework/prepare_for_distribution.sh
    "${CODESIGNING_FOLDER_PATH}"/Frameworks/LinkKit.framework/prepare_for_distribution.sh
  5. To update to newer releases in the future run:
    1
    carthage update plaid-ios --platform ios
Manual

Get the latest version of LinkKit.framework and embed it into your application.

Embed LinkKit.framework into your application, for example by dragging and dropping the file onto the Embed Frameworks build phase as shown below.

Depending on the location of the LinkKit.framework on the filesystem you may need to change the Framework Search Paths build setting to avoid the error: fatal error: 'LinkKit/LinkKit.h' file not found. For example, the LinkDemo Xcode projects have it set to FRAMEWORK_SEARCH_PATHS = $(PROJECT_DIR)/../ since the LinkKit.framework file is shared between them and is kept in the directory that also contains the demo project directories.

Finally, add a Run Script build phase (we recommend naming it Prepare for Distribution) with the script below. Be sure to run this build phase after the Embed Frameworks build phase or [CP] Embed Pods Frameworks build phase when integrating using CocoaPods, otherwise LinkKit.framework will not be properly prepared for distribution.

Failing to execute the run script build phase after the embed frameworks build phase very likely get your application rejected during App Store submission or review.

The script below removes from the framework any non-iOS device code that is included to support running LinkKit in the Simulator but that may not be distributed via the App Store.

Failing to run the script below will very likely get your application rejected during App Store submission or review.

Change the \${PROJECT_DIR\}/LinkKit.framework path in the example below according to your setup, and be sure to quote the filepaths when they contain whitespace.

1
2
3
LINK_ROOT=\${PODS_ROOT:+$PODS_ROOT/Plaid/ios\}
cp "\${LINK_ROOT:-$PROJECT_DIR\}"/LinkKit.framework/prepare_for_distribution.sh "\${CODESIGNING_FOLDER_PATH\}"/Frameworks/LinkKit.framework/prepare_for_distribution.sh
"\${CODESIGNING_FOLDER_PATH\}"/Frameworks/LinkKit.framework/prepare_for_distribution.sh

Implementation

To use Plaid Link for iOS import LinkKit and its symbols into your code.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
import LinkKit
extension ViewController : PLKPlaidLinkViewDelegate {
  // call presentPlaidLink to create + initialize Link
  func presentPlaidLink() {
    let linkViewController = PLKPlaidLinkViewController(configuration: PLKConfiguration(...), delegate: self)
    present(linkViewController, animated: true)
  }
  // handle didSucceedWithPublicToken delegate method
  func linkViewController(
    _ linkViewController: PLKPlaidLinkViewController,
    didSucceedWithPublicToken publicToken: String,
    metadata: [String : Any]?) { /* handle success */ }
  // handle didExitWithError delegate method
  func linkViewController(
    _ linkViewController: PLKPlaidLinkViewController,
    didExitWithError error: Error?,
    metadata: [String : Any]?) { /* handle exit | error */ }
  // handle didHandleEvent delegate method
  func linkViewController(
    _ linkViewController: PLKPlaidLinkViewController,
    didHandleEvent event: String,
    metadata: [String : Any]?) { /* handle exit | error */ }
}

Configure & present Link

Starting the Plaid Link for iOS experience is as simple as creating and presenting an instance of PLKPlaidLinkViewController. Then, create an instance of PLKConfiguration and pass that during the initialization of the PLKPlaidLinkViewController.

create_legacy
envString
The Plaid API environment on which to create user accounts. Valid environments are:
  • .sandbox
  • .development
  • .production
keyString
The public_key associated with your account; available in the Plaid Dashboard.
product[String]
A list of one or many Plaid product(s) you wish to use. Valid products are:
  • .auth
  • .transactions
  • .identity
  • .assets
  • .investments
  • .liabilities
  • .payment_initiation

Example: [.auth, .transactions]. .balance is not a valid value, the Balance product does not require explicit initialization and will automatically be initialized when any other product is initialized. Only institutions that support all requested products will be shown in Link.
In Production, you will be billed for each product that you specify when initializing Link. Note that a product cannot be removed from an Item once the Item has been initialized with that product. To stop billing on an Item for subscription-based products, such as Liabilities, Investments, and Transactions, remove the Item via /item/remove.
clientNameString
Displayed once a user has successfully linked their Item.
languageString
Specify a Plaid-supported language to localize Link. English will be used by default. Supported languages:
  • English ('en')
  • French ('fr')
  • Spanish ('es')
  • Dutch ('nl')
When using a Link customization profile, language must be set to match the language used in the customization profile.
countryCodes[String]
Specify an array of Plaid-supported country codes using the ISO-3166-1 alpha-2 country code standard. Note that if you initialize with a European country code, your users will see the European consent panel during the Link flow. Supported country codes are:
  • US
  • CA
  • ES
  • FR
  • GB
  • IE
  • NL

If not specified, will default to ['US']. If Link is launched with multiple countryCodes, only products that you are enabled for in all countries will be used by Link.
If a Link customization is being used, the countries configured here should match those in the customization.
To use the Auth features Instant Match, Automated Micro-deposits, or Same-day Micro-deposits, countryCodes must be set to ['US'].
accountSubtypesDictionary
By default, Link will only display account types that are compatible with all products supplied in the product parameter. You can further limit the accounts shown in Link by using accountSubtypes to specify the account subtypes to be shown in Link. Only the specified subtypes will be shown. To indicate that all subtypes should be shown, use the value "all". If the accountSubtypes filter is used, any account type for which a filter is not specified will be entirely omitted from Link.
Example value:
{
"depository": ["checking", "savings"],
"credit": ["all"]
}
For a full list of valid types and subtypes, see the Account schema.
For institutions using OAuth, the filter will not affect the list of institutions shown by the bank in the OAuth window.
webhookString
Specify a webhook to associate with an Item. Plaid fires a webhook when the Item requires updated credentials, when new data is available, or when Auth numbers have been successfully verified.
linkCustomizationNameString
Specify the name of a Link customization created in the Dashboard. The default customization is used if none is provided. When using a Link customization, the language specified in the customization must match the language configured via the language parameter.
oauthNonceString
An oauthNonce is required to support OAuth authentication flows when launching or re-launching Link on a mobile device and using one or more European country codes. The nonce must be at least 16 characters long.
oauthRedirectUriString
An oauthRedirectUri is required to support OAuth authentication flows when launching Link on a mobile device and using one or more European country codes. Any redirect URI must also be added to the Allowed redirect URIs list in the developer dashboard. For mobile app integrations, the redirect URI must be registered as an app link (not custom URI) to enable app-to-app authentication flows. You will need to configure an Android App Link or Apple App Association File. Custom URI schemes are not supported; a proper universal link must be used.
oauthStateIdString
An oauthStateId is required to support OAuth authentication flows when re-launching Link on a mobile device and using one or more European country codes.
paymentTokenString
A paymentToken must be specified if you are using the Payment Initiation (UK and Europe) product. This will cause Link to open directly to the Payment Initiation flow. Use the /payment_initiation/payment/token/create endpoint to generate a payment_token.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
let linkConfiguration = PLKConfiguration(
  env: .sandbox,
  key: "<YOUR_PLAID_PUBLIC_KEY>",
  product: [.auth]
)
linkConfiguration.clientName = "My application";
linkConfiguration.language = "en";
linkConfiguration.countryCodes = ["US", "CA", "GB"];
linkConfiguration.webhook = "https://webhook.com";
linkConfiguration.linkCustomizationName = "default";
linkConfiguration.oauthRedirectUri = "<YOUR_OAUTH_REDIRECT_URI>"
linkConfiguration.oauthNonce = UUID().uuidString
let linkViewController = PLKPlaidLinkViewController(
  configuration: linkConfiguration,
  delegate: self
)
present(linkViewController, animated: true)

didSucceedWithPublicToken

The closure is called when a user successfully links an Item. It should take a single LinkSuccess argument, containing the publicToken String and a metadata of type SuccessMetadata.

