@lap v0.3 # Machine-readable API spec. Each @endpoint block is one API call. @api The Plaid API @base https://production.plaid.com @version 2020-09-14_1.685.3 @auth ApiKey PLAID-CLIENT-ID in header | ApiKey PLAID-SECRET in header | ApiKey Plaid-Version in header @common_fields {client_id: str # Your Plaid API `client_id`. The `client_id` is required and may be provided either in the `PLAID-CLIENT-ID` header or as part of a request body., secret: str # Your Plaid API `secret`. The `secret` is required and may be provided either in the `PLAID-SECRET` header or as part of a request body.} @endpoints 328 @hint download_for_search @toc asset_report(10), cra(18), credit(22), consumer_report(1), oauth(3), statements(3), consent(1), item(13), application(1), user_account(2), profile(1), network(1), auth(2), transactions(5), sandbox(27), cashflow_report(4), user(13), institutions(3), accounts(2), categories(1), identity(4), dashboard_user(2), identity_verification(5), watchlist_screening(20), beacon(13), protect(5), business_verification(2), processor(24), webhook_verification_key(1), liabilities(1), payment_initiation(12), investments(4), link(3), session(1), transfer(42), bank_transfer(10), employers(1), income(5), employment(1), beta(11), signal(5), wallet(6), issues(3), payment_profile(3), partner(5), link_delivery(2), fdx(3), network_insights(1) @group asset_report @endpoint POST /asset_report/create @desc Create an Asset Report @required {days_requested: int # The maximum integer number of days of history to include in the Asset Report. If using Fannie Mae Day 1 Certainty, `days_requested` must be at least 61 for new originations or at least 31 for refinancings. An Asset Report requested with "Additional History" (that is, with more than 61 days of transaction history) will incur an Additional History fee.} @optional {access_tokens: [str] # An array of access tokens corresponding to the Items that will be included in the report. The `assets` product must have been initialized for the Items during link; the Assets product cannot be added after initialization., options: map{client_report_id: str, webhook: str(url), include_fast_report: bool, products: [str], add_ons: [str], user: map, require_all_items: bool} # An optional object to filter `/asset_report/create` results. If provided, must be non-`null`. The optional `user` object is required for the report to be eligible for Fannie Mae's Day 1 Certainty program.} @returns(200) {asset_report_token: str, asset_report_id: str, request_id: str} # OK @endpoint POST /asset_report/get @desc Retrieve an Asset Report @optional {asset_report_token: str # A token that can be provided to endpoints such as `/asset_report/get` or `/asset_report/pdf/get` to fetch or update an Asset Report., user_token: str # The user token associated with the User for which to create an asset report for. The latest asset report associated with the User will be returned, include_insights: bool=false # `true` if you would like to retrieve the Asset Report with Insights, `false` otherwise. This field defaults to `false` if omitted., fast_report: bool=false # `true` to fetch "fast" version of asset report. Defaults to false if omitted. Can only be used if `/asset_report/create` was called with `options.add_ons` set to `["fast_assets"]`., options: map{days_to_include: int} # An optional object to filter or add data to `/asset_report/get` results. If provided, must be non-`null`.} @returns(200) {report: map{asset_report_id: str, insights: map?{risk: map?{bank_penalties: map?, gambling: map?, loan_disbursements: map?, loan_payments: map?, negative_balance: map?}, affordability: map?{expenditure: map?, income: map?}}, client_report_id: str?, date_generated: str(date-time), days_requested: num, user: map{client_user_id: str?, first_name: str?, middle_name: str?, last_name: str?, ssn: str?, phone_number: str?, email: str?}, items: [map]}, warnings: [map], request_id: str} # OK @endpoint POST /asset_report/pdf/get @desc Retrieve a PDF Asset Report @required {asset_report_token: str # A token that can be provided to endpoints such as `/asset_report/get` or `/asset_report/pdf/get` to fetch or update an Asset Report.} @optional {options: map{days_to_include: int} # An optional object to filter or add data to `/asset_report/get` results. If provided, must be non-`null`.} @returns(200) A PDF of the Asset Report @endpoint POST /asset_report/refresh @desc Refresh an Asset Report @required {asset_report_token: str # The `asset_report_token` returned by the original call to `/asset_report/create`} @optional {days_requested: int # The maximum number of days of history to include in the Asset Report. Must be an integer. If not specified, the value from the original call to `/asset_report/create` will be used., options: map{client_report_id: str, webhook: str(url), user: map} # An optional object to filter `/asset_report/refresh` results. If provided, cannot be `null`. If not specified, the `options` from the original call to `/asset_report/create` will be used.} @returns(200) {asset_report_id: str, asset_report_token: str, request_id: str} # OK @endpoint POST /asset_report/filter @desc Filter Asset Report @required {asset_report_token: str # A token that can be provided to endpoints such as `/asset_report/get` or `/asset_report/pdf/get` to fetch or update an Asset Report., account_ids_to_exclude: [str] # The accounts to exclude from the Asset Report, identified by `account_id`.} @returns(200) {asset_report_token: str, asset_report_id: str, request_id: str} # OK @endpoint POST /asset_report/remove @desc Delete an Asset Report @required {asset_report_token: str # A token that can be provided to endpoints such as `/asset_report/get` or `/asset_report/pdf/get` to fetch or update an Asset Report.} @returns(200) {removed: bool, request_id: str} # OK @endpoint POST /asset_report/audit_copy/create @desc Create Asset Report Audit Copy @required {asset_report_token: str # A token that can be provided to endpoints such as `/asset_report/get` or `/asset_report/pdf/get` to fetch or update an Asset Report.} @optional {auditor_id: str # The `auditor_id` of the third party with whom you would like to share the Asset Report.} @returns(200) {audit_copy_token: str, request_id: str} # OK @endpoint POST /asset_report/audit_copy/get @desc Retrieve an Asset Report Audit Copy @required {audit_copy_token: str # The `audit_copy_token` granting access to the Audit Copy you would like to get.} @returns(200) {report: map{asset_report_id: str, insights: map?{risk: map?{bank_penalties: map?, gambling: map?, loan_disbursements: map?, loan_payments: map?, negative_balance: map?}, affordability: map?{expenditure: map?, income: map?}}, client_report_id: str?, date_generated: str(date-time), days_requested: num, user: map{client_user_id: str?, first_name: str?, middle_name: str?, last_name: str?, ssn: str?, phone_number: str?, email: str?}, items: [map]}, warnings: [map], request_id: str} # OK @endpoint POST /asset_report/audit_copy/pdf/get @desc Retrieve a PDF Asset Report Audit Copy @required {audit_copy_token: str # The `audit_copy_token` granting access to the Audit Copy you would like to get as a PDF.} @optional {options: map{days_to_include: int} # An optional object to filter or add data to `/asset_report/get` results. If provided, must be non-`null`.} @returns(200) A PDF of the Asset Report Audit Copy @endpoint POST /asset_report/audit_copy/remove @desc Remove Asset Report Audit Copy @required {audit_copy_token: str # The `audit_copy_token` granting access to the Audit Copy you would like to revoke.} @returns(200) {removed: bool, request_id: str} # OK @endgroup @group cra @endpoint POST /cra/monitoring_insights/subscribe @desc Subscribe to Monitoring Insights @required {webhook: str(url) # URL to which Plaid will send Cash Flow Updates webhooks, for example when the requested Cash Flow Updates report is ready.} @optional {user_id: str # A unique user identifier, created by `/user/create`. Integrations that began using `/user/create` after December 10, 2025 use this field to identify a user instead of the `user_token`. For more details, see [new user APIs](https://plaid.com/docs/api/users/user-apis)., item_id: str # The item ID to subscribe for Cash Flow Updates., income_categories: [str] # Income categories to include in Cash Flow Updates. If empty or `null`, this field will default to including all possible categories., user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis).} @returns(200) {request_id: str, subscription_id: str} # OK @endpoint POST /cra/monitoring_insights/unsubscribe @desc Unsubscribe from Monitoring Insights @required {subscription_id: str # A unique identifier for the subscription.} @returns(200) {request_id: str} # OK @endpoint POST /cra/monitoring_insights/get @desc Retrieve a Monitoring Insights Report @required {consumer_report_permissible_purpose: str(ACCOUNT_REVIEW_CREDIT/WRITTEN_INSTRUCTION_OTHER) # Describes the reason you are generating a Consumer Report for this user. `ACCOUNT_REVIEW_CREDIT`: In connection with a consumer credit transaction for the review or collection of an account pursuant to FCRA Section 604(a)(3)(A). `WRITTEN_INSTRUCTION_OTHER`: In accordance with the written instructions of the consumer pursuant to FCRA Section 604(a)(2), such as when an individual agrees to act as a guarantor or assumes personal liability for a consumer, business, or commercial loan.} @optional {user_id: str # A unique user identifier, created by `/user/create`. Integrations that began using `/user/create` after December 10, 2025 use this field to identify a user instead of the `user_token`. For more details, see [new user APIs](https://plaid.com/docs/api/users/user-apis)., user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis).} @returns(200) {request_id: str, user_insights_id: str, items: [map]} # OK @endgroup @group credit @endpoint POST /credit/audit_copy_token/update @desc Update an Audit Copy Token @required {audit_copy_token: str # The `audit_copy_token` you would like to update., report_tokens: [str] # Array of tokens which the specified Audit Copy Token will be updated with. The types of token supported are asset report token and employment report token. There can be at most 1 of each token type in the array.} @returns(200) {request_id: str, updated: bool} # OK @endgroup @group cra @endpoint POST /cra/partner_insights/get @desc Retrieve cash flow insights from the bank accounts used for income verification @required {user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis).} @optional {user_tier: str(free/paid) # The tier of the user.} @returns(200) {report: [map], request_id: str} # OK @endpoint POST /cra/check_report/income_insights/get @desc Retrieve cash flow information from your user's banks @optional {user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis)., third_party_user_token: str # The third-party user token associated with the requested User data., user_id: str # A unique user identifier, created by `/user/create`. Integrations that began using `/user/create` after December 10, 2025 use this field to identify a user instead of the `user_token`. For more details, see [new user APIs](https://plaid.com/docs/api/users/user-apis).} @returns(200) {report: map{report_id: str, generated_time: str(date-time), days_requested: int, client_report_id: str?, items: [map], bank_income_summary: map{total_amounts: [map], start_date: str(date), end_date: str(date), income_sources_count: int, income_categories_count: int, income_transactions_count: int, historical_average_monthly_gross_income: [map], historical_average_monthly_income: [map], forecasted_average_monthly_income: [map], historical_annual_gross_income: [map], historical_annual_income: [map], forecasted_annual_income: [map], historical_summary: [map]}, warnings: [map]}, request_id: str, warnings: [map]} # OK @endpoint POST /cra/check_report/base_report/get @desc Retrieve a Base Report @optional {user_id: str # A unique user identifier, created by `/user/create`. Integrations that began using `/user/create` after December 10, 2025 use this field to identify a user instead of the `user_token`. For more details, see [new user APIs](https://plaid.com/docs/api/users/user-apis)., third_party_user_token: str # The third-party user token associated with the requested User data., item_ids: [str] # The item IDs to include in the Base Report. If not provided, all items associated with the user will be included., user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis)., user_tier: str(free/paid) # The tier of the user.} @returns(200) {report: map{report_id: str, date_generated: str(date-time), days_requested: num, client_report_id: str?, items: [map], attributes: map{nsf_overdraft_transactions_count: int, nsf_overdraft_transactions_count_30d: int, nsf_overdraft_transactions_count_60d: int, nsf_overdraft_transactions_count_90d: int, total_inflow_amount: map?{amount: num, iso_currency_code: str?, unofficial_currency_code: str?}, total_inflow_amount_30d: map?{amount: num, iso_currency_code: str?, unofficial_currency_code: str?}, total_inflow_amount_60d: map?{amount: num, iso_currency_code: str?, unofficial_currency_code: str?}, total_inflow_amount_90d: map?{amount: num, iso_currency_code: str?, unofficial_currency_code: str?}, total_outflow_amount: map?{amount: num, iso_currency_code: str?, unofficial_currency_code: str?}, total_outflow_amount_30d: map?{amount: num, iso_currency_code: str?, unofficial_currency_code: str?}, total_outflow_amount_60d: map?{amount: num, iso_currency_code: str?, unofficial_currency_code: str?}, total_outflow_amount_90d: map?{amount: num, iso_currency_code: str?, unofficial_currency_code: str?}}}, warnings: [map], request_id: str} # OK @endpoint POST /cra/check_report/pdf/get @desc Retrieve Consumer Reports as a PDF @optional {user_id: str # A unique user identifier, created by `/user/create`. Integrations that began using `/user/create` after December 10, 2025 use this field to identify a user instead of the `user_token`. For more details, see [new user APIs](https://plaid.com/docs/api/users/user-apis)., third_party_user_token: str # The third-party user token associated with the requested User data., add_ons: [str] # Use this field to include other reports in the PDF., user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis).} @returns(200) OK @endpoint POST /cra/check_report/create @desc Refresh or create a Consumer Report @required {webhook: str(url) # The destination URL to which webhooks will be sent, days_requested: int # The number of days of data to request for the report. Default value is 365; maximum is 731; minimum is 180. If a value lower than 180 is provided, a minimum of 180 days of history will be requested., consumer_report_permissible_purpose: str(ACCOUNT_REVIEW_CREDIT/ACCOUNT_REVIEW_NON_CREDIT/EXTENSION_OF_CREDIT/LEGITIMATE_BUSINESS_NEED_TENANT_SCREENING/LEGITIMATE_BUSINESS_NEED_OTHER/WRITTEN_INSTRUCTION_PREQUALIFICATION/WRITTEN_INSTRUCTION_OTHER/ELIGIBILITY_FOR_GOVT_BENEFITS) # Describes the reason you are generating a Consumer Report for this user. When calling `/link/token/create`, this field is required when using Plaid Check (CRA) products; invalid if not using Plaid Check (CRA) products. `ACCOUNT_REVIEW_CREDIT`: In connection with a consumer credit transaction for the review or collection of an account pursuant to FCRA Section 604(a)(3)(A). `ACCOUNT_REVIEW_NON_CREDIT`: For a legitimate business need of the information to review a non-credit account provided primarily for personal, family, or household purposes to determine whether the consumer continues to meet the terms of the account pursuant to FCRA Section 604(a)(3)(F)(2). `EXTENSION_OF_CREDIT`: In connection with a credit transaction initiated by and involving the consumer pursuant to FCRA Section 604(a)(3)(A). `LEGITIMATE_BUSINESS_NEED_TENANT_SCREENING`: For a legitimate business need in connection with a business transaction initiated by the consumer primarily for personal, family, or household purposes in connection with a property rental assessment pursuant to FCRA Section 604(a)(3)(F)(i). `LEGITIMATE_BUSINESS_NEED_OTHER`: For a legitimate business need in connection with a business transaction made primarily for personal, family, or household initiated by the consumer pursuant to FCRA Section 604(a)(3)(F)(i). `WRITTEN_INSTRUCTION_PREQUALIFICATION`: In accordance with the written instructions of the consumer pursuant to FCRA Section 604(a)(2), to evaluate an application’s profile to make an offer to the consumer. `WRITTEN_INSTRUCTION_OTHER`: In accordance with the written instructions of the consumer pursuant to FCRA Section 604(a)(2), such as when an individual agrees to act as a guarantor or assumes personal liability for a consumer, business, or commercial loan. `ELIGIBILITY_FOR_GOVT_BENEFITS`: In connection with an eligibility determination for a government benefit where the entity is required to consider an applicant’s financial status pursuant to FCRA Section 604(a)(3)(D).} @optional {user_id: str # A unique user identifier, created by `/user/create`. Integrations that began using `/user/create` after December 10, 2025 use this field to identify a user instead of the `user_token`. For more details, see [new user APIs](https://plaid.com/docs/api/users/user-apis)., user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis)., days_required: int # The minimum number of days of data required for the report to be successfully generated., client_report_id: str # Client-generated identifier, which can be used by lenders to track loan applications., products: [str] # Specifies a list of products that will be eagerly generated when creating the report (in addition to the Base Report, which is always eagerly generated). These products will be made available before a success webhook is sent. Use this option to minimize response latency for product `/get` endpoints. Note that specifying `cra_partner_insights` in this field will trigger a billable event. Other products are not billed until the respective reports are fetched via product-specific `/get` endpoints., base_report: map{client_report_id: str, gse_options: map, require_identity: bool} # Defines configuration options to generate a Base Report, cashflow_insights: map{attributes_version: str} # Defines configuration options to generate Cashflow Insights, partner_insights: map{prism_versions: map, fico: map} # Defines configuration to generate Partner Insights., lend_score: map{lend_score_version: str} # Defines configuration options to generate the LendScore, network_insights: map{network_insights_version: str} # Defines configuration options to generate Network Insights, include_investments: bool # Indicates that investment data should be extracted from the linked account(s).