Plaid Orcolus partnership

Plaid and Ocrolus have partnered to offer lenders an easier way to access bank data to make informed loan decisions. Plaid enables businesses to instantly connect a customer's bank account, giving them the ability to authenticate and retrieve account details directly from the financial institution. Ocrolus digitizes bank and credit card statements from all US financial institutions to help lenders digitize their data collection for cash-flow analysis.

With the Plaid + Ocrolus integration, your users can verify their accounts in seconds by inputting their banking credentials in Plaid’s front-end module. Plaid will retrieve the relevant bank information and pass it to Ocrolus for further digestion and reporting in a seamless, secure fashion. Plaid’s mobile-friendly module handles input validation, error handling, and multi-factor authentication, providing a seamless onboarding experience to convert more users for your business.

To get started, sign up for Plaid API keys or try out the Plaid demo.

Getting Started

You'll first want to familiarize yourself with Plaid Link, a drop-in integration for the Plaid API that handles input validation, error handling, and multi-factor authentication. You will also need to create or be an existing Ocrolus customer in order to add a bank account.

Your customers will use Link to authenticate with their financial institution and select the bank account they wish to use for payment and verification of assets. From there, you'll receive a Plaid access_token, which you can use generate an Ocrolus processor_token and/or audit_copy_token, depending on your use case, which allow you to quickly and securely verify banking information via the Ocrolus API without having to store that sensitive information yourself.

Instructions

Step 1: Set up your Plaid and Ocrolus accounts

You'll need accounts at both Plaid and Ocrolus in order to use the Plaid + Ocrolus integration. You'll also need to enable your Plaid account for the Ocrolus integration.

First, you will need to work with the Ocrolus team to sign up for an Ocrolus account, if you do not already have one.

Next, verify that your Plaid account is enabled for the integration. If you do not have a Plaid account, create one. Your account will be automatically enabled for integration access.

To verify that your Plaid account is enabled for the integration, go to the Integrations section of the account dashboard. If the integration is enabled, you'll see:

Connect with Ocrolus

If the integration is off, simply click the 'Enable' button for Ocrolus to enable the integration.

Step 2: Get your public_key

Your public_key is available from the Plaid Dashboard.

You have three different API keys

View in Dashboard

public_key

a non-sensitive, public identifier that is used to initialize Plaid Link


secret and client_id

private identifiers that are required for accessing any financial data

these should never be shared in client-side code

Your public_key is a less privileged version of your client_id and secret. It simply associates accounts you create using Plaid Link with your client_id. All Plaid API requests must be made using your private client_id and secret.

Step 3: Integrate with Plaid Link

Integrating with Link is easy. All it takes is a few lines of client-side JavaScript and a small server-side handler to exchange the Link public_token for a Plaid access_token and an Ocrolus processor_token and audit_copy_token.

Integrate with Link

See the parameter reference for complete documentation on possible configurations.

Plaid.create accepts one argument, a configuration Object, and returns an Object with two functions, open and exit . Calling open will display the "Institution Select" view and calling exit will close Link.

Step 4: Write server-side handler

Plaid’s Link module handles the entire onboarding flow securely and quickly, but does not actually retrieve account data for a user. Instead, the Link module returns a public_token and an account_id (a property on the metadata object) via the onSuccess callback.

This public_token must be exchanged for a Plaid access_token using the /item/public_token/exchange API endpoint. Once you have the access_token for the Item, you can create an Ocrolus processor_token and/or audit_copy_token. You'll send these tokens to Ocrolus and they will use them to securely retrieve banking information from Plaid.

You can create valid Ocrolus tokens in the following Plaid API environments:

Server-side handler

const plaid = require('plaid');

// Change sandbox to development to test with live users;
// Change to production when you're ready to go live!
const plaidClient = new plaid.Client(
  PLAID_CLIENT_ID,
  PLAID_SECRET,
  PLAID_PUBLIC_KEY,
  plaid.environments.sandbox
);

// Exchange the public_token from Plaid Link for an access token.
plaidClient.exchangePublicToken(public_token, function(err, res) {
  const accessToken = res.access_token;
  // Create a processor token for a specific account id.
  plaidClient.createProcessorToken(
    accessToken,
    accountId,
    'ocrolus',
    function(err, res) {
      const processorToken = res.processor_token;
    }
  );
});

// Create an Asset Report for the specific access token.
const assetReportDaysRequested = 60;
const assetReportOptions = {};
client.createAssetReport(
  [accessToken],
  assetReportDaysRequested,
  assetReportOptions,
  function(err, res) {
    if (err != null) {
      // handle error
    }

    const assetReportId = res.asset_report_id;
    const assetReportToken = res.asset_report_token;
    const ocrolusAuditorId = 'ocrolus';

    // Create an audit copy token for the Asset Report.
    client.createAuditCopy(
      assetReportToken,
      ocrolusAuditorId,
      function(err, res) {
        if (err != null) {
          // handle error
        }

        const auditCopyToken = res.audit_copy_token;
      }
    )
  }
)
});