onSuccess
linkSuccessLinkSuccess
Contains the publicToken and metadata for this successful flow.
publicTokenString
Displayed once a user has successfully linked their Item.
metadataLinkSuccess
Displayed once a user has successfully linked their Item.
institutionInstitution
An institution object. If the Item was created via Same-Day micro-deposit verification, will be null.
nameString
The full institution name, such as 'Wells Fargo'
institutionIDInstitutionID (String)
The Plaid institution identifier
accountsArray<Account>
A list of accounts attached to the connected Item
idAccountID (String)
The Plaid account_id
nameString
The official account name
maskOptional<AccountMask> (Optional<String>)
The last 2-4 alphanumeric characters of an account's official account number. Note that the mask may be non-unique between an Item's accounts, it may also not match the mask that the bank displays to the user. In some cases, the mask may be omitted from the callback as a fraud prevention measure; if this happens, it can instead be obtained by calling /accounts/get.
subtypeAccountSubtype
The account subtype and its type. See Account Types for a full list of possible values.
verificationStatusOptional<VerificationStatus>
When micro-deposit-based verification is being used, the accounts object includes an Item's verification_status. Possible values are:
pending_automatic_verification: The Item is pending automatic verification.
pending_manual_verification: The Item is pending manual micro-deposit verification. Items remain in this state until the user successfully verifies the two amounts.
automatically_verified: The Item has successfully been automatically verified.
manually_verified: The Item has successfully been manually verified.
verification_expired: Plaid was unable to automatically verify the deposit within 7 calendar days and will no longer attempt to validate the Item. Users may retry by submitting their information again through Link.
verification_failed: The Item failed manual micro-deposit verification because the user exhausted all 3 verification attempts. Users may retry by submitting their information again through Link.
linkSessionIDString
A unique identifier associated with a user's actions and events through the Link flow. Include this identifier when opening a support ticket for faster turnaround.
metadataJSONString
Unprocessed metadata, formatted as JSON, sent from the Plaid API.
1
2
3
4
5
6
7
8
9
10
func linkViewController(
  _ linkViewController: PLKPlaidLinkViewController,
  didSucceedWithPublicToken publicToken: String,
  metadata: [String : Any]?
) {
  dismiss(animated: true) {
  // Exchange publicToken with an accessToken on your server
    NSLog("Successfully linked account!\npublicToken: (publicToken)\nmetadata: (metadata ?? [:])")
  }
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
{
  kPLKMetadataInstitutionKey: @{
    kPLKMetadataInstitutionNameKey: 'Wells Fargo',
    kPLKMetadataInstitutionIdKey: 'ins_4'
  },
  kPLKMetadataAccountsKey: [
    @{
      kPLKMetadataIdKey: 'ygPnJweommTWNr9doD6ZfGR6GGVQy7fyREmWy',
      kPLKMetadataNameKey: 'Plaid Checking',
      kPLKMetadataMaskKey: '0000',
      kPLKMetadataTypeKey: 'depository',
      kPLKMetadataSubtypeKey: 'checking',
      kPLKMetadataAccountVerificationStatusKey: ''
    },
    @{
      kPLKMetadataIdKey: '9ebEyJAl33FRrZNLBG8ECxD9xxpwWnuRNZ1V4',
      kPLKMetadataNameKey: 'Plaid Saving',
      kPLKMetadataMaskKey: '1111',
      kPLKMetadataTypeKey: 'depository',
      kPLKMetadataSubtypeKey: 'savings'
    }
    ...
  ],
  kPLKMetadataLinkSessionIdKey: '79e772be-547d-4c9c-8b76-4ac4ed4c441a'
}

didExitWithError

This optional closure is called when a user exits Link without successfully linking an Item, or when an error occurs during Link initialization. It should take a single LinkExit argument, containing an optional error and a metadata of type ExitMetadata.

onExit
linkExitLinkExit
Contains the optional error and metadata for when the flow was exited.
errorOptional<ExitError>
An Error type that contains the errorCode, errorMessage, and displayMessage of the error that was last encountered by the user. If no error was encountered, error will be nil.
errorCodeExitErrorCode
The error code and error type that the user encountered. Each errorCode has an associated errorType, which is a broad categorization of the error.
errorMessageString
A developer-friendly representation of the error code.
displayMessageOptional<String>
A user-friendly representation of the error code or nil if the error is not related to user action. This may change over time and is not safe for programmatic use.
metadataExitMetadata
Displayed once a user has successfully linked their Item.
statusOptional<ExitStatus>
The status key indicates the point at which the user exited the Link flow.
requiresQuestions
User prompted to answer security question(s).
requiresSelections
User prompted to answer multiple choice question(s).
requiresCode
User prompted to provide a one-time passcode.
chooseDevice
User prompted to select a device on which to receive a one-time passcode.
requiresCredentials
User prompted to provide credentials for the selected financial institution or has not yet selected a financial institution.
institutionNotFound
User exited the Link flow after unsuccessfully (no results returned) searching for a financial institution
unknown
The exit status has not been defined in the current version of the SDK. The unknown case has an associated value carrying the original exit status as sent by the Plaid API.
institutionOptional<Institution>
An institution object. If the Item was created via Same-Day micro-deposit verification, will be omitted.
institutionIDInstitutionID (String)
The Plaid specific identifier for the institution.
nameString
The full institution name, such as 'Wells Fargo'.
linkSessionIDOptional<String>
A unique identifier associated with a user's actions and events through the Link flow. Include this identifier when opening a support ticket for faster turnaround.
requestIDOptional<String>
The request ID for the last request made by Link. This can be shared with Plaid Support to expedite investigation.
metadataJSONRawJSONMetadata (String)
Unprocessed metadata, formatted as JSON, sent from Plaid API.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
func linkViewController(
    _ linkViewController: PLKPlaidLinkViewController,
  didExitWithError error: Error?,
                metadata: [String : Any]?
) {
  dismiss(animated: true) {
    if let error = error {
      NSLog("Failed to link account due to: (error.localizedDescription)\n metadata: (metadata ?? [:])")
      self.handleError(error, metadata: metadata)
    }
    else {
      NSLog("Plaid link exited with metadata: (metadata ?? [:])")
      self.handleExitWithMetadata(metadata)
    }
  }
}
1
2
3
4
5
6
{
  kPLKErrorTypeKey: 'ITEM_ERROR',
  kPLKErrorCodeKey: 'INVALID_CREDENTIALS',
  kPLKErrorMessageKey: 'the credentials were not correct',
  kPLKDisplayMessageKey: 'The credentials were not correct.',
}
1
2
3
4
5
6
7
8
{
   kPLKMetadataInstitutionKey: @{
    kPLKMetadataInstitutionNameKey: 'Wells Fargo',
    kPLKMetadataInstitutionIdKey: 'ins_4'
  },
  kPLKMetadataLinkSessionIdKey: '36e201e0-2280-46f0-a6ee-6d417b450438',
  kPLKMetadataRequestIdKey: '8C7jNbDScC24THu'
}

didHandleEvent

This optional closure is called when certain events in the Plaid Link flow have occurred, for example, when the user selected an institution. This enables your application to gain further insight into what is going on as the user goes through the Plaid Link flow.
The following onEvent callbacks are stable, which means that they will not be deprecated or changed: open, exit, handoff, selectInstitution, error. The remaining callback events are informational and subject to change.

onEvent
linkEventLinkEvent
Contains the eventName and metadata for the Link event.
eventNameEventName
An enum representing the event that has just occurred in the Link flow.
closeOAuth
The user closed the third-party website or mobile app without completing the OAuth flow.
error
A recoverable error occurred in the Link flow, see the errorCode in the `metadata.
exit
The user has exited without completing the Link flow and the onExit callback is fired.
failOAuth
The user encountered an error while completing the third-party's OAuth login flow.
handoff
The user has exited Link after successfully linking an Item.
matchedSelectInstitution
The user selected an institution that was presented as a matched institution.
matchedSelectVerifyMethod
The user selected a verification method for a matched institution.
open
The user has opened Link.
openMyPlaid
The user has opened my.plaid.com. This event is only sent when Link is initialized with Assets as a product.
openOAuth
The user has navigated to a third-party website or mobile app in order to complete the OAuth login flow.
searchInstitution
The user has searched for an institution.
selectBrand
The user selected a brand, e.g. Bank of America. The brand selection interface occurs before the institution select pane and is only provided for large financial institutions with multiple online banking portals.
selectInstitution
The user selected an institution.
submitCredentials
The user has submitted credentials.
submitMFA
The user has submitted MFA.
transitionView
The transitionView event indicates that the user has moved from one view to the next.
unknown
The event has not been defined in the current version of the SDK. The unknown case has an associated value carrying the original event name as sent by the Plaid API.
metadataEventMetadata struct
An object containing information about the event
errorCodeOptional<ExitErrorCode>
The error code that the user encountered. Emitted by: error, exit.
errorMessageOptional<String>
The error message that the user encountered. Emitted by: error, exit.
exitStatusOptional<ExitStatus>
The status key indicates the point at which the user exited the Link flow. Emitted by: exit.
requiresQuestions
User prompted to answer security question(s).
requiresSelections
User prompted to answer multiple choice question(s).
requiresCode
User prompted to provide a one-time passcode.
chooseDevice
User prompted to select a device on which to receive a one-time passcode.
requiresCredentials
User prompted to provide credentials for the selected financial institution or has not yet selected a financial institution.
institutionNotFound
User exited the Link flow after unsuccessfully (no results returned) searching for a financial institution
unknown
The exit status has not been defined in the current version of the SDK. The unknown case has an associated value carrying the original exit status as sent by the Plaid API.
institutionIDOptional<InstitutionID> (Optional<String>)
The ID of the selected institution. Emitted by: all events.
institutionNameOptional<String>
The name of the selected institution. Emitted by: all events.
institutionSearchQueryOptional<String>
The query used to search for institutions. Emitted by: searchInstitution.
linkSessionIDString
The link_session_id is a unique identifier for a single session of Link. It's always available and will stay constant throughout the flow. Emitted by: all events.
mfaTypeOptional<MFAType>
If set, the user has encountered one of the following MFA types: code, device, questions, selections. Emitted by: submitMFA and transitionView when viewName is mfa
requestIDOptional<String>
The request ID for the last request made by Link. This can be shared with Plaid Support to expedite investigation. Emitted by: all events.
selectionOptional<String>
The verification method for a matched institution selected by the user. Possible values are phoneotp, password. Emitted by: matchedSelectVerifyMethod.
timestampDate
An ISO 8601 representation of when the event occurred. For example 2017-09-14T14:42:19.350Z. Emitted by: all events.
viewNameOptional<ViewName>
The name of the view that is being transitioned to. Emitted by: transitionView.
connected
The user has connected their account.
consent
We ask the user to consent to the privacy policy.
credential
Asking the user for their account credentials.
error
An error has occurred.
exit
Confirming if the user wishes to close Link.
loading
Link is making a request to our servers.
matchedConsent
We ask the matched user to consent to the privacy policy and SMS terms.
matchedCredential
We ask the matched user for their account credentials to a matched institution.
matchedMfa
We ask the matched user for MFA authentication to verify their identity.
mfa
The user is asked by the institution for additional MFA authentication.
numbers
The user is asked to insert their account and routing numbers.
recaptcha
The user was presented with a Google reCAPTCHA to verify they are human.
selectAccount
We ask the user to choose an account.
selectBrand
The user selected a brand, e.g. Bank of America. The brand selection interface occurs before the institution select pane and is only provided for large financial institutions with multiple online banking portals.
selectInstitution
We ask the user to choose their institution.
unknown
The view has not been defined in the current version of the SDK. The unknown case has an associated value carrying the original view name as sent by the Plaid API.
metadataJSONRawJSONMetadata (String)
Unprocessed metadata, formatted as JSON, sent from Plaid API.
1
2
3
4
5
6
7
func linkViewController(
  _ linkViewController: PLKPlaidLinkViewController,
  didHandleEvent event: String,
  metadata: [String : Any]?
) {
  NSLog("Link event: (event)\nmetadata: (metadata ?? [:])")
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
{
  kPLKMetadataErrorTypeKey: 'ITEM_ERROR',
  kPLKMetadataErrorCodeKey: 'INVALID_CREDENTIALS',
  kPLKMetadataErrorMessageKey: 'the credentials were not correct',
  kPLKMetadataExitStatusKey: '',
  kPLKMetadataInstitutionIdKey: 'ins_4',
  kPLKMetadataInstitutionNameKey: 'Wells Fargo',
  kPLKMetadataInstitutionSearchQueryKey: 'wellsf',
  kPLKMetadataLinkSessionIdKey: '30571e9b-d6c6-42ee-a7cf-c34768a8f62d',
  kPLKMetadataMFATypeKey: '',
  kPLKMetadataRequestIdKey: 'm8MDnv9okwxFNBV',
  kPLKMetadataTimestampKey: '2017-09-14T14:42:19.350Z',
  kPLKMetadataViewNameKey: 'ERROR'
}