} @returns(200) {request_id: str} # OK @endpoint POST /cra/check_report/partner_insights/get @desc Retrieve cash flow insights from partners @optional {user_id: str # A unique user identifier, created by `/user/create`. Integrations that began using `/user/create` after December 10, 2025 use this field to identify a user instead of the `user_token`. For more details, see [new user APIs](https://plaid.com/docs/api/users/user-apis)., third_party_user_token: str # The third-party user token associated with the requested User data., user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis)., user_tier: str(free/paid) # The tier of the user., partner_insights: map{prism_versions: map, fico: map} # Defines configuration to generate Partner Insights, options: map{prism_versions: map} # Deprecated, specify `partner_insights.prism_versions` instead.} @returns(200) {report: map{report_id: str, generated_time: str(date-time), client_report_id: str?, fico: map?{lender_application_id: str, ultrafico_score_results: [map]}, prism: map?{insights: map?{version: int, result: map, error_reason: str}, cash_score: map?{version: int, model_version: str, score: int?, reason_codes: [str], metadata: map, error_reason: str}, extend: map?{model_version: str, score: int?, reason_codes: [str], metadata: map, error_reason: str}, first_detect: map?{version: int, model_version: str, score: int?, reason_codes: [str], metadata: map, error_reason: str}, detect: map?{model_version: str, score: int?, reason_codes: [str], metadata: map, error_reason: str}, status: str}, items: [map]}, request_id: str, warnings: [map]} # OK @endpoint POST /cra/check_report/cashflow_insights/get @desc Retrieve cash flow insights from your user's banking data @optional {user_id: str # A unique user identifier, created by `/user/create`. Integrations that began using `/user/create` after December 10, 2025 use this field to identify a user instead of the `user_token`. For more details, see [new user APIs](https://plaid.com/docs/api/users/user-apis)., third_party_user_token: str # The third-party user token associated with the requested User data., user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis)., options: map{attributes_version: str} # Defines configuration options to generate Cashflow Insights} @returns(200) {report: map{report_id: str, generated_time: str(date-time), attributes: map}, request_id: str, warnings: [map]} # OK @endpoint POST /cra/check_report/lend_score/get @desc Retrieve the LendScore from your user's banking data @optional {user_id: str # A unique user identifier, created by `/user/create`. Integrations that began using `/user/create` after December 10, 2025 use this field to identify a user instead of the `user_token`. For more details, see [new user APIs](https://plaid.com/docs/api/users/user-apis)., third_party_user_token: str # The third-party user token associated with the requested User data., user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis)., options: map{lend_score_version: str} # Defines configuration options to generate the LendScore} @returns(200) {report: map{report_id: str, generated_time: str(date-time), lend_score: map?{score: int?, reason_codes: [str], error_reason: str?}}, request_id: str, warnings: [map]} # OK @endpoint POST /cra/check_report/network_insights/get @desc Retrieve network attributes for the user @optional {user_id: str # A unique user identifier, created by `/user/create`. Integrations that began using `/user/create` after December 10, 2025 use this field to identify a user instead of the `user_token`. For more details, see [new user APIs](https://plaid.com/docs/api/users/user-apis)., options: map{network_insights_version: str} # Defines configuration options to generate Network Insights, third_party_user_token: str # The third-party user token associated with the requested User data., user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis).} @returns(200) {report: map{report_id: str, generated_time: str(date-time), network_attributes: map, items: [map]}, request_id: str, warnings: [map]} # OK @endpoint POST /cra/check_report/verification/get @desc Retrieve various home lending reports for a user. @required {reports_requested: [str] # Specifies which types of home lending reports are expected in the response} @optional {user_id: str # A unique user identifier, created by `/user/create`. Integrations that began using `/user/create` after December 10, 2025 use this field to identify a user instead of the `user_token`. For more details, see [new user APIs](https://plaid.com/docs/api/users/user-apis)., employment_refresh_options: map{days_requested!: int} # Defines configuration options for the Employment Refresh Report., user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis).} @returns(200) {report: map{report_id: str, gse_reference_id: str, client_report_id: str?, voa: map?{generated_time: str(date-time), days_requested: num, items: [map], attributes: map{total_inflow_amount: map?, total_outflow_amount: map?}}, employment_refresh: map?{generated_time: str(date-time), days_requested: num, items: [map]}}, request_id: str, warnings: [map]} # OK @endpoint POST /cra/check_report/verification/pdf/get @desc Retrieve Consumer Reports as a Verification PDF @required {report_requested: str(voa/employment_refresh) # The type of verification PDF report to fetch.} @optional {user_id: str # A unique user identifier, created by `/user/create`. Integrations that began using `/user/create` after December 10, 2025 use this field to identify a user instead of the `user_token`. For more details, see [new user APIs](https://plaid.com/docs/api/users/user-apis)., third_party_user_token: str # The third-party user token associated with the requested User data., user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis).} @returns(200) OK @endpoint POST /cra/loans/applications/register @desc Register loan applications and decisions. @required {applications: [map{user_token!: str, application_id!: str, type!: str, decision!: str, application_date: str(date), decision_date: str(date)}] # A list of loan applications to register.} @returns(200) {request_id: str} # OK @endpoint POST /cra/loans/register @desc Register a list of loans to their applicants. @required {loans: [map{user_token!: str, loan_id!: str, type!: str, payment_schedule!: str, opened_date!: str(date), opened_with_status!: map, loan_amount: num, application: map}] # A list of loans to register.} @returns(200) {request_id: str} # OK @endpoint POST /cra/loans/update @desc Updates loan data. @required {loans: [map{loan_id: str, status_history: [map], payment_history: [map]}] # A list of loans to update.} @returns(200) {request_id: str} # OK @endpoint POST /cra/loans/unregister @desc Unregister a list of loans. @required {loans: [map{loan_id!: str, closed_with_status!: map}] # A list of loans to unregister.} @returns(200) {request_id: str} # OK @endgroup @group consumer_report @endpoint POST /consumer_report/pdf/get @desc Retrieve a PDF Reports @required {user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis).} @returns(200) OK @endgroup @group oauth @endpoint POST /oauth/token @desc Create or refresh an OAuth access token @required {grant_type: str(refresh_token/urn:ietf:params:oauth:grant-type:token-exchange/client_credentials) # The type of OAuth grant being requested: `client_credentials` allows exchanging a client id and client secret for a refresh and access token. `refresh_token` allows refreshing an access token using a refresh token. When using this grant type, only the `refresh_token` field is required (along with the `client_id` and `client_secret`). `urn:ietf:params:oauth:grant-type:token-exchange` allows exchanging a subject token for an OAuth token. When using this grant type, the `audience`, `subject_token` and `subject_token_type` fields are required. These grants are defined in their respective RFCs. `refresh_token` and `client_credentials` are defined in RFC 6749 and `urn:ietf:params:oauth:grant-type:token-exchange` is defined in RFC 8693.} @optional {client_secret: str # Your Plaid API `secret`. The `secret` is required and may be provided either in the `PLAID-SECRET` header or as part of a request body as either `secret` or `client_secret`., scope: str # A JSON string containing a space-separated list of scopes associated with this token, in the format described in [https://datatracker.ietf.org/doc/html/rfc6749#section-3.3](https://datatracker.ietf.org/doc/html/rfc6749#section-3.3). Currently accepted values are: `user:read` allows reading user data. `user:write` allows writing user data. `exchange` allows exchanging a token using the `urn:plaid:params:oauth:user-token` grant type. `mcp:dashboard` allows access to the MCP dashboard server., refresh_token: str # Refresh token for OAuth, resource: str # URI of the target resource server, audience: str # Used when exchanging a token. The meaning depends on the `subject_token_type`: - For `urn:plaid:params:tokens:user`: Must be the same as the `client_id`. - For `urn:plaid:params:oauth:user-token`: The other `client_id` to exchange tokens to. - For `urn:plaid:params:credit:multi-user`: a `client_id` or one of the supported CRA partner URNs: `urn:plaid:params:cra-partner:experian`, `urn:plaid:params:cra-partner:fannie-mae`, or `urn:plaid:params:cra-partner:freddie-mac`., subject_token: str # Token representing the subject. The `subject token` must be an OAuth refresh token issued from the `/oauth/token` endpoint. The meaning depends on the `subject_token_type`., subject_token_type: str(urn:plaid:params:tokens:user/urn:plaid:params:oauth:user-token/urn:plaid:params:credit:multi-user) # The type of the subject token. `urn:plaid:params:tokens:user` allows exchanging a Plaid-issued user token for an OAuth token. When using this token type, `audience` must be the same as the `client_id`. `subject_token` must be a Plaid-issued user token issued from the `/user/create` endpoint. `urn:plaid:params:oauth:user-token` allows exchanging a refresh token for an OAuth token to another `client_id`. The other `client_id` is provided in `audience`. `subject_token` must be an OAuth refresh token issued from the `/oauth/token` endpoint. `urn:plaid:params:credit:multi-user` allows exchanging a Plaid-issued user token for an OAuth token. When using this token type, `audience` may be a client id or a supported CRA partner URN. `audience` supports a comma-delimited list of clients. When multiple clients are specified in the `audience` a multi-party token is created which can be used by all parties in the audience in conjunction with their `client_id` and `client_secret`.} @returns(200) {access_token: str, refresh_token: str, token_type: str, expires_in: int, request_id: str} # OK @endpoint POST /oauth/introspect @desc Get metadata about an OAuth token @required {token: str # An OAuth token of any type (`refresh_token`, `access_token`, etc)} @optional {client_secret: str # Your Plaid API `secret`. The `secret` is required and may be provided either in the `PLAID-SECRET` header or as part of a request body as either `secret` or `client_secret`.} @returns(200) {active: bool, scope: str, client_id: str, exp: int, iat: int, sub: str, aud: str, iss: str, token_type: str, user_id: str, request_id: str} # OK @endpoint POST /oauth/revoke @desc Revoke an OAuth token @required {token: str # An OAuth token of any type (`refresh_token`, `access_token`, etc)} @optional {client_secret: str # Your Plaid API `secret`. The `secret` is required and may be provided either in the `PLAID-SECRET` header or as part of a request body as either `secret` or `client_secret`.} @returns(200) {request_id: str} # OK @endgroup @group statements @endpoint POST /statements/list @desc Retrieve a list of all statements associated with an item. @required {access_token: str # The access token associated with the Item data is being requested for.} @returns(200) {accounts: [map], institution_id: str, institution_name: str, item_id: str, request_id: str} # OK @endpoint POST /statements/download @desc Retrieve a single statement. @required {access_token: str # The access token associated with the Item data is being requested for., statement_id: str # Plaid's unique identifier for the statement.} @returns(200) OK @endpoint POST /statements/refresh @desc Refresh statements data. @required {access_token: str # The access token associated with the Item data is being requested for., start_date: str(date) # The start date for statements, in "YYYY-MM-DD" format, e.g. "2023-08-30". To determine whether a statement falls within the specified date range, Plaid will use the statement posted date. The statement posted date is typically either the last day of the statement period, or the following day., end_date: str(date) # The end date for statements, in "YYYY-MM-DD" format, e.g. "2023-10-30". You can request up to two years of data. To determine whether a statement falls within the specified date range, Plaid will use the statement posted date. The statement posted date is typically either the last day of the statement period, or the following day.} @returns(200) {request_id: str} # OK @endgroup @group consent @endpoint POST /consent/events/get @desc List a historical log of item consent events @required {access_token: str # The access token associated with the Item data is being requested for.} @returns(200) {request_id: str, consent_events: [map]} # OK @endgroup @group item @endpoint POST /item/activity/list @desc List a historical log of user consent events @optional {access_token: str # The access token associated with the Item data is being requested for., cursor: str # Cursor used for pagination., count: int=50} @returns(200) {request_id: str, activities: [map], last_data_access_times: [map], cursor: str} # OK @endpoint POST /item/application/list @desc List a user’s connected applications @optional {access_token: str # The access token associated with the Item data is being requested for.} @returns(200) {request_id: str, applications: [map]} # OK @endpoint POST /item/application/unlink @desc Unlink a user’s connected application @required {access_token: str # The access token associated with the Item data is being requested for., application_id: str # This field will map to the application ID that is returned from /item/application/list, or provided to the institution in an oauth redirect.} @returns(200) {request_id: str} # OK @endpoint POST /item/application/scopes/update @desc Update the scopes of access for a particular application @required {access_token: str # The access token associated with the Item data is being requested for., application_id: str # This field will map to the application ID that is returned from /item/application/list, or provided to the institution in an oauth redirect., scopes: map{product_access: map, accounts: [map], new_accounts: bool} # The scopes object, context: str(ENROLLMENT/PORTAL) # An indicator for when scopes are being updated. When scopes are updated via enrollment (i.e. OAuth), the partner must send `ENROLLMENT`. When scopes are updated in a post-enrollment view, the partner must send `PORTAL`.} @optional {state: str # When scopes are updated during enrollment, this field must be populated with the state sent to the partner in the OAuth Login URI. This field is required when the context is `ENROLLMENT`.} @returns(200) {request_id: str} # success @endgroup @group application @endpoint POST /application/get @desc Retrieve information about a Plaid application @required {application_id: str # This field will map to the application ID that is returned from /item/application/list, or provided to the institution in an oauth redirect.} @returns(200) {request_id: str, application: map{application_id: str, name: str, display_name: str?, join_date: str(date), logo_url: str?, application_url: str?, reason_for_access: str?, use_case: str?, company_legal_name: str?, city: str?, region: str?, postal_code: str?, country_code: str?}} # success @endgroup @group item @endpoint POST /item/get @desc Retrieve an Item @required {access_token: str # The access token associated with the Item data is being requested for.} @returns(200) {item: map, status: any?, request_id: str} # success @endgroup @group user_account @endpoint POST /user_account/session/get @desc Retrieve User Account @required {public_token: str # The public token generated by the end user Layer session.} @returns(200) {identity: map?{name: map?{first_name: str, last_name: str}, address: map?{city: str?, region: str?, street: str?, street2: str?, postal_code: str?, country: str?}, phone_number: str, email: str?, date_of_birth: str?, ssn: str?, ssn_last_4: str?}, items: [map], identity_edit_history: map?{name: map{edits_current: int, edits_1d: int, edits_30d: int, edits_365d: int, edits_all_time: int}, address: map{edits_current: int, edits_1d: int, edits_30d: int, edits_365d: int, edits_all_time: int}, email: map{edits_current: int, edits_1d: int, edits_30d: int, edits_365d: int, edits_all_time: int}, date_of_birth: map{edits_current: int, edits_1d: int, edits_30d: int, edits_365d: int, edits_all_time: int}, official_document: map?{ssn: map{edits_current: int, edits_1d: int, edits_30d: int, edits_365d: int, edits_all_time: int}}}, request_id: str} # success @endpoint POST /user_account/session/event/send @desc Send User Account Session Event @required {link_session_id: str # The Link session identifier., event: map{name!: str, timestamp!: str(date-time), outcome: str} # Event data for user account session tracking} @optional {cohort_id: str # Optional cohort identifier for the user session.} @returns(200) {request_id: str} # success @endgroup @group profile @endpoint POST /profile/network_status/get @desc Check a user's Plaid Network status @required {user: map{phone_number!: str} # An object specifying information about the end user for the network status check.} @returns(200) {network_status: str, request_id: str} # success @endgroup @group network @endpoint POST /network/status/get @desc Check a user's Plaid Network status @required {user: map{phone_number!: str} # An object specifying information about the end user for the network status check.} @optional {template_id: str # The id of a template defined in Plaid Dashboard. This field is used if you have additional criteria that you want to check against (e.g. Layer eligibility).} @returns(200) {network_status: str, layer: map?{eligible: bool}, request_id: str} # success @endgroup @group auth @endpoint POST /auth/get @desc Retrieve auth data @required {access_token: str # The access token associated with the Item data is being requested for.} @optional {options: map{account_ids: [str]} # An optional object to filter `/auth/get` results.} @returns(200) {accounts: [map], numbers: map{ach: [map], eft: [map], international: [map], bacs: [map]}, item: map{item_id: str, institution_id: str?, institution_name: str?, webhook: str?, auth_method: str?, error: map?