# Exchange the public token from Plaid Link for an access token.
curl \
  -H 'Content-Type: application/json' \
  -d '{
    "client_id": "PLAID_CLIENT_ID",
    "secret": "PLAID_SECRET",
    "public_token": "PUBLIC_TOKEN"
  }' \
  -X POST \
  https://sandbox.plaid.com/item/public_token/exchange

# Create a processor token for a specific account id.
curl \
  -H 'Content-Type: application/json' \
  -d '{
    "client_id": "PLAID_CLIENT_ID",
    "secret": "PLAID_SECRET",
    "access_token": "ACCESS_TOKEN",
    "account_id": "ACCOUNT_ID",
    "processor": "ocrolus"
  }' \
  -X POST \
  https://sandbox.plaid.com/processor/token/create

# Create an Asset Report for the specific access token.
curl \
  -H 'Content-Type: application/json' \
  -d '{
    "client_id": "PLAID_CLIENT_ID",
    "secret": "PLAID_SECRET",
    "access_tokens": ["ACCESS_TOKEN"],
    "days_requested": 60,
  }' \
  -X POST \
  https://sandbox.plaid.com/asset_report/create

# Create an audit copy token for the Asset Report.
curl \
  -H 'Content-Type: application/json' \
  -d '{
    "client_id": "PLAID_CLIENT_ID",
    "secret": "PLAID_SECRET",
    "asset_report_token": "ASSET_REPORT_TOKEN",
    "auditor_id": "ocrolus"
  }' \
  -X POST \
  https://sandbox.plaid.com/asset_report/audit_copy/create

require 'plaid'

# Change sandbox to development to test with live users;
# Change to production when you're ready to go live!
client = Plaid::Client.new(env: :sandbox,
                           client_id: PLAID_CLIENT_ID,
                           secret: PLAID_SECRET,
                           public_key: PLAID_PUBLIC_KEY)

# Exchange the public token from Plaid Link for an access token.
exchange_response = client.item.public_token.exchange(public_token)
access_token = exchange_response.access_token

# Create a processor token for a specific account id.
create_response = client.processor_token.create(access_token, account_id, "ocrolus")
processor_token = create_response.processor_token

# Create an Asset Report for the specific access token.
asset_report_days_requested = 60
asset_report_options = {}
asset_report_response = client.asset_report.create([access_token], asset_report_days_requested, asset_report_options)
asset_report_token = asset_report_response.asset_report_token

# Create an audit copy token for the Asset Report.
ocrolus_auditor_id = 'ocrolus'
audit_copy_response = client.asset_report.create_audit_copy(asset_report_token, ocrolus_auditor_id)
audit_copy_token = audit_copy_response.audit_copy_token


// Support Coming Soon

from plaid import Client

# Change sandbox to development to test with live users;
# Change to production when you're ready to go live!
client = Client(
  PLAID_CLIENT_ID,
  PLAID_SECRET,
  PLAID_PUBLIC_KEY,
  'sandbox'
)

# Exchange the public token from Plaid Link for an access token.
exchange_token_response = client.Item.public_token.exchange(public_token)
access_token = exchange_token_response['access_token']

# Create a processor token for a specific account id.
create_response = client.Processor.ProcessorTokenCreate(access_token, account_id, "ocrolus")
processor_token = create_response['processor_token']

# Create an Asset Report for the specific access token.
asset_report_days_requested = 60
asset_report_response = client.AssetReport.create(
  [access_token],
  asset_report_days_requested
)
asset_report_token = asset_report_response['asset_report_token']

# Create an audit copy token for the Asset Report.
ocrolus_auditor_id = 'ocrolus'
audit_copy_response = client.AssetReport.audit_copy.create(
  asset_report_token,
  ocrolus_auditor_id
)
audit_copy_token = audit_copy_response['audit_copy_token']

For a valid processor_token request, the API will return a JSON response similar to:

Processor Token response

{
  "processor_token": "processor-sandbox-0asd1-a92nc",
  "request_id": "UNIQUE_REQUEST_ID"
}

For a valid audit_copy_token request, the API will return a JSON response similar to:

Audit Copy Token response

{
    "audit_copy_token": "a-sandbox-3TAU2CWVYBDVRHUCAAAI27ULU4",
    "request_id": "UNIQUE_REQUEST_ID"
}

For possible error codes, see the full listing of Plaid error codes.

For more information on creating Asset Report audit_copy_tokens, see the documentation for the Assets product.

Step 5: Test with sandbox credentials

Link's sandbox mode is compatible with Plaid's Sandbox API environment. To test the integration in sandbox mode, simply use the Plaid sandbox credentials along with your public_key.

Step 6: Get ready for production

Your account is immediately enabled for our sandbox environment. To move to Production, please request access from the Dashboard. You will want to ensure that you have valid Ocrolus Production credentials prior to connecting bank accounts in the Ocrolus API with Plaid.

Support and questions

Find answers to many common integration questions and concerns—such as pricing, sandbox and test mode usage, and more—at our Help Center and docs.

If you're still stuck, open a support ticket with information describing the issue that you're experiencing and we'll get back to you as soon as we can.