Plaid Link for Android

This section provides instructions for maintaining Plaid integrations using the deprecated public_key parameter. These instructions cannot be used for new integrations or for adding OAuth support to existing integrations. For up-to-date content on this topic, see the Link Android SDK instead. For instructions on updating an existing legacy integration, see the Link token migration guide.

Overview

Here you find instructions on how to integrate and use Plaid Link for Android. At the center of it lies LinkSdk: an embeddable framework managing the details of linking an account with Plaid.

To get up and running quickly with Plaid Link for Android, clone the GitHub repository and try out the example applications, which provide a reference implementation in Java and Kotlin. Youʼll want to sign up for free API keys through the Plaid Developer Dashboard to get started.

Requirements

A new version of the Android SDK will be released around the 15th of every month. You should keep your version up-to-date to provide the best Plaid Link experience in your application.

Update your project plugins

In your root-level (project-level) Gradle file (build.gradle), add rules to include the Android Gradle plugin. Check that you have Google's Maven repository, as well.

1
2
3
4
5
6
7
8
9
10
11
buildscript {
    repositories {
        // Check that you have the following line (if not, add it):
        google()  // Google's Maven repository
        mavenCentral() // Include to import Plaid Link Android SDK
        jcenter() // Include to import Plaid Link transitive dependencies
    }
    dependencies {
        // ...
    }
}
Add the PlaidLink SDK to your app

In your module (app-level) Gradle file (usually app/build.gradle), add a line to the bottom of the file. The latest version of the PlaidLink SDK is Maven Central and can be found on Maven Central.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
android {
  defaultConfig {
    minSdkVersion 21 // or greater
  }
  // Enable Java 8 support for Link to work
  compileOptions {
    sourceCompatibility JavaVersion.VERSION_1_8
    targetCompatibility JavaVersion.VERSION_1_8
  }
}
dependencies {
  // ...
  implementation 'com.plaid.link:sdk-core:<insert latest version>'
}
Register your app ID

To register your Android app ID:

  1. Log in to the Plaid Dashboard
  2. Navigate to the API pane on the Team Settings page
  3. Configure one or more Android package names (e.g.com.plaid.example)
  4. Save your changes

Your Android app is now set up and ready to start integrating with the Plaid SDK.

Initialize Plaid Link Instance

Create an instance of Plaid Link by calling Plaid.initialize(application). Try to do this as early as possible to speed up opening Plaid Link.

1
2
3
4
5
6
7
8
9
import android.app.Application
import com.plaid.link.Plaid
class MyApplication : Application() {
  override fun onCreate() {
    super.onCreate()
    Plaid.intialize(this)
  }

Open Link

The Plaid object can be used to open Link with the given configuration. With Kotlin you can use the openPlaidLink extension function from an Activity or Fragment.

create_legacy
accountSubtypesList
By default, Link will only display account types that are compatible with all products supplied in the product parameter. You can further limit the accounts shown in Link by using accountSubtypes to specify the account subtypes to be shown in Link. Only the specified subtypes will be shown. To indicate that all subtypes should be shown, use the value "all". If the accountSubtypes filter is used, any account type for which a filter is not specified will be entirely omitted from Link.
Example value:
{
"depository": ["checking", "savings"],
"credit": ["all"]
}
For a full list of valid types and subtypes, see the Account schema.
For institutions using OAuth, the filter will not affect the list of institutions shown by the bank in the OAuth window.
clientNameString
Displayed once a user has successfully linked their Item.
countryCodesList
Specify an array of Plaid-supported country codes using the ISO-3166-1 alpha-2 country code standard. Accepted values must use the native Android Locale country. If Link is launched with multiple countryCodes only products that you are enabled for in all specified countries will be available. Supported countries:
  • Canada: Locale.CA.country
  • France: Locale.FR.country
  • Ireland: Locale.IE.country
  • Netherlands: Locale.NL.country
  • Spain: Locale.ES.country
  • United Kingdom: Locale.UK.country
  • United States: Locale.US.country
If a Link customization is being used, the countries configured here should match those in the customization.
To use the Auth features Instant Match, Automated Micro-deposits, or Same-day Micro-deposits, countryCodes must be set to [Locale.US.country].
environmentString
The Plaid API environment on which to create user accounts. Available environments
  • Sandbox: PlaidEnvironment.SANDBOX
  • Development: PlaidEnvironment.DEVELOPMENT
  • Production: PlaidEnvironment.PRODUCTION
languageString
Specify a Plaid-supported language to localize Link. Accepted values must use the native Android Locale Language. English will be used by default. Supported languages:
  • English: Locale.ENGLISH.language
  • French: Locale.FRENCH.language
  • Spanish: Locale.SPANISH.language
  • Dutch: Locale.DUTCH.language
When using a Link customization, language must be set to match the language used in the customization.
productsList
A list of Plaid product(s) you wish to use. Only institutions that support all requested products will be shown in Link. Valid products:
  • Auth: PlaidProduct.AUTH
  • Transactions: PlaidProduct.TRANSACTIONS
  • Identity: PlaidProduct.IDENTITY
  • Assets: PlaidProduct.ASSETS
  • Investments: PlaidProduct.INVESTMENTS
  • Liabilities: PlaidProduct.LIABILITIES
  • PaymentInitiation: PlaidProduct.PAYMENT_INITIATION

In Production, you will be billed for each product that you specify when initializing Link. Note that a product cannot be removed from an Item once the Item has been initialized with that product. To stop billing on an Item for subscription-based products, such as Liabilities, Investments, and Transactions, remove the Item via /item/remove.
linkCustomizationNameString
Specify the name of a Link customization created in the Dashboard. The default customization is used if none is provided. When using a Link customization, the language specified in the customization must match the language configured via the language parameter.
logLevelenum
Set the level at which to log statements. Possible values are ASSERT, DEBUG, ERROR, INFO, VERBOSE, and WARN.
publicKeyString
The public_key associated with your account; available from the Dashboard.
tokenstring
Specify a payment_token or access_token. For link_token use a LinkTokenConfiguration instead.
userLegalNamestring
The end user's legal name
userPhoneNumberstring
The end user's phone number
userEmailAddressstring
The end user's email address
webhookString
Specify a webhook to associate with an Item. Plaid fires a webhook when the Item requires updated credentials, when new data is available, or when Auth numbers have been successfully verified.
extraParamsdeprecatedmap<string, string>
Any additional params that need to be passed into the SDK can be added here.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
import android.content.Intent
import com.plaid.link.Plaid
import com.plaid.linkbase.models.LinkConfiguration
import com.plaid.linkbase.models.PlaidEnvironment
import com.plaid.linkbase.models.PlaidProduct
import com.plaid.link.configuration.LinkLogLevel
class MainActivity : AppCompatActivity() {
  override fun onCreate(savedInstanceState: Bundle?) {
    super.onCreate(savedInstanceState)
    // Open Link – this will usually be in a click listener
    this@MainActivity.openPlaidLink(
      linkConfiguration = linkConfiguration {
        environment = PlaidEnvironment.SANDBOX
        products = listOf(PlaidProduct.TRANSACTIONS)
        clientName = "My Application name"
        language = Locale.ENGLISH.language
        countryCodes = listOf(Locale.US.country)
        webhook = "https://requestb.in"
        linkCustomizationName = "default"
        publicToken = null
        paymentToken = null
      }
    )
  }
}