{error_type: str, error_code: str, error_code_reason: str?, error_message: str, display_message: str?, request_id: str, causes: [any], status: int?, documentation_url: str, suggested_action: str?, required_account_subtypes: [str], provided_account_subtypes: [str]}, available_products: [str], billed_products: [str], products: [str], consented_products: [str], consent_expiration_time: str(date-time)?, update_type: str}, request_id: str} # success @endpoint POST /auth/verify @desc Verify auth data @required {numbers: map{ach!: map} # An object containing identifying account numbers for verification via Database Auth} @optional {legal_name: str # Account owner's legal name} @returns(200) {request_id: str, item_id: str?, verification_status: str, verification_insights: map{name_match_score: int?, network_status: map{has_numbers_match: bool, is_numbers_match_verified: bool}, previous_returns: map{has_previous_administrative_return: bool}, account_number_format: str}} # success @endgroup @group transactions @endpoint POST /transactions/get @desc Get transaction data @required {access_token: str # The access token associated with the Item data is being requested for., start_date: str(date) # The earliest date for which data should be returned. Dates should be formatted as YYYY-MM-DD., end_date: str(date) # The latest date for which data should be returned. Dates should be formatted as YYYY-MM-DD.} @optional {options: map{account_ids: [str], count: int, offset: int, include_original_description: bool, include_personal_finance_category_beta: bool, include_personal_finance_category: bool, include_logo_and_counterparty_beta: bool, personal_finance_category_version: str, days_requested: int} # An optional object to be used with the request. If specified, `options` must not be `null`.} @returns(200) {accounts: [map], transactions: [any], total_transactions: int, item: map{item_id: str, institution_id: str?, institution_name: str?, webhook: str?, auth_method: str?, error: map?{error_type: str, error_code: str, error_code_reason: str?, error_message: str, display_message: str?, request_id: str, causes: [any], status: int?, documentation_url: str, suggested_action: str?, required_account_subtypes: [str], provided_account_subtypes: [str]}, available_products: [str], billed_products: [str], products: [str], consented_products: [str], consent_expiration_time: str(date-time)?, update_type: str}, request_id: str} # OK @endpoint POST /transactions/refresh @desc Refresh transaction data @required {access_token: str # The access token associated with the Item data is being requested for.} @returns(200) {request_id: str} # OK @endgroup @group sandbox @endpoint POST /sandbox/transactions/create @desc Create sandbox transactions @required {access_token: str # The access token associated with the Item data is being requested for., transactions: [map{date_transacted!: str(date), date_posted!: str(date), amount!: num(double), description!: str, iso_currency_code: str}] # List of transactions to be added} @returns(200) {request_id: str} # OK @errors {400: Invalid request} @endgroup @group cashflow_report @endpoint POST /cashflow_report/refresh @desc Refresh transaction data in `cashflow_report` @required {access_token: str # The access token associated with the Item data is being requested for., days_requested: int=365 # Number of days to retrieve transactions data for (1 to 730)} @returns(200) {request_id: str} # OK @endpoint POST /cashflow_report/get @desc Gets transaction data in `cashflow_report` @required {access_token: str # The access token associated with the Item data is being requested for., days_requested: int # Number of days to retrieve transactions data for (1 to 730)} @optional {count: int=100 # Number of transactions to fetch per call, cursor: str # The cursor value represents the last update requested. Pass in the empty string "" in the first call., options: map{account_ids: [str]} # An optional object to be used with the request. If specified, `options` must not be `null`.} @returns(200) {accounts: [any], transactions: [map], total_transactions: int, item: map{item_id: str, institution_id: str?, institution_name: str?, webhook: str?, auth_method: str?, error: map?{error_type: str, error_code: str, error_code_reason: str?, error_message: str, display_message: str?, request_id: str, causes: [any], status: int?, documentation_url: str, suggested_action: str?, required_account_subtypes: [str], provided_account_subtypes: [str]}, available_products: [str], billed_products: [str], products: [str], consented_products: [str], consent_expiration_time: str(date-time)?, update_type: str}, next_cursor: str, has_more: bool, last_successful_update_time: str(date-time), request_id: str} # OK @endpoint POST /cashflow_report/transactions/get @desc Gets transaction data in cashflow_report @required {access_token: str # The access token associated with the Item data is being requested for.} @optional {count: int=100 # Number of transactions to fetch per call, cursor: str # The cursor value represents the last update requested. Pass in the empty string "" in the first call., options: map{account_ids: [str]} # An optional object to be used with the request. If specified, `options` must not be `null`.} @returns(200) {accounts: [any], transactions: [map], total_transactions: int, item: map{item_id: str, institution_id: str?, institution_name: str?, webhook: str?, auth_method: str?, error: map?{error_type: str, error_code: str, error_code_reason: str?, error_message: str, display_message: str?, request_id: str, causes: [any], status: int?, documentation_url: str, suggested_action: str?, required_account_subtypes: [str], provided_account_subtypes: [str]}, available_products: [str], billed_products: [str], products: [str], consented_products: [str], consent_expiration_time: str(date-time)?, update_type: str}, next_cursor: str, has_more: bool, request_id: str} # OK @endpoint POST /cashflow_report/insights/get @desc Gets insights data in Cashflow Report @required {access_token: str # The access token associated with the Item data is being requested for.} @returns(200) {item: map{item_id: str, institution_id: str?, institution_name: str?, webhook: str?, auth_method: str?, error: map?{error_type: str, error_code: str, error_code_reason: str?, error_message: str, display_message: str?, request_id: str, causes: [any], status: int?, documentation_url: str, suggested_action: str?, required_account_subtypes: [str], provided_account_subtypes: [str]}, available_products: [str], billed_products: [str], products: [str], consented_products: [str], consent_expiration_time: str(date-time)?, update_type: str}, accounts: [any], account_insights: map{historical_balances: [map], monthly_summaries: [map]}, last_generated_time: str(date-time), request_id: str} # OK @endgroup @group transactions @endpoint POST /transactions/recurring/get @desc Fetch recurring transaction streams @required {access_token: str # The access token associated with the Item data is being requested for.} @optional {options: map{include_personal_finance_category: bool, personal_finance_category_version: str} # An optional object to be used with the request. If specified, `options` must not be `null`., account_ids: [str] # An optional list of `account_ids` to retrieve for the Item. Retrieves all active accounts on item if no `account_id`s are provided. Note: An error will be returned if a provided `account_id` is not associated with the Item.} @returns(200) {inflow_streams: [map], outflow_streams: [map], updated_datetime: str(date-time), personal_finance_category_version: str, request_id: str} # OK @endpoint POST /transactions/sync @desc Get incremental transaction updates on an Item @required {access_token: str # The access token associated with the Item data is being requested for.} @optional {cursor: str # The cursor value represents the last update requested. Providing it will cause the response to only return changes after this update. If omitted, the entire history of updates will be returned, starting with the first-added transactions on the Item. The cursor also accepts the special value of `"now"`, which can be used to fast-forward the cursor as part of migrating an existing Item from `/transactions/get` to `/transactions/sync`. For more information, see the [Transactions sync migration guide](https://plaid.com/docs/transactions/sync-migration/). Note that using the `"now"` value is not supported for any use case other than migrating existing Items from `/transactions/get`. The upper-bound length of this cursor is 256 characters of base64., count: int=100 # The number of transaction updates to fetch., options: map{include_original_description: bool, include_personal_finance_category: bool, include_logo_and_counterparty_beta: bool, personal_finance_category_version: str, days_requested: int, account_id: str} # An optional object to be used with the request. If specified, `options` must not be `null`.} @returns(200) {transactions_update_status: str, accounts: [map], added: [any], modified: [any], removed: [map], next_cursor: str, has_more: bool, request_id: str} # OK @endpoint POST /transactions/enrich @desc Enrich locally-held transaction data @required {account_type: str # The account type for the requested transactions (either `depository` or `credit`)., transactions: [map{id!: str, user_id: str, client_user_id: str, client_account_id: str, account_type: str, account_subtype: str, description!: str, amount!: num(double), direction!: str, iso_currency_code!: str, location: map, mcc: str, date_posted: str(date)}] # An array of transaction objects to be enriched by Plaid. Maximum of 100 transactions per request.} @optional {options: map{include_legacy_category: bool, personal_finance_category_version: str} # An optional object to be used with the request.} @returns(200) {enriched_transactions: [map], request_id: str} # OK @endgroup @group user @endpoint POST /user/transactions/refresh @desc Refresh user items for Transactions bundle @required {user_id: str # A Plaid-generated ID that identifies the end user.} @returns(200) {request_id: str, user_id: str, results: [map]} # OK @example_request {"user_id":"usr_8c3ZbDBYjaqUXZ"} @endpoint POST /user/financial_data/refresh @desc Refresh user items for Financial-Insights bundle @required {user_id: str # A Plaid-generated ID that identifies the end user.} @returns(200) {request_id: str, user_id: str, results: [map]} # OK @example_request {"user_id":"usr_8c3ZbDBYjaqUXZ"} @endgroup @group institutions @endpoint POST /institutions/get @desc Get details of all supported institutions @required {count: int # The total number of Institutions to return., offset: int # The number of Institutions to skip., country_codes: [str] # Specify which country or countries to include institutions from, using the ISO-3166-1 alpha-2 country code standard. In API versions 2019-05-29 and earlier, the `country_codes` parameter is an optional parameter within the `options` object and will default to `[US]` if it is not supplied.} @optional {options: map{products: [str], routing_numbers: [str], oauth: bool, include_optional_metadata: bool, include_auth_metadata: bool, include_payment_initiation_metadata: bool} # An optional object to filter `/institutions/get` results.} @returns(200) {institutions: [map], total: int, request_id: str} # OK @endpoint POST /institutions/search @desc Search institutions @required {query: str # The search query. Institutions with names matching the query are returned, country_codes: [str] # Specify which country or countries to include institutions from, using the ISO-3166-1 alpha-2 country code standard. In API versions 2019-05-29 and earlier, the `country_codes` parameter is an optional parameter within the `options` object and will default to `[US]` if it is not supplied.} @optional {products: [str] # Filter the Institutions based on whether they support all products listed in `products`. Provide `null` to get institutions regardless of supported products. Note that when `auth` is specified as a product, if you are enabled for Instant Match or Automated Micro-deposits, institutions that support those products will be returned even if `auth` is not present in their product array. To search for Transfer support, use `auth`; to search for Signal Transaction Scores support, use `balance`., options: map{oauth: bool, include_optional_metadata: bool, include_auth_metadata: bool, include_payment_initiation_metadata: bool, payment_initiation: map} # An optional object to filter `/institutions/search` results.} @returns(200) {institutions: [map], request_id: str} # OK @endpoint POST /institutions/get_by_id @desc Get details of an institution @required {institution_id: str # The ID of the institution to get details about, country_codes: [str] # Specify which country or countries to include institutions from, using the ISO-3166-1 alpha-2 country code standard. In API versions 2019-05-29 and earlier, the `country_codes` parameter is an optional parameter within the `options` object and will default to `[US]` if it is not supplied.} @optional {options: map{include_optional_metadata: bool, include_status: bool, include_auth_metadata: bool, include_payment_initiation_metadata: bool} # Specifies optional parameters for `/institutions/get_by_id`. If provided, must not be `null`.} @returns(200) {institution: map{institution_id: str, name: str, products: [str], country_codes: [str], url: str?, primary_color: str?, logo: str?, routing_numbers: [str], dtc_numbers: [str], oauth: bool, status: map?{item_logins: map?{status: str, last_status_change: str(date-time), breakdown: map}, transactions_updates: map?{status: str, last_status_change: str(date-time), breakdown: map}, auth: map?{status: str, last_status_change: str(date-time), breakdown: map}, identity: map?{status: str, last_status_change: str(date-time), breakdown: map}, investments_updates: map?{status: str, last_status_change: str(date-time), breakdown: map}, liabilities_updates: map?{status: str, last_status_change: str(date-time), breakdown: map}, liabilities: map?{status: str, last_status_change: str(date-time), breakdown: map}, investments: map?{status: str, last_status_change: str(date-time), breakdown: map}, health_incidents: [map]?}, payment_initiation_metadata: map?{supports_international_payments: bool, supports_sepa_instant: bool, maximum_payment_amount: map, supports_refund_details: bool, standing_order_metadata: map?{supports_standing_order_end_date: bool, supports_standing_order_negative_execution_days: bool, valid_standing_order_intervals: [str]}, supports_payment_consents: bool}, auth_metadata: map?{supported_methods: map?{instant_auth: bool, instant_match: bool, automated_micro_deposits: bool, instant_micro_deposits: bool}}}, request_id: str} # OK @endgroup @group item @endpoint POST /item/remove @desc Remove an Item @required {access_token: str # The access token associated with the Item data is being requested for.} @optional {reason_code: str(FRAUD_FIRST_PARTY/FRAUD_FALSE_IDENTITY/FRAUD_ABUSE/FRAUD_OTHER/CONNECTION_IS_NON_FUNCTIONAL/OTHER) # The reason for removing the item `FRAUD_FIRST_PARTY`: The end user who owns the connected bank account committed fraud `FRAUD_FALSE_IDENTITY`: The end user created the connection using false identity information or stolen credentials `FRAUD_ABUSE`: The end user is abusing the client's service or platform through their connected account `FRAUD_OTHER`: Other fraud-related reasons involving the end user not covered by the specific fraud categories `CONNECTION_IS_NON_FUNCTIONAL`: The connection to the end user's financial institution is broken and cannot be restored `OTHER`: Any other reason for removing the connection not covered by the above categories, reason_note: str # Additional context or details about the reason for removing the item. Personally identifiable information, such as an email address or phone number, should not be included in the `reason_note`.} @returns(200) {request_id: str} # success @endpoint POST /item/products/terminate @desc Terminate products for an Item @required {access_token: str # The access token associated with the Item data is being requested for., reason_code: str # The reason for terminating products on the Item. `OTHER`: Any other reason for terminating products not covered by the above categories} @optional {reason_note: str # Additional context or details about the reason for terminating products on the Item. Personally identifiable information, such as an email address or phone number, should not be included in the `reason_note`.} @returns(200) {request_id: str} # success @endpoint POST /item/handle_fraud_report @desc Report fraud for an Item @required {access_token: str # The access token associated with the Item data is being requested for., report_confidence: str(CONFIRMED/SUSPECTED) # The confidence level of the incident report. `CONFIRMED` indicates the incident has been verified and definitively occurred. `SUSPECTED` indicates the incident is believed to have occurred but has not been fully verified., report_type: str(USER_ACCOUNT_TAKEOVER/FALSE_IDENTITY/STOLEN_IDENTITY/SYNTHETIC_IDENTITY/MULTIPLE_USER_ACCOUNTS/SCAM_VICTIM/BANK_ACCOUNT_TAKEOVER/BANK_CONNECTION_REVOKED/CARD_TESTING/UNAUTHORIZED_TRANSACTION/CARD_CHARGEBACK/ACH_RETURN/DISPUTE/FIRST_PARTY_FRAUD/MISSED_PAYMENT/LOAN_STACKING/MONEY_LAUNDERING/NO_FRAUD/OTHER) # The type of incident being reported. `USER_ACCOUNT_TAKEOVER` - Indicates that a legitimate user's account was accessed or controlled by an unauthorized party. `FALSE_IDENTITY` - Indicates that a user created an account using stolen or fabricated identity information. `STOLEN_IDENTITY` - Indicates that a user created an account using identity information belonging to a real individual without their consent. `SYNTHETIC_IDENTITY` - Indicates that a user created an account using a fake or partially fabricated identity (e.g., combining real and fake information to form a new persona). `MULTIPLE_USER_ACCOUNTS` - Indicates that the same individual is operating multiple accounts in violation of policy. `SCAM_VICTIM` - Indicates that the user was tricked into authorizing or sending funds as part of a scam. `BANK_ACCOUNT_TAKEOVER` - Indicates that a user's linked bank account was accessed or misused by an unauthorized party. `BANK_CONNECTION_REVOKED` - Indicates that a linked bank account connection was revoked by the financial institution, often due to suspected misuse, fraud, or security concerns. `CARD_TESTING` - Indicates that a card was used in small or repeated transactions to test its validity. `UNAUTHORIZED_TRANSACTION` - Indicates that a transaction was made without the user's consent or authorization. `CARD_CHARGEBACK` - Indicates that a card transaction was reversed via a chargeback claim. `ACH_RETURN` - Indicates that an ACH transaction was returned or reversed by the bank. `DISPUTE` - Indicates that a user filed a dispute regarding a transaction or account activity. `FIRST_PARTY_FRAUD` - Indicates that a user intentionally misrepresented themselves or their actions for financial gain. `MISSED_PAYMENT` - Indicates that a user failed to make a required payment on time. `LOAN_STACKING` - Indicates that a user applied for or took out multiple loans simultaneously beyond their ability to repay. `MONEY_LAUNDERING` - Indicates that funds are being moved through accounts to obscure their illicit origin. `NO_FRAUD` - Indicates that an investigation determined no fraudulent activity occurred on user/event (positive label) `OTHER` - Indicates that the case involves fraud or financial risk not covered by other report types. Requires notes describing the report., report_source: str(INTERNAL_REVIEW/USER_SELF_REPORTED/BANK_FEEDBACK/NETWORK_FEEDBACK/AUTOMATED_SYSTEM/THIRD_PARTY_ALERT/OTHER) # The source that identified or reported the incident. `INTERNAL_REVIEW` - Incident was identified through internal fraud investigations or review processes. `USER_SELF_REPORTED` - Incident was reported directly by the affected user. `BANK_FEEDBACK` - Incident was identified through bank feedback, including ACH returns and connection revocations. `NETWORK_FEEDBACK` - Incident was identified through card network alerts or chargebacks. `AUTOMATED_SYSTEM` - Incident was detected by automated systems such as fraud models or rule engines. `THIRD_PARTY_ALERT` - Incident was identified through external vendor or consortium alerts. `OTHER` - Incident was identified through a source not covered by other categories.