Authentication and Authorization Flow
This flow facilitates the creation of user-application connections via Plaid Link. It provides partners with a means to validate credentials and optionally escalate authentication by instructing Plaid to present additional authentication challenges.
- Authentication and Authorization API Reference
- Authentication (
POST /users/auth_token) API Method
- Trigger OTP (
POST /users/:user_id:/sendOtp) API Method
- Validate 2FA (
POST /users/:user_id:/2fa) API Method
Plaid supports a straightforward and robust authentication protocol that is secured by Plaid Link and the Plaid edge network. The protocol itself is simple because access to the API method is restrictive. The exchange of credentials is constrained to a small window of time, and Plaid does not store them and will purge them from memory as soon as they are forwarded to the partner's API.
Authentication w/MFA Escalation
Plaid supports a number of escalation methods, which the partner can initiate according to its security policies. Escalated authorization follows a simple pattern and is also straightforward to implement.
If the credentials are invalid, the partner can indicate the cause of the error see Authentication and Authorization API reference.