Handling Results and Events

The onActivityResult handler is called for the onSuccess and onExit events. Use PlaidLinkResultHandler to parse the result out of the returned intent.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
import android.content.Intent
import com.plaid.link.LinkActivity
import com.plaid.link.Plaid
import com.plaid.linkbase.models.LinkEventListener
import com.plaid.linkbase.models.PlaidApiError
import com.plaid.linkbase.models.PlaidEnvironment
import com.plaid.linkbase.models.PlaidProduct
class MainActivity : AppCompatActivity() {
  private val resultHandler = PlaidLinkResultHandler(
    onSuccess = { it: LinkConnection -> /* handle onSuccess */ }
    onExit = { it: PlaidError -> /* handle onExit */ }
  )
  override fun onActivityResult(requestCode: Int, resultCode: Int, data: Intent?) {
    super.onActivityResult(requestCode, resultCode, data)
    if (!resultHandler.onActivityResult(requestCode, resultCode, data)) {
      Log.i(MainActivity.class.getSimpleName(), "Not handled");
    }
  }
  override fun onCreate(savedInstanceState: Bundle?) {
    super.onCreate(savedInstanceState)
    Plaid.setLinkEventListener { event -> Log.i("Event", event.toString()) }
    ...
  }
}

onSuccess

The method is called when a user successfully links an Item. The onSuccess handler returns a LinkConnection class that includes the public_token, and additional Link metadata in the form of a LinkConnectionMetadata class.

onSuccess
publicTokenString
Displayed once a user has successfully linked their Item.
metadataObject
Displayed once a user has successfully linked their Item.
accountsList<LinkAccount>
A list of accounts attached to the connected Item. If Account Select is enabled via the developer dashboard, accounts will only include selected accounts.
idstring
The Plaid account_id
namestring
The official account name
maskstring
The last 2-4 alphanumeric characters of an account's official account number. Note that the mask may be non-unique between an Item's accounts, it may also not match the mask that the bank displays to the user. In some cases, the mask may be omitted from the callback as a fraud prevention measure; if this happens, it can instead be obtained by calling /accounts/get.
subtypeLinkAccountSubtype
The account subtype. See the Account schema for a full list of possible values
typeLinkAccountType
The account type. See the Account schema for a full list of possible values
verification_statusstring
When micro-deposit-based verification is being used, the accounts object includes an Item's verification_status. Possible values are:
pending_automatic_verification: The Item is pending automatic verification
pending_manual_verification: The Item is pending manual micro-deposit verification. Items remain in this state until the user successfully verifies the two amounts.
automatically_verified: The Item has successfully been automatically verified
manually_verified: The Item has successfully been manually verified
verification_expired: Plaid was unable to automatically verify the deposit within 7 calendar days and will no longer attempt to validate the Item. Users may retry by submitting their information again through Link.
verification_failed: The Item failed manual micro-deposit verification because the user exhausted all 3 verification attempts. Users may retry by submitting their information again through Link.
institutionobject
An institution object. If the Item was created via Same-Day micro-deposit verification, will be null.
namestring
The full institution name, such as 'Wells Fargo'
institution_idstring
The Plaid institution identifier
linkSessionIdString
A unique identifier associated with a user's actions and events through the Link flow. Include this identifier when opening a support ticket for faster turnaround.
metadataJsonMap
The data directly returned from the server with no client side changes.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
class MainActivity : AppCompatActivity() {
  private val resultHandler = PlaidLinkResultHandler(
    // ...
    onSuccess = { it: LinkConnection ->
      // Send public_token to your server, exchange for access_token
      val publicToken = it.publicToken
      val metadata = it.linkConnectionMetadata
      val accountId = metadata.accounts.first().accountId
      val accountName = metadata.accounts.first().accountName
      val accountNumber = metadata.accounts.first().accountNumber
      val accountType = metadata.accounts.first().accountType
      val accountSubType = metadata.accounts.first().accountSubType
      val institutionId = metadata.institutionId
      val institutionName = metadata.institutionName
    }
  )
}

onExit

The onExit handler is called when a user exits Link without successfully linking an Item, or when an error occurs during Link initialization. The PlaidError returned from the onExit handler is meant to help you guide your users after they have exited Link. We recommend storing the error and metadata information server-side in a way that can be associated with the user. You’ll also need to include this and any other relevant information in Plaid Support requests for the user.

onExit
errorMap<String, Object>
An object that contains the error type, error code, and error message of the error that was last encountered by the user. If no error was encountered, error will be null.
displayMessageString
A user-friendly representation of the error code. null if the error is not related to user action. This may change over time and is not safe for programmatic use.
errorCodeString
The particular error code. Each errorType has a specific set of errorCodes. A code of 499 indicates a client-side exception.
jsonString
A string representation of the error code.
errorTypeString
A broad categorization of the error.
errorMessageString
A developer-friendly representation of the error code.
errorJsonString
The data directly returned from the server with no client side changes.
LinkExitMetadataMap<String, Object>
An object containing information about the exit event
linkSessionIdString
A unique identifier associated with a user's actions and events through the Link flow. Include this identifier when opening a support ticket for faster turnaround.
institutionobject
An institution object. If the Item was created via Same-Day micro-deposit verification, will be null.
namestring
The full institution name, such as 'Wells Fargo'
institution_idstring
The Plaid institution identifier
statusString
The point at which the user exited the Link flow. One of the following values.
requires_questions
User prompted to answer security questions
requires_selections
User prompted to answer multiple choice question(s)
requires_recaptcha
User prompted to solve a ReCAPTCHA challenge
requires_code
User prompted to provide a one-time passcode
choose_device
User prompted to select a device on which to receive a one-time passcode
requires_credentials
User prompted to provide credentials for the selected financial institution or has not yet selected a financial institution
institution_not_found
User exited the Link flow after unsuccessfully (no results returned) searching for a financial institution
unknown
An exit status that is not handled by the current version of the SDK
requestIdString
The request ID for the last request made by Link. This can be shared with Plaid Support to expedite investigation
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
class MainActivity : AppCompatActivity() {
  private val resultHandler = PlaidLinkResultHandler(
    // ...
    onExit = {
      PlaidError error = it.error?
      String errorType = error.errorType
      String errorCode = error.errorCode
      String errorMessage = error.errorMessage
      String displayMessage = error.displayMessage
      LinkExitMetadata metadata = it.linkExitMetadata
      String institutionId = metadata.institutionId
      String institutionName = metadata.institutionName
      String linkSessionId = metadata.linkSessionId;
      String requestId = metadata.requestId;
    },
  )
}

onEvent

The onEvent callback is called at certain points in the Link flow. Unlike the handlers for onSuccess and onExit, the onEvent handler is initialized as a global lambda passed to the Plaid class. OPEN events will be sent immediately upon Link’s opening, and remaining events will be sent by the time onSuccess or onExit is called. If you need the exact time when an event happened, use the timestamp property.
The following onEvent callbacks are stable, which means that they will not be deprecated or changed: OPEN, EXIT, HANDOFF, SELECT_INSTITUTION, ERROR. The remaining callback events are informational and subject to change.

onEvent
eventNameString
A string representing the event that has just occurred in the Link flow.
CLOSE_OAUTH
The user closed the third-party website or mobile app without completing the OAuth flow.
ERROR
A recoverable error occurred in the Link flow, see the error_code metadata.
EXIT
The user has exited without completing the Link flow and the onExit callback is fired.
FAIL_OAUTH
The user encountered an error while completing the third-party's OAuth login flow.
HANDOFF
The user has exited Link after successfully linking an Item.
OPEN
The user has opened Link.
OPEN_MY_PLAID
The user has opened my.plaid.com. This event is only sent when Link is initialized with assets as a product.
OPEN_OAUTH
The user has navigated to a third-party website or mobile app in order to complete the OAuth login flow.
MATCHED_SELECT_INSTITUTION
The user selected an institution that was presented as a matched institution.
MATCHED_SELECT_VERIFY_METHOD
The user selected a verification method for a matched institution.
SEARCH_INSTITUTION
The user has searched for an institution.
SELECT_BRAND
The user selected a brand, e.g. Bank of America. The brand selection interface occurs before the institution select pane and is only provided for large financial institutions with multiple online banking portals.
SELECT_INSTITUTION
The user selected an institution.
SUBMIT_CREDENTIALS
The user has submitted credentials.
SUBMIT_MFA
The user has submitted MFA.
TRANSITION_VIEW
The TRANSITION_VIEW event indicates that the user has moved from one view to the next.
UNNOWN
The UNKNOWN event indicates that the event is not handled by the current version of the SDK.
LinkEventMetadataMap<String, Object>
An object containing information about the event.
errorCodeString
The error code that the user encountered. Emitted by: ERROR, EXIT.
errorMessageString
The error message that the user encountered. Emitted by: ERROR, EXIT.
errorTypeString
The error type that the user encountered. Emitted by: ERROR, EXIT.
exitStatusString
The status key indicates the point at which the user exited the Link flow. Emitted by: EXIT.
institutionIdString
The ID of the selected institution. Emitted by: all events.
institutionNameString
The name of the selected institution. Emitted by: all events.
institutionSearchQueryString
The query used to search for institutions. Emitted by: SEARCH_INSTITUTION.
linkSessionIdString
The link_session_id is a unique identifier for a single session of Link. It's always available and will stay constant throughout the flow. Emitted by: all events.
mfaTypeString
If set, the user has encountered one of the following MFA types: code device questions selections. Emitted by: SUBMIT_MFA and TRANSITION_VIEW when view_name is MFA.
requestIdString
The request ID for the last request made by Link. This can be shared with Plaid Support to expedite investigation. Emitted by: all events.
selectionString
The verification method for a matched institution selected by the user. Possible values are phoneotp, password. Emitted by: MATCHED_SELECT_VERIFY_METHOD.
timestampString
An ISO 8601 representation of when the event occurred. For example 2017-09-14T14:42:19.350Z. Emitted by: all events.
viewNameString
The name of the view that is being transitioned to. Emitted by: TRANSITION_VIEW.
CONNECTED
The user has connected their account.
CONSENT
We ask the user to consent to the privacy policy.
CREDENTIAL
Asking the user for their account credentials.
ERROR
An error has occurred.
EXIT
Confirming if the user wishes to close Link.
LOADING
Link is making a request to our servers.
MATCHED_CONSENT
We ask the matched user to consent to the privacy policy and SMS terms.
MATCHED_CREDENTIAL
We ask the matched user for their account credentials to a matched institution.
MATCHED_MFA
We ask the matched user for MFA authentication to verify their identity.
MFA
The user is asked by the institution for additional MFA authentication.
NUMBERS
The user is asked to insert their account and routing numbers.
RECAPTCHA
The user was presented with a Google reCAPTCHA to verify they are human.
SELECT_ACCOUNT
We ask the user to choose an account.
SELECT_BRAND
The user selected a brand, e.g. Bank of America. The brand selection interface occurs before the institution select pane and is only provided for large financial institutions with multiple online banking portals.
SELECT_INSTITUTION
We ask the user to choose their institution.
metadataJsonString
The data directly returned from the server with no client side changes.
1
2
3
4
5
6
7
8
9
class MainActivity : AppCompatActivity() {
  override fun onCreate(savedInstanceState: Bundle?) {
    Plaid.setLinkEventListener(linkEventListener = {
      Log.i("Event", it.toString())
    })
  }
}

Plaid Link for React Native

This section provides instructions for maintaining Plaid integrations using the deprecated public_key parameter. These instructions cannot be used for new integrations or for adding OAuth support to existing integrations. For up-to-date content on this topic, see the Link React Native SDK instead. For instructions on updating an existing legacy integration, see the Link token migration guide.