} @optional {user_id: str # The Plaid User ID associated with the report., incident_event: map{protect_event_id: str, link_session_id: str, idv_session_id: str, signal_client_transaction_id: str, internal_reference: str, time: str(date-time), amount: map, access_token: any} # details about the incident event., bank_account: map{account_id: str, account_number: str, routing_number: str} # Bank account information associated with the incident., ach_return_code: str # Must be a valid ACH return code (e.g. `R01`), required if `report_type` is `ACH_RETURN`., notes: str # Additional context or details about the report, required if `report_type` is `OTHER`.} @returns(200) {report_id: str, request_id: str} # success @endgroup @group accounts @endpoint POST /accounts/get @desc Retrieve accounts @required {access_token: str # The access token associated with the Item data is being requested for.} @optional {options: map{account_ids: [str]} # An optional object to filter `/accounts/get` results.} @returns(200) {accounts: [map], item: map{item_id: str, institution_id: str?, institution_name: str?, webhook: str?, auth_method: str?, error: map?{error_type: str, error_code: str, error_code_reason: str?, error_message: str, display_message: str?, request_id: str, causes: [any], status: int?, documentation_url: str, suggested_action: str?, required_account_subtypes: [str], provided_account_subtypes: [str]}, available_products: [str], billed_products: [str], products: [str], consented_products: [str], consent_expiration_time: str(date-time)?, update_type: str}, request_id: str} # success @example_request {"client_id":"string","secret":"string","access_token":"string","options":{"account_ids":["string"]}} @endgroup @group categories @endpoint POST /categories/get @desc (Deprecated) Get legacy categories @returns(200) {categories: [map], request_id: str} # success @endgroup @group sandbox @endpoint POST /sandbox/processor_token/create @desc Create a test Item and processor token @required {institution_id: str # The ID of the institution the Item will be associated with} @optional {options: map{override_username: str, override_password: str} # An optional set of options to be used when configuring the Item. If specified, must not be `null`.} @returns(200) {processor_token: str, request_id: str} # OK @endpoint POST /sandbox/public_token/create @desc Create a test Item @required {institution_id: str # The ID of the institution the Item will be associated with, initial_products: [str] # The products to initially pull for the Item. May be any products that the specified `institution_id` supports. This array may not be empty.} @optional {options: map{webhook: str(url), override_username: str, override_password: str, transactions: map, statements: map, income_verification: map} # An optional set of options to be used when configuring the Item. If specified, must not be `null`., user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis)., user_id: str # A unique user identifier, created by `/user/create`. Integrations that began using `/user/create` after December 10, 2025 use this field to identify a user instead of the `user_token`. For more details, see [new user APIs](https://plaid.com/docs/api/users/user-apis).} @returns(200) {public_token: str, request_id: str} # success @endpoint POST /sandbox/item/fire_webhook @desc Fire a test webhook @required {access_token: str # The access token associated with the Item data is being requested for., webhook_code: str(DEFAULT_UPDATE/NEW_ACCOUNTS_AVAILABLE/SMS_MICRODEPOSITS_VERIFICATION/AUTHORIZATION_GRANTED/USER_PERMISSION_REVOKED/USER_ACCOUNT_REVOKED/PENDING_DISCONNECT/RECURRING_TRANSACTIONS_UPDATE/LOGIN_REPAIRED/SYNC_UPDATES_AVAILABLE/PRODUCT_READY/ERROR) # The webhook codes that can be fired by this test endpoint.} @optional {webhook_type: str(AUTH/HOLDINGS/INVESTMENTS_TRANSACTIONS/ITEM/LIABILITIES/TRANSACTIONS/ASSETS) # The webhook types that can be fired by this test endpoint.} @returns(200) {webhook_fired: bool, request_id: str} # success @endgroup @group accounts @endpoint POST /accounts/balance/get @desc Retrieve real-time balance data @required {access_token: str # The access token associated with the Item data is being requested for.} @optional {options: map{account_ids: [str], min_last_updated_datetime: str(date-time)} # Optional parameters to `/accounts/balance/get`.} @returns(200) {accounts: [map], item: map{item_id: str, institution_id: str?, institution_name: str?, webhook: str?, auth_method: str?, error: map?{error_type: str, error_code: str, error_code_reason: str?, error_message: str, display_message: str?, request_id: str, causes: [any], status: int?, documentation_url: str, suggested_action: str?, required_account_subtypes: [str], provided_account_subtypes: [str]}, available_products: [str], billed_products: [str], products: [str], consented_products: [str], consent_expiration_time: str(date-time)?, update_type: str}, request_id: str} # OK @example_request {"access_token":"string","secret":"string","client_id":"string","options":{"account_ids":["string"]}} @endgroup @group identity @endpoint POST /identity/get @desc Retrieve identity data @required {access_token: str # The access token associated with the Item data is being requested for.} @optional {options: map{account_ids: [str]} # An optional object to filter `/identity/get` results.} @returns(200) {accounts: [any], item: map{item_id: str, institution_id: str?, institution_name: str?, webhook: str?, auth_method: str?, error: map?{error_type: str, error_code: str, error_code_reason: str?, error_message: str, display_message: str?, request_id: str, causes: [any], status: int?, documentation_url: str, suggested_action: str?, required_account_subtypes: [str], provided_account_subtypes: [str]}, available_products: [str], billed_products: [str], products: [str], consented_products: [str], consent_expiration_time: str(date-time)?, update_type: str}, request_id: str} # OK @endpoint POST /identity/documents/uploads/get @desc Returns uploaded document identity @required {access_token: str # The access token associated with the Item data is being requested for.} @optional {options: map{account_ids: [str]} # An optional object to filter `/identity/documents/uploads/get` results.} @returns(200) {accounts: [any], item: map{item_id: str, institution_id: str?, institution_name: str?, webhook: str?, auth_method: str?, error: map?{error_type: str, error_code: str, error_code_reason: str?, error_message: str, display_message: str?, request_id: str, causes: [any], status: int?, documentation_url: str, suggested_action: str?, required_account_subtypes: [str], provided_account_subtypes: [str]}, available_products: [str], billed_products: [str], products: [str], consented_products: [str], consent_expiration_time: str(date-time)?, update_type: str}, request_id: str} # OK @endpoint POST /identity/match @desc Retrieve identity match score @required {access_token: str # The access token associated with the Item data is being requested for.} @optional {user: map{legal_name: str, phone_number: str, email_address: str, address: any} # The user's legal name, phone number, email address and address used to perform fuzzy match. If Financial Account Matching is enabled in the Identity Verification product, leave this field empty to automatically match against PII collected from the Identity Verification checks., options: map{account_ids: [str]} # An optional object to filter /identity/match results} @returns(200) {accounts: [any], item: map{item_id: str, institution_id: str?, institution_name: str?, webhook: str?, auth_method: str?, error: map?{error_type: str, error_code: str, error_code_reason: str?, error_message: str, display_message: str?, request_id: str, causes: [any], status: int?, documentation_url: str, suggested_action: str?, required_account_subtypes: [str], provided_account_subtypes: [str]}, available_products: [str], billed_products: [str], products: [str], consented_products: [str], consent_expiration_time: str(date-time)?, update_type: str}, request_id: str} # OK @endpoint POST /identity/refresh @desc Refresh identity data @required {access_token: str # The access token associated with the Item data is being requested for.} @returns(200) {request_id: str} # OK @endgroup @group dashboard_user @endpoint POST /dashboard_user/get @desc Retrieve a dashboard user @required {dashboard_user_id: str # ID of the associated user. To retrieve the email address or other details of the person corresponding to this id, use `/dashboard_user/get`.} @returns(200) {id: str, created_at: str(date-time), email_address: str(email), status: str, request_id: str} # OK @endpoint POST /dashboard_user/list @desc List dashboard users @optional {cursor: str # An identifier that determines which page of results you receive.} @returns(200) {dashboard_users: [map], next_cursor: str?, request_id: str} # OK @endgroup @group identity_verification @endpoint POST /identity_verification/create @desc Create a new Identity Verification @required {is_shareable: bool # A flag specifying whether you would like Plaid to expose a shareable URL for the verification being created., template_id: str # ID of the associated Identity Verification template. Like all Plaid identifiers, this is case-sensitive., gave_consent: bool=false # A flag specifying whether the end user has already agreed to a privacy policy specifying that their data will be shared with Plaid for verification purposes. If `gave_consent` is set to `true`, the `accept_tos` step will be marked as `skipped` and the end user's session will start at the next step requirement.} @optional {client_user_id: str # A unique ID that identifies the end user in your system. Either a `user_id` or the `client_user_id` must be provided. This ID can also be used to associate user-specific data from other Plaid products. Financial Account Matching requires this field and the `/link/token/create` `client_user_id` to be consistent. Personally identifiable information, such as an email address or phone number, should not be used in the `client_user_id`., user_id: str # Unique user identifier, created by calling `/user/create`. Either a `user_id` or the `client_user_id` must be provided. The `user_id` may only be used instead of the `client_user_id` if you were not a pre-existing user of `/user/create` as of December 10, 2025; for more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis). If both this field and a `client_user_id` are present in a request, the `user_id` must have been created from the provided `client_user_id`., user: map{email_address: str(email), phone_number: str, date_of_birth: str(date), name: map, address: map, id_number: map, client_user_id: str} # User information collected outside of Link, most likely via your own onboarding process. Each of the following identity fields are optional: `email_address` `phone_number` `date_of_birth` `name` `address` `id_number` Specifically, these fields are optional in that they can either be fully provided (satisfying every required field in their subschema) or omitted from the request entirely by not providing the key or value. Providing these fields via the API will result in Link skipping the data collection process for the associated user. All verification steps enabled in the associated Identity Verification Template will still be run. Verification steps will either be run immediately, or once the user completes the `accept_tos` step, depending on the value provided to the `gave_consent` field. If you are not using the shareable URL feature, you can optionally provide these fields via `/link/token/create` instead; both `/identity_verification/create` and `/link/token/create` are valid ways to provide this information. Note that if you provide a non-`null` user data object via `/identity_verification/create`, any user data fields entered via `/link/token/create` for the same `client_user_id` will be ignored when prefilling Link., is_idempotent: bool # An optional flag specifying how you would like Plaid to handle attempts to create an Identity Verification when an Identity Verification already exists for the provided `client_user_id` and `template_id`. If idempotency is enabled, Plaid will return the existing Identity Verification. If idempotency is disabled, Plaid will reject the request with a `400 Bad Request` status code if an Identity Verification already exists for the supplied `client_user_id` and `template_id`.} @returns(200) {id: str, client_user_id: str, created_at: str(date-time), completed_at: str(date-time)?, previous_attempt_id: str?, shareable_url: str?, template: map{id: str, version: int}, user: map{phone_number: str?, date_of_birth: str(date)?, ip_address: str?, email_address: str(email)?, name: map?{given_name: str, family_name: str}, address: map?{street: str?, street2: str?, city: str?, region: str?, postal_code: str?, country: str}, id_number: map?{value: str, type: str}}, status: str, steps: map{accept_tos: str, verify_sms: str, kyc_check: str, documentary_verification: str, selfie_check: str, watchlist_screening: str, risk_check: str}, documentary_verification: map?{status: str, documents: [map]}, selfie_check: map?{status: str, selfies: [map]}, kyc_check: map?{status: str, address: map{summary: str, po_box: str, type: str, street: str, city: str, region: str, postal_code: str, international_details: map?{building: str, county: str, district: str, house_number: str, subpremise: str, thoroughfare: str}}, name: map{summary: str, given_name: str, family_name: str}, date_of_birth: map{summary: str, day: str, month: str, year: str}, id_number: map{summary: str}, phone_number: map{summary: str, area_code: str}}, risk_check: map?{status: str, behavior: map?{user_interactions: str, fraud_ring_detected: str, bot_detected: str, risk_level: str}, email: map?{is_deliverable: str, breach_count: int?, first_breached_at: str(date)?, last_breached_at: str(date)?, domain_registered_at: str(date)?, domain_is_free_provider: str, domain_is_custom: str, domain_is_disposable: str, top_level_domain_is_suspicious: str, linked_services: [str], risk_level: str, factors: [str]}, phone: map?{linked_services: [str], risk_level: str, factors: [str]}, devices: [map], identity_abuse_signals: map?{synthetic_identity: map?{score: int, risk_level: str, first_party_synthetic_fraud: map?, third_party_synthetic_fraud: map?}, stolen_identity: map?{score: int, risk_level: str}}, network: map?{risk_level: str, factors: [str]}, facial_duplicates: [map], trust_index_score: int?}, verify_sms: map?{status: str, verifications: [map]}, watchlist_screening_id: str?, beacon_user_id: str?, user_id: str?, redacted_at: str(date-time)?, latest_scored_protect_event: map?{event_id: str, timestamp: str(date-time), trust_index: map?{score: int, model: str, subscores: map?{device_and_connection: map?, bank_account_insights: map?}}, fraud_attributes: map?}, request_id: str} # OK @endpoint POST /identity_verification/get @desc Retrieve Identity Verification @required {identity_verification_id: str # ID of the associated Identity Verification attempt.} @returns(200) {id: str, client_user_id: str, created_at: str(date-time), completed_at: str(date-time)?, previous_attempt_id: str?, shareable_url: str?, template: map{id: str, version: int}, user: map{phone_number: str?, date_of_birth: str(date)?, ip_address: str?, email_address: str(email)?, name: map?{given_name: str, family_name: str}, address: map?{street: str?, street2: str?, city: str?, region: str?, postal_code: str?, country: str}, id_number: map?{value: str, type: str}}, status: str, steps: map{accept_tos: str, verify_sms: str, kyc_check: str, documentary_verification: str, selfie_check: str, watchlist_screening: str, risk_check: str}, documentary_verification: map?{status: str, documents: [map]}, selfie_check: map?{status: str, selfies: [map]}, kyc_check: map?{status: str, address: map{summary: str, po_box: str, type: str, street: str, city: str, region: str, postal_code: str, international_details: map?{building: str, county: str, district: str, house_number: str, subpremise: str, thoroughfare: str}}, name: map{summary: str, given_name: str, family_name: str}, date_of_birth: map{summary: str, day: str, month: str, year: str}, id_number: map{summary: str}, phone_number: map{summary: str, area_code: str}}, risk_check: map?{status: str, behavior: map?{user_interactions: str, fraud_ring_detected: str, bot_detected: str, risk_level: str}, email: map?{is_deliverable: str, breach_count: int?, first_breached_at: str(date)?, last_breached_at: str(date)?, domain_registered_at: str(date)?, domain_is_free_provider: str, domain_is_custom: str, domain_is_disposable: str, top_level_domain_is_suspicious: str, linked_services: [str], risk_level: str, factors: [str]}, phone: map?{linked_services: [str], risk_level: str, factors: [str]}, devices: [map], identity_abuse_signals: map?{synthetic_identity: map?{score: int, risk_level: str, first_party_synthetic_fraud: map?, third_party_synthetic_fraud: map?}, stolen_identity: map?{score: int, risk_level: str}}, network: map?