To get started with Plaid Link for React Native youʼll want to sign up for free API keys through the Plaid Developer Dashboard.

Requirements

A new version of the React Native SDK will be released around the 20th of every month. You should keep your version up-to-date to provide the best Plaid Link experience in your application.

Version Compatibility
React Native SDKAndroid SDKiOS SDKStatus
7.x.x3.2.x>=2.0.7Active
6.x.x3.x.x>=2.0.1Active
5.x.x2.1.x>=1.1.34Active
4.x.x2.0.x<=1.1.33Active
3.x.x1.x.x<=1.1.33Deprecated
2.x.x0.3.x<=1.1.27Deprecated
1.x.x< 0.3.x<=1.1.24Deprecated

Getting Started

Installing the SDK

In your react-native project directory, run:

1
npm install --save react-native-plaid-link-sdk

Next Steps

PlaidLink

PlaidLink is the the React component used to open Link from a React Native application. PlaidLink renders a Pressable component, which wraps the component you provide and intercepts onPress events to open Link.

plaidLink_legacy
onSuccessLinkSuccessListener
A function that is called when a user successfully links an Item. The function should expect one argument.
publicKeyConfigdeprecatedLinkPublicKeyConfiguration
A configuration used to open Link with a a public key
publicKeyString
The public_key associated with your account; available from the Dashboard.
oauthConfiguration
Values used to configure the application for OAuth
oauthNoncestring
An oauthNonce is required to support OAuth authentication flows when launching or re-launching Link on a mobile device and using one or more European country codes. The nonce must be at least 16 characters long.
oauthRedirectUri
An oauthRedirectUri is required to support OAuth authentication flows when launching Link on a mobile device and using one or more European country codes. Note that any redirect URI must also be added to the Allowed redirect URIs list in the developer dashboard.
clientNamestring
Displayed once a user has successfully linked their Item.
countryCodesArray<string>
Specify an array of Plaid-supported country codes using the ISO-3166-1 alpha-2 country code standard. Note that if you initialize with a European country code, your users will see the European consent panel during the Link flow. Supported country codes are: US, CA, ES, FR, GB, IE, NL. If not specified, will default to ['US']. If Link is launched with multiple countryCodes, only products that you are enabled for in all countries will be used by Link.
If a Link customization is being used, the countries configured here should match those in the customization.
environmentPlaidEnvironment
The Plaid API environment on which to create user accounts. Possible values are sandbox, development, and production.
productArray<PlaidProduct>
A list of Plaid products you wish to use. Valid products are: transactions, auth, identity, assets, investments, liabilities, and payment_initiation. Example: ['auth', 'transactions']. balance is not a valid value, the Balance product does not require explicit initalization and will automatically be initialized when any other product is initialized. Only institutions that support all requested products will be shown in Link.
In Production, you will be billed for each product that you specify when initializing Link. Note that a product cannot be removed from an Item once the Item has been initialized with that product. To stop billing on an Item for subscription-based products, such as Liabilities, Investments, and Transactions, remove the Item via /item/remove.
accountSubtypesArray<LinkAccountSubtype>
By default, Link will only display account types that are compatible with all products supplied in the product parameter. You can further limit the accounts shown in Link by using accountSubtypes to specify the account subtypes to be shown in Link. Only the specified subtypes will be shown. To indicate that all subtypes should be shown, use the value "all". If the accountSubtypes filter is used, any account type for which a filter is not specified will be entirely omitted from Link.
Example value:
{
"depository": ["checking", "savings"],
"credit": ["all"]
}
For a full list of valid types and subtypes, see the Account schema.
For institutions using OAuth, the filter will not affect the list of institutions shown by the bank in the OAuth window.
linkCustomizationNamestring
Specify the name of a Link customization created in the Dashboard. The default customization is used if none is provided. When using a Link customization, the language in the customization must match the language configured via the language parameter.
tokenstring
Specify a link_token to authenticate your app with Link. This is a short lived, one-time use token that should be unique for each Link session. In addition to the primary flow, a link_token can be configured to launch Link in update mode for Items with expired credentials, or the Payment Initiation (UK and Europe) flow. See the /link/token/create endpoint for a full list of configurations.
userLegalNamestring
The end user's legal name
userPhoneNumberstring
The end user's phone number
userEmailAddressstring
The end user's email address
webhookstring
Specify a webhook to associate with an Item. Plaid fires a webhook when the Item requires updated credentials, when new data is available, or when Auth numbers have been successfully verified.
logLevelLinkLogLevel
Set the level at which to log statements
Possible values: DEBUG, INFO, WARN, ERROR
extraParamsRecord<string, any>
You do not need to use this field unless specifically instructed to by Plaid.
onExitLinkExitListener
A function that is called when a user exits Link without successfully linking an Item, or when an error occurs during Link initialization. The function should expect one argument.
childrenReact.ReactNode
The underlying component to render
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
<PlaidLink
  publicKeyConfig={{
    clientName: 'Client Name',
    publicKey: '<INSERT PUBLIC KEY>',
    environment: PlaidEnvironment.SANDBOX,
    products: Array.of(PlaidProduct.AUTH),
    language: 'en',
    countryCodes: Array.of('US'),
    logLevel: LinkLogLevel.DEBUG,
    oauthConfiguration: {
      nonce: '',
      redirectUri: 'https://myapp.example.com',
    },
  }}
  onSuccess={(success: LinkSuccess) => {
    console.log(success);
  }}
  onExit={(exit: LinkExit) => {
    console.log(exit);
  }}
>
  <Text>Add Account</Text>
</PlaidLink>

onSuccess

The onSuccess callback returns a LinkSuccess object.

The method is called when a user successfully links an Item. The onSuccess handler returns a LinkConnection class that includes the public_token, and additional Link metadata in the form of a LinkConnectionMetadata class.

onSuccess
publicTokenString
Displayed once a user has successfully linked their Item.
metadataLinkSuccessMetadata
Displayed once a user has successfully linked their Item.
accountsArray<LinkAccount>
A list of accounts attached to the connected Item. If Account Select is enabled via the developer dashboard, accounts will only include selected accounts.
idstring
The Plaid account_id
namestring
The official account name
maskstring
The last 2-4 alphanumeric characters of an account's official account number. Note that the mask may be non-unique between an Item's accounts, it may also not match the mask that the bank displays to the user. In some cases, the mask may be omitted from the callback as a fraud prevention measure; if this happens, it can instead be obtained by calling /accounts/get.
typeLinkAccountType
The account type. See the Account schema for a full list of possible values
subtypeLinkAccountSubtype
The account subtype. See the Account schema for a full list of possible values
verification_statusLinkAccountVerificationStatus
When micro-deposit-based verification is being used, the accounts object includes an Item's verification_status
pending_automatic_verification
The Item is pending automatic verification
pending_manual_verification
The Item is pending manual micro-deposit verification. Items remain in this state until the user successfully verifies the two amounts.
automatically_verified
The Item has successfully been automatically verified
manually_verified
The Item has successfully been manually verified
verification_expired
Plaid was unable to automatically verify the deposit within 7 calendar days and will no longer attempt to validate the Item. Users may retry by submitting their information again through Link.
verification_failed
The Item failed manual micro-deposit verification because the user exhausted all 3 verification attempts. Users may retry by submitting their information again through Link.ents
institutionobject
An institution object. If the Item was created via Same-Day micro-deposit verification, will be null.
namestring
The full institution name, such as 'Wells Fargo'
idstring
The Plaid institution identifier
linkSessionIdString
A unique identifier associated with a user's actions and events through the Link flow. Include this identifier when opening a support ticket for faster turnaround.
metadataJsonMap
The data directly returned from the server with no client side changes.
1
2
3
4
5
6
7
8
9
10
11
const onSuccess = (success: LinkSuccess) => {
  fetch('https://yourserver.com/get_access_token', {
    method: 'POST',
    body: {
      publicToken: linkSuccess.publicToken,
      accounts: linkSuccess.metadata.accounts,
      institution: linkSuccess.metadata.institution,
      linkSessionId: linkSuccess.metadata.linkSessionId,
    },
  });
};

onExit

The onExit handler is called when a user exits Link without successfully linking an Item, or when an error occurs during Link initialization. The PlaidError returned from the onExit handler is meant to help you guide your users after they have exited Link. We recommend storing the error and metadata information server-side in a way that can be associated with the user. You’ll also need to include this and any other relevant info in Plaid Support requests for the user.