{risk_level: str, factors: [str]}, facial_duplicates: [map], trust_index_score: int?}, verify_sms: map?{status: str, verifications: [map]}, watchlist_screening_id: str?, beacon_user_id: str?, user_id: str?, redacted_at: str(date-time)?, latest_scored_protect_event: map?{event_id: str, timestamp: str(date-time), trust_index: map?{score: int, model: str, subscores: map?{device_and_connection: map?, bank_account_insights: map?}}, fraud_attributes: map?}, request_id: str} # OK @endpoint POST /identity_verification/list @desc List Identity Verifications @required {template_id: str # ID of the associated Identity Verification template. Like all Plaid identifiers, this is case-sensitive.} @optional {client_user_id: str # A unique ID that identifies the end user in your system. Either a `user_id` or the `client_user_id` must be provided. This ID can also be used to associate user-specific data from other Plaid products. Financial Account Matching requires this field and the `/link/token/create` `client_user_id` to be consistent. Personally identifiable information, such as an email address or phone number, should not be used in the `client_user_id`., user_id: any # A unique user identifier, created by calling `/user/create`. Either a `user_id` or the `client_user_id` must be provided. The `user_id` may only be used instead of the `client_user_id` if you were not a pre-existing user of `/user/create` as of December 10, 2025; for more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis). If both this field and the `client_user_id` are present in the request, the `user_id` must have been created from the provided `client_user_id`., cursor: str # An identifier that determines which page of results you receive.} @returns(200) {identity_verifications: [map], next_cursor: str?, request_id: str} # OK @endpoint POST /identity_verification/retry @desc Retry an Identity Verification @required {client_user_id: str # A unique ID that identifies the end user in your system. Either a `user_id` or the `client_user_id` must be provided. This ID can also be used to associate user-specific data from other Plaid products. Financial Account Matching requires this field and the `/link/token/create` `client_user_id` to be consistent. Personally identifiable information, such as an email address or phone number, should not be used in the `client_user_id`., template_id: str # ID of the associated Identity Verification template. Like all Plaid identifiers, this is case-sensitive., strategy: str(reset/incomplete/infer/custom) # An instruction specifying what steps the new Identity Verification attempt should require the user to complete: `reset` - Restart the user at the beginning of the session, regardless of whether they successfully completed part of their previous session. `incomplete` - Start the new session at the step that the user failed in the previous session, skipping steps that have already been successfully completed. `infer` - If the most recent Identity Verification attempt associated with the given `client_user_id` has a status of `failed` or `expired`, retry using the `incomplete` strategy. Otherwise, use the `reset` strategy. `custom` - Start the new session with a custom configuration, specified by the value of the `steps` field Note: The `incomplete` strategy cannot be applied if the session's failing step is `screening` or `risk_check`. The `infer` strategy cannot be applied if the session's status is still `active`} @optional {user: map{email_address: str(email), phone_number: str, date_of_birth: str(date), name: map, address: map, id_number: map} # User information collected outside of Link, most likely via your own onboarding process. Each of the following identity fields are optional: `email_address` `phone_number` `date_of_birth` `name` `address` `id_number` Specifically, these fields are optional in that they can either be fully provided (satisfying every required field in their subschema) or omitted from the request entirely by not providing the key or value. Providing these fields via the API will result in Link skipping the data collection process for the associated user. All verification steps enabled in the associated Identity Verification Template will still be run. Verification steps will either be run immediately, or once the user completes the `accept_tos` step, depending on the value provided to the `gave_consent` field., steps: map{verify_sms!: bool, kyc_check!: bool, documentary_verification!: bool, selfie_check!: bool} # Instructions for the `custom` retry strategy specifying which steps should be required or skipped. Note: This field must be provided when the retry strategy is `custom` and must be omitted otherwise. Custom retries override settings in your Plaid Template. For example, if your Plaid Template has `verify_sms` disabled, a custom retry with `verify_sms` enabled will still require the step. The `selfie_check` step is currently not supported on the sandbox server. Sandbox requests will silently disable the `selfie_check` step when provided., is_shareable: bool # A flag specifying whether you would like Plaid to expose a shareable URL for the verification being retried. If a value for this flag is not specified, the `is_shareable` setting from the original verification attempt will be used.} @returns(200) {id: str, client_user_id: str, created_at: str(date-time), completed_at: str(date-time)?, previous_attempt_id: str?, shareable_url: str?, template: map{id: str, version: int}, user: map{phone_number: str?, date_of_birth: str(date)?, ip_address: str?, email_address: str(email)?, name: map?{given_name: str, family_name: str}, address: map?{street: str?, street2: str?, city: str?, region: str?, postal_code: str?, country: str}, id_number: map?{value: str, type: str}}, status: str, steps: map{accept_tos: str, verify_sms: str, kyc_check: str, documentary_verification: str, selfie_check: str, watchlist_screening: str, risk_check: str}, documentary_verification: map?{status: str, documents: [map]}, selfie_check: map?{status: str, selfies: [map]}, kyc_check: map?{status: str, address: map{summary: str, po_box: str, type: str, street: str, city: str, region: str, postal_code: str, international_details: map?{building: str, county: str, district: str, house_number: str, subpremise: str, thoroughfare: str}}, name: map{summary: str, given_name: str, family_name: str}, date_of_birth: map{summary: str, day: str, month: str, year: str}, id_number: map{summary: str}, phone_number: map{summary: str, area_code: str}}, risk_check: map?{status: str, behavior: map?{user_interactions: str, fraud_ring_detected: str, bot_detected: str, risk_level: str}, email: map?{is_deliverable: str, breach_count: int?, first_breached_at: str(date)?, last_breached_at: str(date)?, domain_registered_at: str(date)?, domain_is_free_provider: str, domain_is_custom: str, domain_is_disposable: str, top_level_domain_is_suspicious: str, linked_services: [str], risk_level: str, factors: [str]}, phone: map?{linked_services: [str], risk_level: str, factors: [str]}, devices: [map], identity_abuse_signals: map?{synthetic_identity: map?{score: int, risk_level: str, first_party_synthetic_fraud: map?, third_party_synthetic_fraud: map?}, stolen_identity: map?{score: int, risk_level: str}}, network: map?{risk_level: str, factors: [str]}, facial_duplicates: [map], trust_index_score: int?}, verify_sms: map?{status: str, verifications: [map]}, watchlist_screening_id: str?, beacon_user_id: str?, user_id: str?, redacted_at: str(date-time)?, latest_scored_protect_event: map?{event_id: str, timestamp: str(date-time), trust_index: map?{score: int, model: str, subscores: map?{device_and_connection: map?, bank_account_insights: map?}}, fraud_attributes: map?}, request_id: str} # OK @endgroup @group watchlist_screening @endpoint POST /watchlist_screening/entity/create @desc Create a watchlist screening for an entity @required {search_terms: map{entity_watchlist_program_id!: str, legal_name!: str, document_number: str, email_address: str(email), country: str, phone_number: str, url: str(uri)} # Search inputs for creating an entity watchlist screening} @optional {client_user_id: str # A unique ID that identifies the end user in your system. Either a `user_id` or the `client_user_id` must be provided. This ID can also be used to associate user-specific data from other Plaid products. Financial Account Matching requires this field and the `/link/token/create` `client_user_id` to be consistent. Personally identifiable information, such as an email address or phone number, should not be used in the `client_user_id`.} @returns(200) {id: str, search_terms: map{entity_watchlist_program_id: str, legal_name: str, document_number: str?, email_address: str(email)?, country: str?, phone_number: str?, url: str(uri)?, version: int}, assignee: str?, status: str, client_user_id: str?, audit_trail: map{source: str, dashboard_user_id: str?, timestamp: str(date-time)}, request_id: str} # OK @endpoint POST /watchlist_screening/entity/get @desc Get an entity screening @required {entity_watchlist_screening_id: str # ID of the associated entity screening.} @returns(200) {id: str, search_terms: map{entity_watchlist_program_id: str, legal_name: str, document_number: str?, email_address: str(email)?, country: str?, phone_number: str?, url: str(uri)?, version: int}, assignee: str?, status: str, client_user_id: str?, audit_trail: map{source: str, dashboard_user_id: str?, timestamp: str(date-time)}, request_id: str} # OK @endpoint POST /watchlist_screening/entity/history/list @desc List history for entity watchlist screenings @required {entity_watchlist_screening_id: str # ID of the associated entity screening.} @optional {cursor: str # An identifier that determines which page of results you receive.} @returns(200) {entity_watchlist_screenings: [map], next_cursor: str?, request_id: str} # OK @endpoint POST /watchlist_screening/entity/hit/list @desc List hits for entity watchlist screenings @required {entity_watchlist_screening_id: str # ID of the associated entity screening.} @optional {cursor: str # An identifier that determines which page of results you receive.} @returns(200) {entity_watchlist_screening_hits: [map], next_cursor: str?, request_id: str} # OK @endpoint POST /watchlist_screening/entity/list @desc List entity watchlist screenings @required {entity_watchlist_program_id: str # ID of the associated entity program.} @optional {client_user_id: str # A unique ID that identifies the end user in your system. Either a `user_id` or the `client_user_id` must be provided. This ID can also be used to associate user-specific data from other Plaid products. Financial Account Matching requires this field and the `/link/token/create` `client_user_id` to be consistent. Personally identifiable information, such as an email address or phone number, should not be used in the `client_user_id`., status: str(rejected/pending_review/cleared) # A status enum indicating whether a screening is still pending review, has been rejected, or has been cleared., assignee: str # ID of the associated user. To retrieve the email address or other details of the person corresponding to this id, use `/dashboard_user/get`., cursor: str # An identifier that determines which page of results you receive.} @returns(200) {entity_watchlist_screenings: [map], next_cursor: str?, request_id: str} # OK @endpoint POST /watchlist_screening/entity/program/get @desc Get entity watchlist screening program @required {entity_watchlist_program_id: str # ID of the associated entity program.} @returns(200) {id: str, created_at: str(date-time), is_rescanning_enabled: bool, lists_enabled: [str], name: str, name_sensitivity: str, audit_trail: map{source: str, dashboard_user_id: str?, timestamp: str(date-time)}, is_archived: bool, request_id: str} # OK @endpoint POST /watchlist_screening/entity/program/list @desc List entity watchlist screening programs @optional {cursor: str # An identifier that determines which page of results you receive.} @returns(200) {entity_watchlist_programs: [map], next_cursor: str?, request_id: str} # OK @endpoint POST /watchlist_screening/entity/review/create @desc Create a review for an entity watchlist screening @required {confirmed_hits: [str] # Hits to mark as a true positive after thorough manual review. These hits will never recur or be updated once dismissed. In most cases, confirmed hits indicate that the customer should be rejected., dismissed_hits: [str] # Hits to mark as a false positive after thorough manual review. These hits will never recur or be updated once dismissed., entity_watchlist_screening_id: str # ID of the associated entity screening.} @optional {comment: str # A comment submitted by a team member as part of reviewing a watchlist screening.} @returns(200) {id: str, confirmed_hits: [str], dismissed_hits: [str], comment: str?, audit_trail: map{source: str, dashboard_user_id: str?, timestamp: str(date-time)}, request_id: str} # OK @endpoint POST /watchlist_screening/entity/review/list @desc List reviews for entity watchlist screenings @required {entity_watchlist_screening_id: str # ID of the associated entity screening.} @optional {cursor: str # An identifier that determines which page of results you receive.} @returns(200) {entity_watchlist_screening_reviews: [map], next_cursor: str?, request_id: str} # OK @endpoint POST /watchlist_screening/entity/update @desc Update an entity screening @required {entity_watchlist_screening_id: str # ID of the associated entity screening.} @optional {search_terms: map{entity_watchlist_program_id!: str, legal_name: str, document_number: str, email_address: str(email), country: str, phone_number: str, url: str(uri)} # Search terms for editing an entity watchlist screening, assignee: str # ID of the associated user. To retrieve the email address or other details of the person corresponding to this id, use `/dashboard_user/get`., status: str(rejected/pending_review/cleared) # A status enum indicating whether a screening is still pending review, has been rejected, or has been cleared., client_user_id: str # A unique ID that identifies the end user in your system. Either a `user_id` or the `client_user_id` must be provided. This ID can also be used to associate user-specific data from other Plaid products. Financial Account Matching requires this field and the `/link/token/create` `client_user_id` to be consistent. Personally identifiable information, such as an email address or phone number, should not be used in the `client_user_id`., reset_fields: [str] # A list of fields to reset back to null} @returns(200) {id: str, search_terms: map{entity_watchlist_program_id: str, legal_name: str, document_number: str?, email_address: str(email)?, country: str?, phone_number: str?, url: str(uri)?, version: int}, assignee: str?, status: str, client_user_id: str?, audit_trail: map{source: str, dashboard_user_id: str?, timestamp: str(date-time)}, request_id: str} # OK @endpoint POST /watchlist_screening/individual/create @desc Create a watchlist screening for a person @required {search_terms: map{watchlist_program_id!: str, legal_name!: str, date_of_birth: str(date), document_number: str, country: str} # Search inputs for creating a watchlist screening} @optional {client_user_id: str # A unique ID that identifies the end user in your system. Either a `user_id` or the `client_user_id` must be provided. This ID can also be used to associate user-specific data from other Plaid products. Financial Account Matching requires this field and the `/link/token/create` `client_user_id` to be consistent. Personally identifiable information, such as an email address or phone number, should not be used in the `client_user_id`.} @returns(200) {id: str, search_terms: map{watchlist_program_id: str, legal_name: str, date_of_birth: str(date)?, document_number: str?, country: str?, version: int}, assignee: str?, status: str, client_user_id: str?, audit_trail: map{source: str, dashboard_user_id: str?, timestamp: str(date-time)}, request_id: str} # OK @endpoint POST /watchlist_screening/individual/get @desc Retrieve an individual watchlist screening @required {watchlist_screening_id: str # ID of the associated screening.} @returns(200) {id: str, search_terms: map{watchlist_program_id: str, legal_name: str, date_of_birth: str(date)?, document_number: str?, country: str?, version: int}, assignee: str?, status: str, client_user_id: str?, audit_trail: map{source: str, dashboard_user_id: str?, timestamp: str(date-time)}, request_id: str} # OK @endpoint POST /watchlist_screening/individual/history/list @desc List history for individual watchlist screenings @required {watchlist_screening_id: str # ID of the associated screening.} @optional {cursor: str # An identifier that determines which page of results you receive.} @returns(200) {watchlist_screenings: [map], next_cursor: str?, request_id: str} # OK @endpoint POST /watchlist_screening/individual/hit/list @desc List hits for individual watchlist screening @required {watchlist_screening_id: str # ID of the associated screening.} @optional {cursor: str # An identifier that determines which page of results you receive.} @returns(200) {watchlist_screening_hits: [map], next_cursor: str?, request_id: str} # OK @endpoint POST /watchlist_screening/individual/list @desc List Individual Watchlist Screenings @required {watchlist_program_id: str # ID of the associated program.} @optional {client_user_id: str # A unique ID that identifies the end user in your system. Either a `user_id` or the `client_user_id` must be provided. This ID can also be used to associate user-specific data from other Plaid products. Financial Account Matching requires this field and the `/link/token/create` `client_user_id` to be consistent. Personally identifiable information, such as an email address or phone number, should not be used in the `client_user_id`., status: str(rejected/pending_review/cleared) # A status enum indicating whether a screening is still pending review, has been rejected, or has been cleared., assignee: str # ID of the associated user. To retrieve the email address or other details of the person corresponding to this id, use `/dashboard_user/get`., cursor: str # An identifier that determines which page of results you receive.} @returns(200) {watchlist_screenings: [map], next_cursor: str?, request_id: str} # OK @endpoint POST /watchlist_screening/individual/program/get @desc Get individual watchlist screening program @required {watchlist_program_id: str # ID of the associated program.} @returns(200) {id: str, created_at: str(date-time), is_rescanning_enabled: bool, lists_enabled: [str], name: str, name_sensitivity: str, audit_trail: map{source: str, dashboard_user_id: str?, timestamp: str(date-time)}, is_archived: bool, request_id: str} # OK @endpoint POST /watchlist_screening/individual/program/list @desc List individual watchlist screening programs @optional {cursor: str # An identifier that determines which page of results you receive.