onExit
errorLinkError
An object that contains the error type, error code, and error message of the error that was last encountered by the user. If no error was encountered, error will be null.
displayMessageString
A user-friendly representation of the error code. null if the error is not related to user action. This may change over time and is not safe for programmatic use.
errorCodeLinkErrorCode
The particular error code. Each errorType has a specific set of errorCodes. A code of 499 indicates a client-side exception.
errorTypeLinkErrorType
A broad categorization of the error.
errorMessageString
A developer-friendly representation of the error code.
errorJsonString
The data directly returned from the server with no client side changes.
metadataMap<String, Object>
An object containing information about the exit event
linkSessionIdString
A unique identifier associated with a user's actions and events through the Link flow. Include this identifier when opening a support ticket for faster turnaround.
institutionLinkInstitution
An institution object. If the Item was created via Same-Day micro-deposit verification, will be null.
namestring
The full institution name, such as 'Wells Fargo'
idstring
The Plaid institution identifier
statusLinkExitMetadataStatus
The point at which the user exited the Link flow. One of the following values
requires_questions
User prompted to answer security questions
requires_selections
User prompted to answer multiple choice question(s)
requires_recaptcha
User prompted to solve a ReCAPTCHA challenge
requires_code
User prompted to provide a one-time passcode
choose_device
User prompted to select a device on which to receive a one-time passcode
requires_credentials
User prompted to provide credentials for the selected financial institution or has not yet selected a financial institution
requires_oauth
User prompted to enter an OAuth flow
institution_not_found
User exited the Link flow after unsuccessfully (no results returned) searching for a financial institution
unknown
An exit status that is not handled by the current version of the SDK
requestIdString
The request ID for the last request made by Link. This can be shared with Plaid Support to expedite investigation
metadataJsonMap
The data directly returned from the server with no client side changes.
1
2
3
4
5
6
7
8
9
const onExit = (linkExit: LinkExit) => {
  supportHandler.report({
    error: linkExit.error,
    institution: linkExit.metadata.institution,
    linkSessionId: linkExit.metadata.linkSessionId,
    requestId: linkExitlinkExit.metadata.requestId,
    status: linkExit.metadata.status,
  });
};

onEvent

The React Native Plaid module emits onEvent events throughout the account linking process. To receive these events use the usePlaidEmitter hook.

The onEvent callback is called at certain points in the Link flow. Unlike the handlers for onSuccess and onExit, the onEvent handler is initialized as a global lambda passed to the Plaid class. OPEN events will be sent immediately upon Link’s opening, and remaining events will be sent by the time onSuccess or onExit is called. If you need the exact time when an event happened, use the timestamp property.
The following onEvent callbacks are stable, which means that they will not be deprecated or changed: OPEN, EXIT, HANDOFF, SELECT_INSTITUTION, ERROR. The remaining callback events are informational and subject to change.

onEvent
eventNameLinkEventName
A string representing the event that has just occurred in the Link flow.
CLOSE_OAUTH
The user closed the third-party website or mobile app without completing the OAuth flow.
ERROR
A recoverable error occurred in the Link flow, see the error_code metadata.
EXIT
The user has exited without completing the Link flow and the onExit callback is fired.
FAIL_OAUTH
The user encountered an error while completing the third-party's OAuth login flow.
HANDOFF
The user has exited Link after successfully linking an Item.
OPEN
The user has opened Link.
OPEN_MY_PLAID
The user has opened my.plaid.com. This event is only sent when Link is initialized with assets as a product.
OPEN_OAUTH
The user has navigated to a third-party website or mobile app in order to complete the OAuth login flow.
MATCHED_SELECT_INSTITUTION
The user selected an institution that was presented as a matched institution.
MATCHED_SELECT_VERIFY_METHOD
The user selected a verification method for a matched institution.
SEARCH_INSTITUTION
The user has searched for an institution.
SELECT_BRAND
The user selected a brand, e.g. Bank of America. The brand selection interface occurs before the institution select pane and is only provided for large financial institutions with multiple online banking portals.
SELECT_INSTITUTION
The user selected an institution.
SUBMIT_CREDENTIALS
The user has submitted credentials.
SUBMIT_MFA
The user has submitted MFA.
TRANSITION_VIEW
The TRANSITION_VIEW event indicates that the user has moved from one view to the next.
UNKNOWN
The UNKNOWN event indicates that the event is not handled by the current version of the SDK.
metadataLinkEventMetadata
An object containing information about the event.
errorCodeString
The error code that the user encountered. Emitted by: ERROR, EXIT.
errorMessageString
The error message that the user encountered. Emitted by: ERROR, EXIT.
errorTypeString
The error type that the user encountered. Emitted by: ERROR, EXIT.
exitStatusString
The status key indicates the point at which the user exited the Link flow. Emitted by: EXIT.
institutionIdString
The ID of the selected institution. Emitted by: all events.
institutionNameString
The name of the selected institution. Emitted by: all events.
institutionSearchQueryString
The query used to search for institutions. Emitted by: SEARCH_INSTITUTION.
linkSessionIdString
The linkSessionId is a unique identifier for a single session of Link. It's always available and will stay constant throughout the flow. Emitted by: all events.
mfaTypeString
If set, the user has encountered one of the following MFA types: code device questions selections. Emitted by: SUBMIT_MFA and TRANSITION_VIEW when view_name is MFA.
requestIdString
The request ID for the last request made by Link. This can be shared with Plaid Support to expedite investigation. Emitted by: all events.
selectionString
The verification method for a matched institution selected by the user. Possible values are phoneotp, password. Emitted by: MATCHED_SELECT_VERIFY_METHOD.
timestampString
An ISO 8601 representation of when the event occurred. For example, 2017-09-14T14:42:19.350Z. Emitted by: all events.
viewNameLinkEventViewName
The name of the view that is being transitioned to. Emitted by: TRANSITION_VIEW.
CONNECTED
The user has connected their account.
CONSENT
We ask the user to consent to the privacy policy.
CREDENTIAL
Asking the user for their account credentials.
ERROR
An error has occurred.
EXIT
Confirming if the user wishes to close Link.
LOADING
Link is making a request to our servers.
MATCHED_CONSENT
We ask the matched user to consent to the privacy policy and SMS terms.
MATCHED_CREDENTIAL
We ask the matched user for their account credentials to a matched institution.
MATCHED_MFA
We ask the matched user for MFA authentication to verify their identity.
MFA
The user is asked by the institution for additional MFA authentication.
NUMBERS
The user is asked to insert their account and routing numbers.
RECAPTCHA
The user was presented with a Google reCAPTCHA to verify they are human.
SELECT_ACCOUNT
We ask the user to choose an account.
SELECT_BRAND
The user selected a brand, e.g. Bank of America. The brand selection interface occurs before the institution select pane and is only provided for large financial institutions with multiple online banking portals.
SELECT_INSTITUTION
We ask the user to choose their institution.
1
2
3
usePlaidEmitter((event: LinkEvent) => {
  console.log(event);
});

OAuth

Using Plaid Link with an OAuth flow requires some additional setup instructions. For details, see the OAuth guide.

Upgrading

Plaid Link for Webviews

This section provides instructions for maintaining Plaid integrations using the deprecated public_key parameter. These instructions cannot be used for new integrations or for adding OAuth support to existing integrations. For up-to-date content on this topic, see the Link Webview SDK instead. For instructions on updating an existing legacy integration, see the Link token migration guide.

Here you will find instructions on how to integrate and use Plaid Link inside a Webview. We recommend starting with one of our sample Webview apps:

Each example app is runnable (on both simulators and devices) and includes code to initialize Link and process events sent from Link to your app via HTTP redirects.

Installation

Link is optimized to work within Webviews, including on iOS and Android. The Link initialization URL to use for Webviews is:

1
https://cdn.plaid.com/link/v2/stable/link.html

The Link configuration options for a Webview integration are passed via querystring rather than via a client-side JavaScript call. See the create section below for details on the available initialization parameters.

Communication between Link and your app

Communication between the Webview and your app is handled by HTTP redirects rather than client-side JavaScript callbacks. These redirects should be intercepted by your app. The example apps include sample code to do this.

All redirect URLs have the scheme plaidlink. The event type is communicated via the URL host and data is passed via the querystring.

1
plaidlink://

There are three supported events, connected, exit, and event, which are documented below.