} @returns(200) {watchlist_programs: [map], next_cursor: str?, request_id: str} # OK @endpoint POST /watchlist_screening/individual/review/create @desc Create a review for an individual watchlist screening @required {confirmed_hits: [str] # Hits to mark as a true positive after thorough manual review. These hits will never recur or be updated once dismissed. In most cases, confirmed hits indicate that the customer should be rejected., dismissed_hits: [str] # Hits to mark as a false positive after thorough manual review. These hits will never recur or be updated once dismissed., watchlist_screening_id: str # ID of the associated screening.} @optional {comment: str # A comment submitted by a team member as part of reviewing a watchlist screening.} @returns(200) {id: str, confirmed_hits: [str], dismissed_hits: [str], comment: str?, audit_trail: map{source: str, dashboard_user_id: str?, timestamp: str(date-time)}, request_id: str} # OK @endpoint POST /watchlist_screening/individual/review/list @desc List reviews for individual watchlist screenings @required {watchlist_screening_id: str # ID of the associated screening.} @optional {cursor: str # An identifier that determines which page of results you receive.} @returns(200) {watchlist_screening_reviews: [map], next_cursor: str?, request_id: str} # OK @endpoint POST /watchlist_screening/individual/update @desc Update individual watchlist screening @required {watchlist_screening_id: str # ID of the associated screening.} @optional {search_terms: map{watchlist_program_id: str, legal_name: str, date_of_birth: str(date), document_number: str, country: str} # Search terms for editing an individual watchlist screening, assignee: str # ID of the associated user. To retrieve the email address or other details of the person corresponding to this id, use `/dashboard_user/get`., status: str(rejected/pending_review/cleared) # A status enum indicating whether a screening is still pending review, has been rejected, or has been cleared., client_user_id: str # A unique ID that identifies the end user in your system. Either a `user_id` or the `client_user_id` must be provided. This ID can also be used to associate user-specific data from other Plaid products. Financial Account Matching requires this field and the `/link/token/create` `client_user_id` to be consistent. Personally identifiable information, such as an email address or phone number, should not be used in the `client_user_id`., reset_fields: [str] # A list of fields to reset back to null} @returns(200) {id: str, search_terms: map{watchlist_program_id: str, legal_name: str, date_of_birth: str(date)?, document_number: str?, country: str?, version: int}, assignee: str?, status: str, client_user_id: str?, audit_trail: map{source: str, dashboard_user_id: str?, timestamp: str(date-time)}, request_id: str} # OK @endgroup @group beacon @endpoint POST /beacon/account_risk/v1/evaluate @desc Evaluate risk of a bank account @optional {access_token: str # The access token associated with the Item data is being requested for., options: map{account_ids: [str]} # An optional object to filter `/beacon/account_risk/v1/evaluate` results to a subset of the accounts on the linked Item., client_user_id: str # A unique ID that identifies the end user in your system. This ID is used to correlate requests by a user with multiple evaluations and/or multiple linked accounts. Personally identifiable information, such as an email address or phone number, should not be used in the `client_user_id`., client_evaluation_id: str # Unique identifier of what you are looking to evaluate (account add, information change, etc.) to allow us to tie the activity to the decisions and possible fraud outcome sent via our feedback endpoints. You can use your internal request ID or similar., evaluation_reason: str(ONBOARDING/NEW_ACCOUNT/INFORMATION_CHANGE/DORMANT_USER/OTHER) # Description of the reason you want to evaluate risk. `ONBOARDING`: user links a first bank account as part of the onboarding flow of your platform. `NEW_ACCOUNT`: user links another bank account or replaces the currently linked bank account on your platform. `INFORMATION_CHANGE`: user changes their information on your platform, e.g., updating their phone number. `DORMANT_USER`: you decide to re-evaluate a user that becomes active after a period of inactivity. `OTHER`: any other reasons not listed here Possible values: `ONBOARDING`, `NEW_ACCOUNT`, `INFORMATION_CHANGE`, `DORMANT_USER`, `OTHER`, device: map{ip_address: str, user_agent: str} # Details about the end user's device. These fields are optional, but strongly recommended to increase the accuracy of results when using Signal Transaction Scores. When using a Balance-only Ruleset, these fields are ignored if the Signal Addendum has been signed; if it has not been signed, using these fields will result in an error., evaluate_time: str # The time the event for evaluation has occurred. Populate this field for backfilling data. If you don’t populate this field, we’ll use the timestamp at the time of receipt. Use ISO 8601 format (YYYY-MM-DDTHH:mm:ssZ).} @returns(200) {request_id: str, accounts: [map]} # OK @endpoint POST /beacon/user/create @desc Create a Beacon User @required {program_id: str # ID of the associated Beacon Program., client_user_id: str # A unique ID that identifies the end user in your system. Either a `user_id` or the `client_user_id` must be provided. This ID can also be used to associate user-specific data from other Plaid products. Financial Account Matching requires this field and the `/link/token/create` `client_user_id` to be consistent. Personally identifiable information, such as an email address or phone number, should not be used in the `client_user_id`., user: map{date_of_birth: str(date), name!: map, address: map, email_address: str(email), phone_number: str, id_number: map, ip_address: str, depository_accounts: [map]} # A Beacon User's data which is used to check against duplicate records and the Beacon Fraud Network. In order to create a Beacon User, in addition to the `name`, _either_ the `date_of_birth` _or_ the `depository_accounts` field must be provided.} @optional {access_tokens: [str] # Send this array of access tokens to link accounts to the Beacon User and have them evaluated for Account Insights. A maximum of 50 accounts total can be added to a single Beacon User.} @returns(200) {item_ids: [str], id: str, version: int, created_at: str(date-time), updated_at: str(date-time), status: str, program_id: str, client_user_id: str, user: map{date_of_birth: str(date), name: map{given_name: str, family_name: str}, address: map{street: str, street2: str?, city: str, region: str?, postal_code: str?, country: str}, email_address: str(email)?, phone_number: str?, id_number: map?{value: str, type: str}, ip_address: str?, depository_accounts: [map]}, audit_trail: map{source: str, dashboard_user_id: str?, timestamp: str(date-time)}, request_id: str} # OK @endpoint POST /beacon/user/get @desc Get a Beacon User @required {beacon_user_id: str # ID of the associated Beacon User.} @returns(200) {item_ids: [str], id: str, version: int, created_at: str(date-time), updated_at: str(date-time), status: str, program_id: str, client_user_id: str, user: map{date_of_birth: str(date), name: map{given_name: str, family_name: str}, address: map{street: str, street2: str?, city: str, region: str?, postal_code: str?, country: str}, email_address: str(email)?, phone_number: str?, id_number: map?{value: str, type: str}, ip_address: str?, depository_accounts: [map]}, audit_trail: map{source: str, dashboard_user_id: str?, timestamp: str(date-time)}, request_id: str} # OK @endpoint POST /beacon/user/review @desc Review a Beacon User @required {beacon_user_id: str # ID of the associated Beacon User., status: str(rejected/pending_review/cleared) # A status of a Beacon User. `rejected`: The Beacon User has been rejected for fraud. Users can be automatically or manually rejected. `pending_review`: The Beacon User has been marked for review. `cleared`: The Beacon User has been cleared of fraud.} @returns(200) {item_ids: [str], id: str, version: int, created_at: str(date-time), updated_at: str(date-time), status: str, program_id: str, client_user_id: str, user: map{date_of_birth: str(date), name: map{given_name: str, family_name: str}, address: map{street: str, street2: str?, city: str, region: str?, postal_code: str?, country: str}, email_address: str(email)?, phone_number: str?, id_number: map?{value: str, type: str}, ip_address: str?, depository_accounts: [map]}, audit_trail: map{source: str, dashboard_user_id: str?, timestamp: str(date-time)}, request_id: str} # OK @endpoint POST /beacon/report/create @desc Create a Beacon Report @required {beacon_user_id: str # ID of the associated Beacon User., type: str(first_party/stolen/synthetic/account_takeover/data_breach/unknown) # The type of Beacon Report. `first_party`: If this is the same individual as the one who submitted the KYC. `stolen`: If this is a different individual from the one who submitted the KYC. `synthetic`: If this is an individual using fabricated information. `account_takeover`: If this individual's account was compromised. `unknown`: If you aren't sure who committed the fraud., fraud_date: str(date) # A date in the format YYYY-MM-DD (RFC 3339 Section 5.6).} @optional {fraud_amount: map{iso_currency_code!: str, value!: num(double)} # The amount and currency of the fraud or attempted fraud. `fraud_amount` should be omitted to indicate an unknown fraud amount.} @returns(200) {id: str, beacon_user_id: str, created_at: str(date-time), type: str, fraud_date: str(date)?, event_date: str(date), fraud_amount: map?{iso_currency_code: str, value: num(double)}, audit_trail: map{source: str, dashboard_user_id: str?, timestamp: str(date-time)}, request_id: str} # OK @endpoint POST /beacon/report/list @desc List Beacon Reports for a Beacon User @required {beacon_user_id: str # ID of the associated Beacon User.} @optional {cursor: str # An identifier that determines which page of results you receive.} @returns(200) {beacon_reports: [map], next_cursor: str?, request_id: str} # OK @endpoint POST /beacon/report_syndication/list @desc List Beacon Report Syndications for a Beacon User @required {beacon_user_id: str # ID of the associated Beacon User.} @optional {cursor: str # An identifier that determines which page of results you receive.} @returns(200) {beacon_report_syndications: [map], next_cursor: str?, request_id: str} # OK @endpoint POST /beacon/report/get @desc Get a Beacon Report @required {beacon_report_id: str # ID of the associated Beacon Report.} @returns(200) {id: str, beacon_user_id: str, created_at: str(date-time), type: str, fraud_date: str(date)?, event_date: str(date), fraud_amount: map?{iso_currency_code: str, value: num(double)}, audit_trail: map{source: str, dashboard_user_id: str?, timestamp: str(date-time)}, request_id: str} # OK @endpoint POST /beacon/report_syndication/get @desc Get a Beacon Report Syndication @required {beacon_report_syndication_id: str # ID of the associated Beacon Report Syndication.} @returns(200) {id: str, beacon_user_id: str, report: map{id: str?, created_at: str(date-time), type: str, fraud_date: str(date)?, event_date: str(date)}, analysis: map{address: str, date_of_birth: str, email_address: str, name: str, id_number: str, ip_address: str, phone_number: str, depository_accounts: [map]}, request_id: str} # OK @endpoint POST /beacon/user/update @desc Update the identity data of a Beacon User @required {beacon_user_id: str # ID of the associated Beacon User.} @optional {user: map{date_of_birth: str(date), name: map, address: map, email_address: str(email), phone_number: str, id_number: map, ip_address: str, depository_accounts: [map]} # A subset of a Beacon User's data which is used to patch the existing identity data associated with a Beacon User. At least one field must be provided. If left unset or null, user data will not be patched., access_tokens: [str] # Send this array of access tokens to add accounts to this user for evaluation. This will add accounts to this Beacon User. If left null only existing accounts will be returned in response. A maximum of 50 accounts total can be added to a Beacon User.} @returns(200) {item_ids: [str], id: str, version: int, created_at: str(date-time), updated_at: str(date-time), status: str, program_id: str, client_user_id: str, user: map{date_of_birth: str(date), name: map{given_name: str, family_name: str}, address: map{street: str, street2: str?, city: str, region: str?, postal_code: str?, country: str}, email_address: str(email)?, phone_number: str?, id_number: map?{value: str, type: str}, ip_address: str?, depository_accounts: [map]}, audit_trail: map{source: str, dashboard_user_id: str?, timestamp: str(date-time)}, request_id: str} # OK @endpoint POST /beacon/duplicate/get @desc Get a Beacon Duplicate @required {beacon_duplicate_id: str # ID of the associated Beacon Duplicate.} @returns(200) {id: str, beacon_user1: map{id: str, version: int}, beacon_user2: map{id: str, version: int}, analysis: map{address: str, date_of_birth: str, email_address: str, name: str, id_number: str, ip_address: str, phone_number: str}, request_id: str} # OK @endgroup @group identity_verification @endpoint POST /identity_verification/autofill/create @desc Create autofill for an Identity Verification @required {identity_verification_id: str # ID of the associated Identity Verification attempt.} @returns(200) {status: str, user: map?{name: map?{given_name: str, family_name: str}, address: map?{street: str, street2: str?, city: str?, region: str?, postal_code: str?, country: str, po_box: str, type: str}, id_number: map?{value: str, type: str}}, request_id: str} # OK @example_request {"identity_verification_id":"flwses_42cF1MNo42r9Xj"} @endgroup @group beacon @endpoint POST /beacon/user/history/list @desc List a Beacon User's history @required {beacon_user_id: str # ID of the associated Beacon User.} @optional {cursor: str # An identifier that determines which page of results you receive.} @returns(200) {beacon_users: [map], next_cursor: str?, request_id: str} # OK @endpoint POST /beacon/user/account_insights/get @desc Get Account Insights for a Beacon User @required {beacon_user_id: str # ID of the associated Beacon User., access_token: str # The access token associated with the Item data is being requested for.} @returns(200) {beacon_user_id: str, created_at: str(date-time), updated_at: str(date-time), bank_account_insights: map{item_id: str, accounts: [map]}, request_id: str} # OK @endgroup @group protect @endpoint POST /protect/user/insights/get @desc Get Protect user insights @optional {user_id: str # The Plaid User ID. Either `user_id` or `client_user_id` must be provided., client_user_id: str # A unique ID representing the end user. Either `user_id` or `client_user_id` must be provided.} @returns(200) {user_id: str, latest_scored_event: map?{event_id: str, timestamp: str(date-time), event_type: str, trust_index: map?{score: int, model: str, subscores: map?{device_and_connection: map?, bank_account_insights: map?}}, fraud_attributes: map?}, reports: [map], request_id: str} # OK @endpoint POST /protect/report/create @desc Create a Protect report @required {report_confidence: str(CONFIRMED/SUSPECTED) # The confidence level of the incident report. `CONFIRMED` indicates the incident has been verified and definitively occurred. `SUSPECTED` indicates the incident is believed to have occurred but has not been fully verified., report_type: str(USER_ACCOUNT_TAKEOVER/FALSE_IDENTITY/STOLEN_IDENTITY/SYNTHETIC_IDENTITY/MULTIPLE_USER_ACCOUNTS/SCAM_VICTIM/BANK_ACCOUNT_TAKEOVER/BANK_CONNECTION_REVOKED/CARD_TESTING/UNAUTHORIZED_TRANSACTION/CARD_CHARGEBACK/ACH_RETURN/DISPUTE/FIRST_PARTY_FRAUD/MISSED_PAYMENT/LOAN_STACKING/MONEY_LAUNDERING/NO_FRAUD/OTHER) # The type of incident being reported. `USER_ACCOUNT_TAKEOVER` - Indicates that a legitimate user's account was accessed or controlled by an unauthorized party. `FALSE_IDENTITY` - Indicates that a user created an account using stolen or fabricated identity information. `STOLEN_IDENTITY` - Indicates that a user created an account using identity information belonging to a real individual without their consent. `SYNTHETIC_IDENTITY` - Indicates that a user created an account using a fake or partially fabricated identity (e.g., combining real and fake information to form a new persona). `MULTIPLE_USER_ACCOUNTS` - Indicates that the same individual is operating multiple accounts in violation of policy. `SCAM_VICTIM` - Indicates that the user was tricked into authorizing or sending funds as part of a scam. `BANK_ACCOUNT_TAKEOVER` - Indicates that a user's linked bank account was accessed or misused by an unauthorized party. `BANK_CONNECTION_REVOKED` - Indicates that a linked bank account connection was revoked by the financial institution, often due to suspected misuse, fraud, or security concerns. `CARD_TESTING` - Indicates that a card was used in small or repeated transactions to test its validity. `UNAUTHORIZED_TRANSACTION` - Indicates that a transaction was made without the user's consent or authorization. `CARD_CHARGEBACK` - Indicates that a card transaction was reversed via a chargeback claim. `ACH_RETURN` - Indicates that an ACH transaction was returned or reversed by the bank. `DISPUTE` - Indicates that a user filed a dispute regarding a transaction or account activity. `FIRST_PARTY_FRAUD` - Indicates that a user intentionally misrepresented themselves or their actions for financial gain. `MISSED_PAYMENT` - Indicates that a user failed to make a required payment on time. `LOAN_STACKING` - Indicates that a user applied for or took out multiple loans simultaneously beyond their ability to repay. `MONEY_LAUNDERING` - Indicates that funds are being moved through accounts to obscure their illicit origin. `NO_FRAUD` - Indicates that an investigation determined no fraudulent activity occurred on user/event (positive label) `OTHER` - Indicates that the case involves fraud or financial risk not covered by other report types. Requires notes describing the report., report_source: str(INTERNAL_REVIEW/USER_SELF_REPORTED/BANK_FEEDBACK/NETWORK_FEEDBACK/AUTOMATED_SYSTEM/THIRD_PARTY_ALERT/OTHER) # The source that identified or reported the incident. `INTERNAL_REVIEW` - Incident was identified through internal fraud investigations or review processes. `USER_SELF_REPORTED` - Incident was reported directly by the affected user. `BANK_FEEDBACK` - Incident was identified through bank feedback, including ACH returns and connection revocations. `NETWORK_FEEDBACK` - Incident was identified through card network alerts or chargebacks. `AUTOMATED_SYSTEM` - Incident was detected by automated systems such as fraud models or rule engines. `THIRD_PARTY_ALERT` - Incident was identified through external vendor or consortium alerts. `OTHER` - Incident was identified through a source not covered by other categories.} @optional {user_id: str # The Plaid User ID associated with the report., incident_event: map{protect_event_id: str, link_session_id: str, idv_session_id: str, signal_client_transaction_id: str, internal_reference: str, time: str(date-time), amount: map, access_token: any} # details about the incident event., bank_account: map{account_id: str, account_number: str, routing_number: str} # Bank account information associated with the incident., ach_return_code: str # Must be a valid ACH return code (e.g. `R01`), required if `report_type` is `ACH_RETURN`., notes: str # Additional context or details about the report, required if `report_type` is `OTHER`.} @returns(200) {report_id: str, request_id: str} # OK @endpoint POST /protect/compute @desc Compute Protect Trust Index Score @required {model: str # The name of the Trust Index model to use for calculating the Trust Index Score, with a major.minor version suffix. Examples include `ti-link-session-2.0` and `ti-identity-2.0`. The model specified may require certain fields within `model_inputs`. For example, `ti-link-session-2.0` requires the `link` field to be provided in `model_inputs`., user: map{user_id: str, client_user_id: str} # Represents an end user for /protect/compute requests.} @optional {model_inputs: map{link: map, sdk: map} # Inputs for the Trust Index model. The `link` field is required for any link session model type.} @returns(200) {score: int?, model: str, attributes: map?, request_id: str} # OK @endpoint POST /protect/event/send @desc Send a new event to enrich user data @required {event: map{timestamp!: str(date-time), protect_session_id: str, app_visit: map, user_sign_in: map, user_sign_up: map} # Event data for Protect events.} @optional {timestamp: str(date-time) # Timestamp of the event. Might be the current moment or a time in the past. In [ISO 8601](https://wikipedia.org/wiki/ISO_8601) format, e.g. `"2017-09-14T14:42:19.350Z"`, protect_session_id: str # Protect Session ID should be provided for any event correlated with a frontend user session started via the Protect SDK., request_trust_index: bool # Whether this event should be scored with Trust Index. The default is false.} @returns(200) {event_id: str, trust_index: map?{score: int, model: str, subscores: map?{device_and_connection: map?{score: int}, bank_account_insights: map?{score: int}}}, fraud_attributes: map?, request_id: str} # OK @endpoint POST /protect/event/get @desc Get information about a user event @required {event_id: str # The event ID to retrieve information for.} @returns(200) {event_id: str, timestamp: str(date-time), trust_index: map?{score: int, model: str, subscores: map?{device_and_connection: map?{score: int}, bank_account_insights: map?{score: int}}}, fraud_attributes: map?, request_id: str} # OK @endgroup @group business_verification @endpoint POST /business_verification/get @desc Get a business verification @required {business_verification_id: str(cognito_id) # ID of the associated business verification.} @returns(200) {id: str(cognito_id), client_user_id: str, created_at: str(date-time), completed_at: str(date-time)?, redacted_at: str(date-time)?, status: str, search_terms: map{name: str?, address: map{street: str?, street2: str?, city: str?, region: str?, postal_code: str?, country: str}, website: str(uri)?, phone_number: str?, email_address: str(email)?}, kyb_check: map?{status: str, score: int, name: map{summary: str}, address: map{summary: str}, website: map{summary: str}, match_details: map?{name: str?, entity_type: str?, addresses: [map], phone_numbers: [map], email_addresses: [map], websites: [map], formation_date: str(date)?}}, risk_check: map?{status: str, score: int, industry_prediction: map?}, digital_presence_check: map?{status: str, score: int, address: map{summary: str}, phone_number: map{summary: str}, email_address: map{summary: str}, website: map{summary: str}, website_analysis: map?{is_parked: str, email_is_deliverable: str, website_build_status: str, whois_record: map{domain_created_at: str(date-time)?, domain_updated_at: str(date-time)?, domain_expires_at: str(date-time)?, registrar: str?}, ssl: map{is_valid: str}}}, request_id: str, shareable_url: str?} # OK @endpoint POST /business_verification/create @desc Create a business verification @required {client_user_id: str # A unique ID that identifies the end user in your system. Either a `user_id` or the `client_user_id` must be provided. This ID can also be used to associate user-specific data from other Plaid products. Financial Account Matching requires this field and the `/link/token/create` `client_user_id` to be consistent. Personally identifiable information, such as an email address or phone number, should not be used in the `client_user_id`.} @optional {business: map{name: str, address: map, website: str(uri), phone_number: str, email_address: str(email)} # Business information provided in the verification request} @returns(200) {id: str(cognito_id), client_user_id: str, created_at: str(date-time), completed_at: str(date-time)?, redacted_at: str(date-time)?, status: str, search_terms: map{name: str?, address: map{street: str?, street2: str?, city: str?, region: str?, postal_code: str?, country: str}, website: str(uri)?, phone_number: str?, email_address: str(email)?}, kyb_check: map?{status: str, score: int, name: map{summary: str}, address: map{summary: str}, website: map{summary: str}, match_details: map?{name: str?, entity_type: str?, addresses: [map], phone_numbers: [map], email_addresses: [map], websites: [map], formation_date: str(date)?}}, risk_check: map?{status: str, score: int, industry_prediction: map?}, digital_presence_check: map?{status: str, score: int, address: map{summary: str}, phone_number: map{summary: str}, email_address: map{summary: str}, website: map{summary: str}, website_analysis: map?{is_parked: str, email_is_deliverable: str, website_build_status: str, whois_record: map{domain_created_at: str(date-time)?, domain_updated_at: str(date-time)?, domain_expires_at: str(date-time)?, registrar: str?}, ssl: map{is_valid: str}}}, request_id: str, shareable_url: str?} # OK @endgroup @group processor @endpoint POST /processor/auth/get @desc Retrieve Auth data @required {processor_token: str # The processor token obtained from the Plaid integration partner. Processor tokens are in the format: `processor--`} @returns(200) {request_id: str, numbers: map{ach: any?, eft: any?, international: any?, bacs: any?}, account: map{account_id: str, balances: map{available: num(double)?, current: num(double)?, limit: num(double)?, iso_currency_code: str?, unofficial_currency_code: str?, last_updated_datetime: str(date-time)?}, mask: str?, name: str, official_name: str?, type: str, subtype: str?, verification_status: str, verification_name: str, verification_insights: map{name_match_score: int?, network_status: map{has_numbers_match: bool, is_numbers_match_verified: bool}, previous_returns: map{has_previous_administrative_return: bool}, account_number_format: str}, persistent_account_id: str, holder_category: str?}} # success @endpoint POST /processor/account/get @desc Retrieve the account associated with a processor token @required {processor_token: str # The processor token obtained from the Plaid integration partner. Processor tokens are in the format: `processor--`} @returns(200) {account: map{account_id: str, balances: map{available: num(double)?, current: num(double)?, limit: num(double)?, iso_currency_code: str?, unofficial_currency_code: str?, last_updated_datetime: str(date-time)?}, mask: str?, name: str, official_name: str?, type: str, subtype: str?, verification_status: str, verification_name: str, verification_insights: map{name_match_score: int?, network_status: map{has_numbers_match: bool, is_numbers_match_verified: bool}, previous_returns: map{has_previous_administrative_return: bool}, account_number_format: str}, persistent_account_id: str, holder_category: str?}, institution_id: str, request_id: str} # OK @endpoint POST /processor/investments/holdings/get @desc Retrieve Investment Holdings @required {processor_token: str # The processor token obtained from the Plaid integration partner. Processor tokens are in the format: `processor--`} @returns(200) {account: any, holdings: [map], securities: [map], is_investments_fallback_item: bool, request_id: str} # OK @endpoint POST /processor/investments/auth/get @desc Get investment account authentication data @required {processor_token: str # The processor token obtained from the Plaid integration partner. Processor tokens are in the format: `processor--`} @returns(200) {account: map{account_id: str, balances: map{available: num(double)?, current: num(double)?, limit: num(double)?, iso_currency_code: str?, unofficial_currency_code: str?, last_updated_datetime: str(date-time)?}, mask: str?, name: str, official_name: str?, type: str, subtype: str?, verification_status: str, verification_name: str, verification_insights: map{name_match_score: int?, network_status: map{has_numbers_match: bool, is_numbers_match_verified: bool}, previous_returns: map{has_previous_administrative_return: bool}, account_number_format: str}, persistent_account_id: str, holder_category: str?}, holdings: [map], securities: [map], owners: [map], numbers: map{acats: [map], aton: [map], retirement_401k: [map]}, data_sources: map{numbers: str, owners: str, holdings: str}, account_details_401k: [map], is_investments_fallback_item: bool, request_id: str} # success @endpoint POST /processor/investments/transactions/get @desc Get investment transactions data @required {processor_token: str # The processor token obtained from the Plaid integration partner. Processor tokens are in the format: `processor--`, start_date: str(date) # The earliest date for which data should be returned. Dates should be formatted as YYYY-MM-DD., end_date: str(date) # The latest date for which data should be returned. Dates should be formatted as YYYY-MM-DD.} @optional {options: map{account_ids: [str], count: int, offset: int, async_update: bool} # An optional object to filter `/investments/transactions/get` results. If provided, must be non-`null`.} @returns(200) {account: any, investment_transactions: [map], securities: [map], total_investment_transactions: int, request_id: str, is_investments_fallback_item: bool} # OK @endpoint POST /processor/transactions/get @desc Get transaction data @required {processor_token: str # The processor token obtained from the Plaid integration partner. Processor tokens are in the format: `processor--`, start_date: str(date) # The earliest date for which data should be returned. Dates should be formatted as YYYY-MM-DD., end_date: str(date) # The latest date for which data should be returned. Dates should be formatted as YYYY-MM-DD.} @optional {options: map{count: int, offset: int, include_original_description: bool, include_personal_finance_category_beta: bool, include_personal_finance_category: bool, include_logo_and_counterparty_beta: bool} # An optional object to be used with the request. If specified, `options` must not be `null`.} @returns(200) {account: map{account_id: str, balances: map{available: num(double)?, current: num(double)?, limit: num(double)?, iso_currency_code: str?, unofficial_currency_code: str?, last_updated_datetime: str(date-time)?}, mask: str?, name: str, official_name: str?, type: str, subtype: str?, verification_status: str, verification_name: str, verification_insights: map{name_match_score: int?, network_status: map{has_numbers_match: bool, is_numbers_match_verified: bool}, previous_returns: map{has_previous_administrative_return: bool}, account_number_format: str}, persistent_account_id: str, holder_category: str?}, transactions: [any], total_transactions: int, request_id: str} # OK @endpoint POST /processor/transactions/sync @desc Get incremental transaction updates on a processor token @required {processor_token: str # The processor token obtained from the Plaid integration partner. Processor tokens are in the format: `processor--`} @optional {cursor: str # The cursor value represents the last update requested. Providing it will cause the response to only return changes after this update. If omitted, the entire history of updates will be returned, starting with the first-added transactions on the item. Note: The upper-bound length of this cursor is 256 characters of base64., count: int=100 # The number of transaction updates to fetch., options: map{include_original_description: bool, include_personal_finance_category: bool, include_logo_and_counterparty_beta: bool, personal_finance_category_version: str, days_requested: int, account_id: str} # An optional object to be used with the request. If specified, `options` must not be `null`.} @returns(200) {transactions_update_status: str, account: map?, added: [any], modified: [any], removed: [map], next_cursor: str, has_more: bool, request_id: str} # OK @endpoint POST /processor/transactions/refresh @desc Refresh transaction data @required {processor_token: str # The processor token obtained from the Plaid integration partner. Processor tokens are in the format: `processor--`} @returns(200) {request_id: str} # OK @endpoint POST /processor/transactions/recurring/get @desc Fetch recurring transaction streams @required {processor_token: str # The processor token obtained from the Plaid integration partner. Processor tokens are in the format: `processor--`} @optional {options: map{include_personal_finance_category: bool, personal_finance_category_version: str} # An optional object to be used with the request. If specified, `options` must not be `null`.} @returns(200) {inflow_streams: [map], outflow_streams: [map], updated_datetime: str(date-time), personal_finance_category_version: str, request_id: str} # OK @endpoint POST /processor/signal/evaluate @desc Evaluate a planned ACH transaction @required {processor_token: str # The processor token obtained from the Plaid integration partner. Processor tokens are in the format: `processor--`, client_transaction_id: str # The unique ID that you would like to use to refer to this transaction. For your convenience mapping your internal data, you could use your internal ID/identifier for this transaction. The max length for this field is 36 characters., amount: num(double) # The transaction amount, in USD (e.g. `102.05`)} @optional {user_present: bool # `true` if the end user is present while initiating the ACH transfer and the endpoint is being called; `false` otherwise (for example, when the ACH transfer is scheduled and the end user is not present, or you call this endpoint after the ACH transfer but before submitting the Nacha file for ACH processing)., client_user_id: str # A unique ID that identifies the end user in your system. This ID is used to correlate requests by a user with multiple Items. Personally identifiable information, such as an email address or phone number, should not be used in the `client_user_id`., is_recurring: bool # **true** if the ACH transaction is a recurring transaction; **false** otherwise, default_payment_method: str # The default ACH or non-ACH payment method to complete the transaction. `SAME_DAY_ACH`: Same Day ACH by Nacha. The debit transaction is processed and settled on the same day. `STANDARD_ACH`: standard ACH by Nacha. `MULTIPLE_PAYMENT_METHODS`: if there is no default debit rail or there are multiple payment methods. Possible values: `SAME_DAY_ACH`, `STANDARD_ACH`, `MULTIPLE_PAYMENT_METHODS`, user: map{name: map, phone_number: str, email_address: str, address: map} # Details about the end user initiating the transaction (i.e., the account holder). These fields are optional, but strongly recommended to increase the accuracy of results when using Signal Transaction Scores. When using a Balance-only ruleset, if the Signal Addendum has been signed, these fields are ignored; if the Addendum has not been signed, using these fields will result in an error., device: map{ip_address: str, user_agent: str} # Details about the end user's device. These fields are optional, but strongly recommended to increase the accuracy of results when using Signal Transaction Scores. When using a Balance-only Ruleset, these fields are ignored if the Signal Addendum has been signed; if it has not been signed, using these fields will result in an error., ruleset_key: str # The key of the ruleset to use for this transaction. You can configure a ruleset using the Plaid Dashboard, under [Signal->Rules](https://dashboard.plaid.com/signal/risk-profiles). If not provided, for customers who began using Signal Transaction Scores before October 15, 2025, by default, no ruleset will be used; for customers who began using Signal Transaction Scores after that date, or for Balance customers, the `default` ruleset will be used. For more details, or to opt out of using a ruleset, see [Signal Rules](https://plaid.com/docs/signal/signal-rules/).} @returns(200) {request_id: str, scores: map?