Create

create_legacy
isWebviewboolean
Set to true, to trigger the Webview integration.
clientNamestring
Displayed once a user has successfully linked their Item.
envstring
The Plaid API environment on which to create user accounts. Possible values are development, sandbox, respectively. For Production use, use production.
keystring
The public_key associated with your account; available from the Dashboard.
productstring
A list of Plaid products you wish to use. Valid products are: transactions, auth, identity, assets, investments, liabilities, and payment_initiation. Example: auth,transactions. balance is not a valid value, the Balance product does not require explicit initialization and will automatically be initialized when any other product is initialized. Only institutions that support all requested products will be shown in Link.
In Production, you will be billed for each product that you specify when initializing Link. Note that a product cannot be removed from an Item once the Item has been initialized with that product. To stop billing on an Item for subscription-based products, such as Liabilities, Investments, and Transactions, remove the Item via /item/remove.
languagestring
Specify a Plaid-supported language to localize Link. English will be used by default. Supported languages:
  • English (en)
  • French (fr)
  • Spanish (es)
  • Dutch (nl)
When using a Link customization, language must be set to match the language used in the customization.
countryCodesstring
Specify an array of Plaid-supported country codes using the ISO-3166-1 alpha-2 country code standard. Note that if you initialize with a European country code, your users will see the European consent panel during the Link flow. Supported country codes are: US, CA, ES, FR, GB, IE, NL. If not specified, will default to ['US']. If Link is launched with multiple countryCodes, only products that you are enabled for in all countries will be used by Link.
If a Link customization is being used, the countries configured here should match those in the customization.
To use the Auth features Instant Match, Automated Micro-deposits, or Same-day Micro-deposits, countryCodes must be set to ['US'].
accountSubtypesobject
By default, Link will only display account types that are compatible with all products supplied in the product parameter. You can further limit the accounts shown in Link by using accountSubtypes to specify the account subtypes to be shown in Link. Only the specified subtypes will be shown. To indicate that all subtypes should be shown, use the value "all". If the accountSubtypes filter is used, any account type for which a filter is not specified will be entirely omitted from Link.
Example value:
{
"depository": ["checking", "savings"],
"credit": ["all"]
}
For a full list of valid types and subtypes, see the Account schema.
For institutions using OAuth, the filter will not affect the list of institutions shown by the bank in the OAuth window.
<accountType>: [accountSubtype]string
An object of accountTypes composed of an array of accountSubtypes to filter
webhookstring
Specify a webhook to associate with an Item. Plaid fires a webhook when the Item requires updated credentials, when new data is available, or when Auth numbers have been successfully verified.
linkCustomizationNamestring
Specify the name of a Link customization created in the Dashboard. The default customization is used if none is provided. When using a Link customization, the language in the customization must match the language configured via the language parameter.
tokenstring
Specify a public_token to launch Link in update mode for a particular Item. This will cause Link to open directly to the authentication step for that Item's institution. Use the /item/public_token/create endpoint to generate a public_token for an Item.
oauthNoncestring
An oauthNonce is required to support OAuth authentication flows when launching or re-launching Link on a mobile device and using one or more European country codes. The nonce must be at least 16 characters long.
oauthRedirectUristring
An oauthRedirectUri is required to support OAuth authentication flows when launching Link on a mobile device and using one or more European country codes.
oauthStateIdstring
An oauthStateId is required to support OAuth authentication flows when re-launching Link on a mobile device and using one or more European country codes.
paymentTokenstring
A paymentToken must be specified if you are using the Payment Initiation (UK and Europe) product. This will cause Link to open directly to the Payment Initiation flow. Use the /payment_initiation/payment/token/create endpoint to generate a payment_token.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
https://cdn.plaid.com/link/v2/stable/link.html
  ?isWebview=true
  &clientName=Your%20App
  &env=sandbox
  &key=PUBLIC_KEY
  &product=transactions,auth
  &language=en
  &countryCodes=US,CA
  &webhook=https%3A%2F%2Fyourappurl.com
  &linkCustomizationName=default
  &token=
  &paymentToken=
  &oauthNonce=
  &oauthRedirectUri=
  &oauthStateId=

connected

The connected event is analogous to the onSuccess callback in Link Web and is sent when a user successfully links an Item. The following information is available from the querystring event:

connected
public_tokenstring
Displayed once a user has successfully linked their Item.
institution_namestring
The full institution name, such as 'Wells Fargo'
institution_idstring
The Plaid institution identifier
accountsobject
A JSON-stringified representation of the account(s) attached to the connected Item. If Account Select is enabled via the developer dashboard, accounts will only include selected accounts.
idstring
The Plaid account_id
namestring
The official account name
maskstring
The last 2-4 alphanumeric characters of an account's official account number. Note that the mask may be non-unique between an Item's accounts, it may also not match the mask that the bank displays to the user. In some cases, the mask may be omitted from the callback as a fraud prevention measure; if this happens, it can instead be obtained by calling /accounts/get.
typestring
The account type. See the Account schema for a full list of possible values
subtypestring
The account subtype. See the Account schema for a full list of possible values
verification_statusstring
When all Auth features are enabled by initializing Link with the user object, the accounts object includes an Item's verification_status. See Auth accounts for a full list of possible values.
link_session_idstring
A unique identifier associated with a user's actions and events through the Link flow. Include this identifier when opening a support ticket for faster turnaround.
1
2
3
4
5
6
plaidlink://connected
  ?public_token=public-sandbox-fb7cca4a-82e6-4707
  &institution_id=ins_3
  &institution_name=Chase
  &accounts='[{"name":"Plaid Savings","id":"QPO8Jo8vdDHMepg41PBwckXm4KdK1yUdmXOwK", "mask": "0000", "type": "depository", "subtype": "checking"}]'
  &link_session_id=79e772be-547d-4c9c-8b76-4ac4ed4c441a
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
accounts= [
  {
    id: 'ygPnJweommTWNr9doD6ZfGR6GGVQy7fyREmWy',
    name: 'Plaid Checking',
    mask: '0000',
    type: 'depository',
    subtype: 'checking',
    verification_status: ''
  },
  {
    id: '9ebEyJAl33FRrZNLBG8ECxD9xxpwWnuRNZ1V4',
    name: 'Plaid Saving',
    mask: '1111',
    type: 'depository',
    subtype: 'savings'
  }
  ...
]

exit

The exit event is analogous to the onExit callback and is sent when a user exits Link without successfully linking an Item, or when an error occurs during Link initialization. The following information is available from the querystring:

exit
statusstring
The point at which the user exited the Link flow. One of the following values.
requires_questions
User prompted to answer security questions
requires_selections
User prompted to answer multiple choice question(s)
requires_code
User prompted to provide a one-time passcode
choose_device
User prompted to select a device on which to receive a one-time passcode
requires_credentials
User prompted to provide credentials for the selected financial institution or has not yet selected a financial institution
requires_oauth
User prompted to enter an OAuth flow
institution_not_found
User exited the Link flow after unsuccessfully (no results returned) searching for a financial institution
error_typeString
A broad categorization of the error.
error_codeString
The particular error code. Each error_type has a specific set of error_codes.
error_messageString
A developer-friendly representation of the error code.
display_messageString
A user-friendly representation of the error code. null if the error is not related to user action. This may change over time and is not safe for programmatic use.
institution_namestring
The full institution name, such as Wells Fargo
institution_idstring
The Plaid institution identifier
link_session_idstring
A unique identifier associated with a user's actions and events through the Link flow. Include this identifier when opening a support ticket for faster turnaround.
request_idstring
The request ID for the last request made by Link. This can be shared with Plaid Support to expedite investigation.
1
2
3
4
5
6
7
8
9
10
plaidlink://exit
  ?status=requires_credentials
  &error_type=ITEM_ERROR
  &error_code=ITEM_LOGIN_REQUIRED
  &error_display_message=The%20credentials%20were%20not%20correct.%20Please%20try%20again.
  &error_message=the%20credentials%20were%20not%20correct
  &institution_id=ins_3
  &institution_name=Chase
  &link_session_id=79e772be-547d-4c9c-8b76-4ac4ed4c441a
  &request_id=m8MDnv9okwxFNBV

event

The event message is analogous to the Link Web onEvent callback and is called as the user moves through the Link flow. The querystring will always contain all possible keys, though not all keys will have values. The event_name will dictate which keys are populated.

event
event_namestring
A string representing the event that has just occurred in the Link flow.
CLOSE_OAUTH
The user closed the third-party website or mobile app without completing the OAuth flow.
ERROR
A recoverable error occurred in the Link flow, see the error_code metadata.
EXIT
The user has exited without completing the Link flow and the onExit callback is fired.
FAIL_OAUTH
The user encountered an error while completing the third-party's OAuth login flow.
HANDOFF
The user has exited Link after successfully linking an Item.
MATCHED_SELECT_INSTITUTION
The user selected an institution that was presented as a matched institution.
MATCHED_SELECT_VERIFY_METHOD
The user selected a verification method for a matched institution.
OPEN
The user has opened Link.
OPEN_MY_PLAID
The user has opened my.plaid.com. This event is only sent when Link is initialized with Assets as a product
OPEN_OAUTH
The user has navigated to a third-party website or mobile app in order to complete the OAuth login flow.
SEARCH_INSTITUTION
The user has searched for an institution.
SELECT_BRAND
The user selected a brand, e.g. Bank of America. The brand selection interface occurs before the institution select pane and is only provided for large financial institutions with multiple online banking portals.
SELECT_INSTITUTION
The user selected an institution.
SUBMIT_CREDENTIALS
The user has submitted credentials.
SUBMIT_MFA
The user has submitted MFA.
TRANSITION_VIEW
The TRANSITION_VIEW event indicates that the user has moved from one view to the next.
error_typestring
The error type that the user encountered. Emitted by: ERROR, EXIT.
error_codestring
The error code that the user encountered. Emitted by ERROR, EXIT.
error_messagestring
The error message that the user encountered. Emitted by: ERROR, EXIT.
exit_statusstring
The status key indicates the point at which the user exited the Link flow. Emitted by: EXIT
institution_idstring
The ID of the selected institution. Emitted by: all events.
institution_namestring
The name of the selected institution. Emitted by: all events.
institution_search_querystring
The query used to search for institutions. Emitted by: SEARCH_INSTITUTION.
mfa_typestring
If set, the user has encountered one of the following MFA types: code, device, questions, selections. Emitted by: SUBMIT_MFA and TRANSITION_VIEW when view_name is MFA
view_namestring
The name of the view that is being transitioned to. Emitted by: TRANSITION_VIEW.
CONNECTED
The user has connected their account.
CONSENT
We ask the user to consent to the privacy policy.
CREDENTIAL
Asking the user for their account credentials.
ERROR
An error has occurred.
EXIT
Confirming if the user wishes to close Link.
LOADING
Link is making a request to our servers.
MATCHED_CONSENT
We ask the matched user to consent to the privacy policy and SMS terms.
MATCHED_CREDENTIAL
We ask the matched user for their account credentials to a matched institution.
MATCHED_MFA
We ask the matched user for MFA authentication to verify their identity.
MFA
The user is asked by the institution for additional MFA authentication.
NUMBERS
The user is asked to insert their account and routing numbers.
RECAPTCHA
The user was presented with a Google reCAPTCHA to verify they are human.
SELECT_ACCOUNT
We ask the user to choose an account.
SELECT_BRAND
The user selected a brand, e.g. Bank of America. The brand selection interface occurs before the institution select pane and is only provided for large financial institutions with multiple online banking portals.
SELECT_INSTITUTION
We ask the user to choose their institution.
request_idstring
The request ID for the last request made by Link. This can be shared with Plaid Support to expedite investigation. Emitted by: all events.
link_session_idstring
The link_session_id is a unique identifier for a single session of Link. It's always available and will stay constant throughout the flow. Emitted by: all events.
timestampstring
An ISO 8601 representation of when the event occurred. For example 2017-09-14T14:42:19.350Z. Emitted by: all events.
selectionstring
The verification method for a matched institution selected by the user. Possible values are phoneotp, password. Emitted by: MATCHED_SELECT_VERIFY_METHOD.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
plaidlink://event
  &event_name=SELECT_INSTITUTION
  ?error_type=ITEM_ERROR
  &error_code=ITEM_LOGIN_REQUIRED
  &error_message=the%20credentials%20were%20not%20correct
  &exit_status
  &institution_id=ins_55
  &institution_name=HSBC
  &institution_search_query=h
  &mfa_type
  &view_name=ERROR
  &request_id
  &link_session_id=821f45a8-854a-4dbb-8e5f-73f75350e7e7
  &timestamp=2018-10-05T15%3A22%3A50.542Z

Update mode

When to use update mode

Over time, Items may need to refresh authentication information. This can happen if the user changes a password, if MFA requirements change, or if the login becomes locked. An Item can also require its authentication refreshed if it was only authorized for a limited amount of time and that authorization has expired or is about to expire. This can commonly happen to Items from European institutions that comply with the PSD2 regulation, which mandates that access to an Item can only be granted for 90 days at a time before it must be refreshed. Receiving an ITEM_LOGIN_REQUIRED error or a PENDING_EXPIRATION webhook indicates that the Item should be re-initialized via update mode.

Using update mode

To use update mode for an Item, initialize Link with a public_token for the Item that you wish to update. You can obtain the public_token using the /item/public_token/create endpoint:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
// Create a one-time use public_token for the Item.
// This public_token can be used to initialize Link
// in update mode for the user
app.get('/create_public_token', function(request, response, next) {
  client.createPublicToken(ACCESS_TOKEN, function(err, res) {
    if(error != null) {
      console.log(msg + "\n" + JSON.stringify(err));
      response.json({error: JSON.stringify(err)}):
    } else {
      // Use the public_token to initialize Link
      var PUBLIC_TOKEN = res.public_token;
      response.json({public_token: PUBLIC_TOKEN});
    }
  });
});

Link auto-detects the appropriate institution and handles the credential and multi-factor authentication process, if needed.

An Item's access_token does not change when using Link in update mode, so there is no need to repeat the exchange token process.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
// Initialize Link with the token parameter
// set to the generated public_token for the Item
const linkHandler = Plaid.create({
  env: 'sandbox',
  clientName: 'Client Name',
  key: 'PUBLIC_KEY',
  product: ['transactions'],
  token: 'GENERATED_PUBLIC_TOKEN',
  onSuccess: (public_token, metadata) => {
    // You do not need to repeat the /item/public_token/exchange
    // process when a user uses Link in update mode.
    // The Item's access_token has not changed.
  },
  onExit: (err, metadata) => {
    // The user exited the Link flow.
    if (err != null) {
      // The user encountered a Plaid API error prior
      // to exiting.
    }
    // metadata contains the most recent API request ID and the
    // Link session ID. Storing this information is helpful
    // for support.
  },
});

Link will automatically detect the institution ID associated with the public_token and present the appropriate credential view to your user.

Related errors

Below is a list of errors that you may encounter in update mode or that may cause you to launch the update mode flow:

  • ITEM_LOGIN_REQUIRED – The financial institution indicated that the user's password or MFA information has changed. They will need to reauthenticate via Link's update mode.
  • ITEM_NO_ERROR – Link was initialized in update mode for an Item that is in a good state. No further action is required.
  • INVALID_UPDATED_USERNAME – The username associated with an item is no longer valid.

OAuth Integration (Europe)

This section provides instructions for maintaining Plaid integrations using the deprecated public_key parameter. These instructions cannot be used for new integrations or for adding OAuth support to existing integrations. For instructions on updating an existing legacy integration, see the Link token migration guide.

Some European institutions use an OAuth authentication flow, in which Plaid Link redirects the end user to their bank’s website or mobile app to authenticate. If you are initializing Link with one or more European country codes, your integration may require changes in order to support OAuth authentication flows.

Integration TypeChanges Required
Desktop webNo
Mobile webYes
WebViewYes
Android SDKNo
iOS SDKYes
React Native for AndroidNo
React Native for iOSYes

If your integration requires changes, you will need to launch Link twice, once before and once after the OAuth redirect. The first time, you will need to provide two additional configuration parameters, oauthNonce and oauthRedirectUri. After the user completes the OAuth flow, Plaid will redirect back to your application via the oauthRedirectUri with a query parameter called oauth_state_id. To complete the Link flow, dismiss the first Link instance and re-initialize Link with two configuration parameters, the oauthNonce from the original Link initialization, as well as the oauthStateId from the oauth_state_id query parameter.

For security, the oauthNonce must be uniquely generated for each login and must be at least 16 characters long. We recommend using a UUID.

Before re-initializing Link, you should re-authenticate the end user to prevent a confused deputy problem. This can be accomplished by including one or more query parameters in your oauthRedirectUri. For example, you could include a parameter called user_id. Before re-initializing Link, you would check that the user_id in the redirect URI matches the user_id in your application state (e.g. a cookie).

Note that in mobile web browsers, if the end user has their bank’s mobile app installed, they will be redirected to the bank’s mobile app to authenticate, after which they will be redirected back to your web application in a new tab.

Allowed redirect URIs

To prevent open redirect attacks, your oauthRedirectUri must be configured through the developer dashboard. For security, the oauthRedirectUri cannot contain the oauthNonce.

App links

For mobile app integrations, the oauthRedirectUri must be registered as an app link to enable app-to-app authentication flows. You will need to configure an Android App Link or an Apple App Association File. Custom URI schemes are not supported; a proper universal link must be used.

Payment Initiation (UK and Europe)

This section provides instructions for maintaining Plaid integrations using the deprecated public_key parameter. These instructions cannot be used for new integrations or for adding OAuth support to existing integrations. For up-to-date content on this topic, see Payment Initiation instead. For instructions on updating an existing legacy integration, see the Link token migration guide.

The UK Payment Initiation API enables payment transfers within your app. Plaid supports both domestic payments denominated in pound sterling (typically via the Faster Payments network, although this is up to the institution) and international payments denominated in euro (typically via SEPA Credit Transfer). Each time a client wants to receive a payment, the end user must authorize the payment in Link before the payment can be initiated.

Note: The revised EU Directive on Payment Services ("PSD2") regulations require strong customer authentication ("SCA") for each payment order.

Initializing Link

To initialize Link for Payment Initiation, set payment_initiation as the only product and include the payment token. If an item has previously been created for the end user making the payment, a public_token can be included to initialize Link directly to the institution associated with the existing Item.

Creating a payment token

Create payment token

The /payment_initiation/payment/token/create endpoint has been deprecated. New Plaid customers will be unable to use this endpoint, and existing customers are encouraged to migrate to the newer, link_token-based flow. The recommended flow is to provide the payment_id to /link/token/create, which returns a link_token used to initialize Link.
The /payment_initiation/payment/token/create is used to create a payment_token, which can then be used in Link initialization to enter a payment initiation flow. You can only use a payment_token once. If this attempt fails, the end user aborts the flow, or the token expires, you will need to create a new payment token. Creating a new payment token does not require end user input.

payment_initiation/payment/token/create

Request fields and example

client_idstring
Your Plaid API client_id. The client_id is required and may be provided either in the PLAID-CLIENT-ID header or as part of a request body.
secretstring
Your Plaid API secret. The secret is required and may be provided either in the PLAID-SECRET header or as part of a request body.
payment_idrequiredstring
The payment_id returned from /payment_initiation/payment/create.
Min length: 1
1
2
3
4
5
const response = await client.createPaymentToken(paymentID).catch((err) => {
  // handle error
});
const paymentToken = response.payment_token;
const paymentTokenExpirationTime = response.payment_token_expiration_time;
payment_initiation/payment/token/create

Response fields and example

payment_tokenstring
A payment_token that can be provided to Link initialization to enter the payment initiation flow
payment_token_expiration_timestring
The date and time at which the token will expire, in ISO 8601 format. A payment_token expires after 15 minutes.
Format: date-time
request_idstring
A unique identifier for the request, which can be used for troubleshooting. This identifier, like all Plaid identifiers, is case sensitive.
1
2
3
4
5
{
  "payment_token": "payment-token-sandbox-feca8a7a-5591-4aef-9297-f3062bb735d3",
  "payment_token_expiration_time": "2020-01-01T00:00:00Z",
  "request_id": "4ciYVmesrySiUAB"
}
Developer community
Github logo
StackOverflow logo
Twitter logo