{customer_initiated_return_risk: map{score: int, risk_tier: int}, bank_initiated_return_risk: map{score: int, risk_tier: int}}, core_attributes: map{unauthorized_transactions_count_7d: int?, unauthorized_transactions_count_30d: int?, unauthorized_transactions_count_60d: int?, unauthorized_transactions_count_90d: int?, nsf_overdraft_transactions_count_7d: int?, nsf_overdraft_transactions_count_30d: int?, nsf_overdraft_transactions_count_60d: int?, nsf_overdraft_transactions_count_90d: int?, days_since_first_plaid_connection: int?, plaid_connections_count_7d: int?, plaid_connections_count_30d: int?, total_plaid_connections_count: int?, is_savings_or_money_market_account: bool?, total_credit_transactions_amount_10d: num(double)?, total_debit_transactions_amount_10d: num(double)?, p50_credit_transactions_amount_28d: num(double)?, p50_debit_transactions_amount_28d: num(double)?, p95_credit_transactions_amount_28d: num(double)?, p95_debit_transactions_amount_28d: num(double)?, days_with_negative_balance_count_90d: int?, p90_eod_balance_30d: num(double)?, p90_eod_balance_60d: num(double)?, p90_eod_balance_90d: num(double)?, p10_eod_balance_30d: num(double)?, p10_eod_balance_60d: num(double)?, p10_eod_balance_90d: num(double)?, available_balance: num(double)?, current_balance: num(double)?, balance_last_updated: str(date-time)?, phone_change_count_28d: int?, phone_change_count_90d: int?, email_change_count_28d: int?, email_change_count_90d: int?, address_change_count_28d: int?, address_change_count_90d: int?, plaid_non_oauth_authentication_attempts_count_3d: int?, plaid_non_oauth_authentication_attempts_count_7d: int?, plaid_non_oauth_authentication_attempts_count_30d: int?, failed_plaid_non_oauth_authentication_attempts_count_3d: int?, failed_plaid_non_oauth_authentication_attempts_count_7d: int?, failed_plaid_non_oauth_authentication_attempts_count_30d: int?, debit_transactions_count_10d: int?, credit_transactions_count_10d: int?, debit_transactions_count_30d: int?, credit_transactions_count_30d: int?, debit_transactions_count_60d: int?, credit_transactions_count_60d: int?, debit_transactions_count_90d: int?, credit_transactions_count_90d: int?, total_debit_transactions_amount_30d: num(double)?, total_credit_transactions_amount_30d: num(double)?, total_debit_transactions_amount_60d: num(double)?, total_credit_transactions_amount_60d: num(double)?, total_debit_transactions_amount_90d: num(double)?, total_credit_transactions_amount_90d: num(double)?, p50_eod_balance_30d: num(double)?, p50_eod_balance_60d: num(double)?, p50_eod_balance_90d: num(double)?, p50_eod_balance_31d_to_60d: num(double)?, p50_eod_balance_61d_to_90d: num(double)?, p90_eod_balance_31d_to_60d: num(double)?, p90_eod_balance_61d_to_90d: num(double)?, p10_eod_balance_31d_to_60d: num(double)?, p10_eod_balance_61d_to_90d: num(double)?, transactions_last_updated: str(date-time)?, is_account_closed: bool?, is_account_frozen_or_restricted: bool?, distinct_ip_addresses_count_3d: int?, distinct_ip_addresses_count_7d: int?, distinct_ip_addresses_count_30d: int?, distinct_ip_addresses_count_90d: int?, distinct_user_agents_count_3d: int?, distinct_user_agents_count_7d: int?, distinct_user_agents_count_30d: int?, distinct_user_agents_count_90d: int?, distinct_ssl_tls_connection_sessions_count_3d: int?, distinct_ssl_tls_connection_sessions_count_7d: int?, distinct_ssl_tls_connection_sessions_count_30d: int?, distinct_ssl_tls_connection_sessions_count_90d: int?, days_since_account_opening: int?, balance_to_transaction_amount_ratio: num(double)?}, ruleset: map?{ruleset_key: str, result: str, triggered_rule_details: map?{internal_note: str, custom_action_key: str}, outcome: str}, warnings: [map]} # OK @endpoint POST /processor/signal/decision/report @desc Report whether you initiated an ACH transaction @required {processor_token: str # The processor token obtained from the Plaid integration partner. Processor tokens are in the format: `processor--`, client_transaction_id: str # Must be the same as the `client_transaction_id` supplied when calling `/processor/signal/evaluate`, initiated: bool # `true` if the ACH transaction was initiated, `false` otherwise. This field must be returned as a boolean. If formatted incorrectly, this will result in an [`INVALID_FIELD`](https://plaid.com/docs/errors/invalid-request/#invalid_field) error.} @optional {days_funds_on_hold: int # The actual number of days (hold time) since the ACH debit transaction that you wait before making funds available to your customers. The holding time could affect the ACH return rate. For example, use 0 if you make funds available to your customers instantly or the same day following the debit transaction, or 1 if you make funds available the next day following the debit initialization., decision_outcome: str(APPROVE/REVIEW/REJECT/TAKE_OTHER_RISK_MEASURES/NOT_EVALUATED) # The payment decision from the risk assessment. `APPROVE`: approve the transaction without requiring further actions from your customers. For example, use this field if you are placing a standard hold for all the approved transactions before making funds available to your customers. You should also use this field if you decide to accelerate the fund availability for your customers. `REVIEW`: the transaction requires manual review `REJECT`: reject the transaction `TAKE_OTHER_RISK_MEASURES`: for example, placing a longer hold on funds than those approved transactions or introducing customer frictions such as step-up verification/authentication `NOT_EVALUATED`: if only logging the results without using them, payment_method: str(SAME_DAY_ACH/NEXT_DAY_ACH/STANDARD_ACH/MULTIPLE_PAYMENT_METHODS) # The payment method to complete the transaction after the risk assessment. It may be different from the default payment method. `SAME_DAY_ACH`: Same Day ACH by Nacha. The debit transaction is processed and settled on the same day. `STANDARD_ACH`: Standard ACH by Nacha. `MULTIPLE_PAYMENT_METHODS`: if there is no default debit rail or there are multiple payment methods., amount_instantly_available: num(double) # The amount (in USD) made available to your customers instantly following the debit transaction. It could be a partial amount of the requested transaction (example: 102.05).} @returns(200) {request_id: str} # OK @endpoint POST /processor/signal/return/report @desc Report a return for an ACH transaction @required {processor_token: str # The processor token obtained from the Plaid integration partner. Processor tokens are in the format: `processor--`, client_transaction_id: str # Must be the same as the `client_transaction_id` supplied when calling `/processor/signal/evaluate`, return_code: str # Must be a valid ACH return code (e.g. "R01") If formatted incorrectly, this will result in an [`INVALID_FIELD`](https://plaid.com/docs/errors/invalid-request/#invalid_field) error.} @optional {returned_at: str(date-time) # Date and time when you receive the returns from your payment processors, in ISO 8601 format (`YYYY-MM-DDTHH:mm:ssZ`).} @returns(200) {request_id: str} # OK @endpoint POST /processor/signal/prepare @desc Opt-in a processor token to Signal @required {processor_token: str # The processor token obtained from the Plaid integration partner. Processor tokens are in the format: `processor--`} @returns(200) {request_id: str} # OK @endpoint POST /processor/bank_transfer/create @desc Create a bank transfer as a processor @required {idempotency_key: str # A random key provided by the client, per unique bank transfer. Maximum of 50 characters. The API supports idempotency for safely retrying requests without accidentally performing the same operation twice. For example, if a request to create a bank transfer fails due to a network connection error, you can retry the request with the same idempotency key to guarantee that only a single bank transfer is created., processor_token: str # The processor token obtained from the Plaid integration partner. Processor tokens are in the format: `processor--`, type: str(debit/credit) # The type of bank transfer. This will be either `debit` or `credit`. A `debit` indicates a transfer of money into the origination account; a `credit` indicates a transfer of money out of the origination account., network: str(ach/same-day-ach/wire) # The network or rails used for the transfer. Valid options are `ach`, `same-day-ach`, or `wire`., amount: str # The amount of the bank transfer (decimal string with two digits of precision e.g. "10.00")., iso_currency_code: str # The currency of the transfer amount – should be set to "USD"., description: str # The transfer description. Maximum of 10 characters., user: map{legal_name!: str, email_address: str, routing_number: str} # The legal name and other information for the account holder.} @optional {ach_class: str(ccd/ppd/tel/web) # Specifies the use case of the transfer. Required for transfers on an ACH network. For more details, see [ACH SEC codes](https://plaid.com/docs/transfer/creating-transfers/#ach-sec-codes). Codes supported for credits: `ccd`, `ppd` Codes supported for debits: `ccd`, `tel`, `web` `"ccd"` - Corporate Credit or Debit - fund transfer between two corporate bank accounts `"ppd"` - Prearranged Payment or Deposit - The transfer is part of a pre-existing relationship with a consumer. Authorization was obtained in writing either in person or via an electronic document signing, e.g. Docusign, by the consumer. Can be used for credits or debits. `"web"` - Internet-Initiated Entry. The transfer debits a consumer’s bank account. Authorization from the consumer is obtained over the Internet (e.g. a web or mobile application). Can be used for single debits or recurring debits. `"tel"` - Telephone-Initiated Entry. The transfer debits a consumer. Debit authorization has been received orally over the telephone via a recorded call., custom_tag: str # An arbitrary string provided by the client for storage with the bank transfer. May be up to 100 characters., metadata: map # The Metadata object is a mapping of client-provided string fields to any string value. The following limitations apply: The JSON values must be Strings (no nested JSON objects allowed) Only ASCII characters may be used Maximum of 50 key/value pairs Maximum key length of 40 characters Maximum value length of 500 characters, origination_account_id: str # Plaid’s unique identifier for the origination account for this transfer. If you have more than one origination account, this value must be specified.} @returns(200) {bank_transfer: map{id: str, ach_class: str, account_id: str, type: str, user: map{legal_name: str, email_address: str?, routing_number: str}, amount: str, iso_currency_code: str, description: str, created: str(date-time), status: str, network: str, cancellable: bool, failure_reason: map?{ach_return_code: str?, description: str}, custom_tag: str?, metadata: map?, origination_account_id: str, direction: str?}, request_id: str} # OK @endpoint POST /processor/liabilities/get @desc Retrieve Liabilities data @required {processor_token: str # The processor token obtained from the Plaid integration partner. Processor tokens are in the format: `processor--`} @returns(200) {account: map{account_id: str, balances: map{available: num(double)?, current: num(double)?, limit: num(double)?, iso_currency_code: str?, unofficial_currency_code: str?, last_updated_datetime: str(date-time)?}, mask: str?, name: str, official_name: str?, type: str, subtype: str?, verification_status: str, verification_name: str, verification_insights: map{name_match_score: int?, network_status: map{has_numbers_match: bool, is_numbers_match_verified: bool}, previous_returns: map{has_previous_administrative_return: bool}, account_number_format: str}, persistent_account_id: str, holder_category: str?}, liabilities: map{credit: [map]?, mortgage: [map]?, student: [map]?}, request_id: str} # OK @endpoint POST /processor/identity/get @desc Retrieve Identity data @required {processor_token: str # The processor token obtained from the Plaid integration partner. Processor tokens are in the format: `processor--`} @returns(200) {account: any, request_id: str} # OK @endpoint POST /processor/identity/match @desc Retrieve identity match score @required {processor_token: str # The processor token obtained from the Plaid integration partner. Processor tokens are in the format: `processor--`} @optional {user: map{legal_name: str, phone_number: str, email_address: str, address: any} # The user's legal name, phone number, email address and address used to perform fuzzy match. If Financial Account Matching is enabled in the Identity Verification product, leave this field empty to automatically match against PII collected from the Identity Verification checks.} @returns(200) {account: any, request_id: str} # OK @endpoint POST /processor/balance/get @desc Retrieve Balance data @required {processor_token: str # The processor token obtained from the Plaid integration partner. Processor tokens are in the format: `processor--`} @optional {options: map{min_last_updated_datetime: str(date-time)} # Optional parameters to `/processor/balance/get`.} @returns(200) {account: map{account_id: str, balances: map{available: num(double)?, current: num(double)?, limit: num(double)?, iso_currency_code: str?, unofficial_currency_code: str?, last_updated_datetime: str(date-time)?}, mask: str?, name: str, official_name: str?, type: str, subtype: str?, verification_status: str, verification_name: str, verification_insights: map{name_match_score: int?, network_status: map{has_numbers_match: bool, is_numbers_match_verified: bool}, previous_returns: map{has_previous_administrative_return: bool}, account_number_format: str}, persistent_account_id: str, holder_category: str?}, request_id: str} # OK @endgroup @group item @endpoint POST /item/webhook/update @desc Update Webhook URL @required {access_token: str # The access token associated with the Item data is being requested for.} @optional {webhook: str(url) # The new webhook URL to associate with the Item. To remove a webhook from an Item, set to `null`.} @returns(200) {item: map{item_id: str, institution_id: str?, institution_name: str?, webhook: str?, auth_method: str?, error: map?{error_type: str, error_code: str, error_code_reason: str?, error_message: str, display_message: str?, request_id: str, causes: [any], status: int?, documentation_url: str, suggested_action: str?, required_account_subtypes: [str], provided_account_subtypes: [str]}, available_products: [str], billed_products: [str], products: [str], consented_products: [str], consent_expiration_time: str(date-time)?, update_type: str}, request_id: str} # OK @endpoint POST /item/access_token/invalidate @desc Invalidate access_token @required {access_token: str # The access token associated with the Item data is being requested for.} @returns(200) {new_access_token: str, request_id: str} # OK @endgroup @group webhook_verification_key @endpoint POST /webhook_verification_key/get @desc Get webhook verification key @required {key_id: str # The key ID ( `kid` ) from the JWT header.} @returns(200) {key: map{alg: str, crv: str, kid: str, kty: str, use: str, x: str, y: str, created_at: int, expired_at: int?}, request_id: str} # OK @endgroup @group liabilities @endpoint POST /liabilities/get @desc Retrieve Liabilities data @required {access_token: str # The access token associated with the Item data is being requested for.} @optional {options: map{account_ids: [str]} # An optional object to filter `/liabilities/get` results. If provided, `options` cannot be null.} @returns(200) {accounts: [map], item: map{item_id: str, institution_id: str?, institution_name: str?, webhook: str?, auth_method: str?, error: map?{error_type: str, error_code: str, error_code_reason: str?, error_message: str, display_message: str?, request_id: str, causes: [any], status: int?, documentation_url: str, suggested_action: str?, required_account_subtypes: [str], provided_account_subtypes: [str]}, available_products: [str], billed_products: [str], products: [str], consented_products: [str], consent_expiration_time: str(date-time)?, update_type: str}, liabilities: map{credit: [map]?, mortgage: [map]?, student: [map]?}, request_id: str} # OK @endgroup @group payment_initiation @endpoint POST /payment_initiation/recipient/create @desc Create payment recipient @required {name: str # The name of the recipient. We recommend using strings of length 18 or less and avoid special characters to ensure compatibility with all institutions.} @optional {iban: str # The International Bank Account Number (IBAN) for the recipient. If BACS data is not provided, an IBAN is required., bacs: any # An object containing a BACS account number and sort code. If an IBAN is not provided or if this recipient needs to accept domestic GBP-denominated payments, BACS data is required., address: map{street!: [str], city!: str, postal_code!: str, country!: str} # The optional address of the payment recipient's bank account. Required by most institutions outside of the UK.} @returns(200) {recipient_id: str, request_id: str} # OK @endpoint POST /payment_initiation/payment/reverse @desc Reverse an existing payment @required {payment_id: str # The ID of the payment to reverse, idempotency_key: str # A random key provided by the client, per unique wallet transaction. Maximum of 128 characters. The API supports idempotency for safely retrying requests without accidentally performing the same operation twice. If a request to execute a wallet transaction fails due to a network connection error, then after a minimum delay of one minute, you can retry the request with the same idempotency key to guarantee that only a single wallet transaction is created. If the request was successfully processed, it will prevent any transaction that uses the same idempotency key, and was received within 24 hours of the first request, from being processed., reference: str # A reference for the refund. This must be an alphanumeric string with 6 to 18 characters and must not contain any special characters or spaces.} @optional {amount: any # The amount and currency of a payment, counterparty_date_of_birth: str(date) # The counterparty's birthdate, in [ISO 8601](https://wikipedia.org/wiki/ISO_8601) (YYYY-MM-DD) format., counterparty_address: map{street!: [str], city!: str, postal_code!: str, country!: str} # The optional address of the payment recipient's bank account. Required by most institutions outside of the UK.} @returns(200) {refund_id: str, status: str, request_id: str} # OK @endpoint POST /payment_initiation/recipient/get @desc Get payment recipient @required {recipient_id: str # The ID of the recipient} @returns(200) OK @endpoint POST /payment_initiation/recipient/list @desc List payment recipients @optional {count: int=100 # The maximum number of recipients to return. If `count` is not specified, a maximum of 100 recipients will be returned, beginning with the recipient at the cursor (if specified)., cursor: str # A value representing the latest recipient to be included in the response. Set this from `next_cursor` received from the previous `/payment_initiation/recipient/list` request. If provided, the response will only contain that recipient and recipients created before it. If omitted, the response will contain recipients starting from the most recent, and in descending order by the `created_at` time.} @returns(200) {recipients: [map], request_id: str, next_cursor: str} # OK @endpoint POST /payment_initiation/payment/create @desc Create a payment @required {recipient_id: str # The ID of the recipient the payment is for., reference: str # A reference for the payment. This must be an alphanumeric string with at most 18 characters and must not contain any special characters (since not all institutions support them). In order to track settlement via Payment Confirmation, each payment must have a unique reference. If the reference provided through the API is not unique, Plaid will adjust it. Some institutions may limit the reference to less than 18 characters. If necessary, Plaid will adjust the reference by truncating it to fit the institution's requirements. Both the originally provided and automatically adjusted references (if any) can be found in the `reference` and `adjusted_reference` fields, respectively., amount: map{currency!: str, value!: num(double)} # The amount and currency of a payment} @optional {schedule: any # The schedule that the payment will be executed on. If a schedule is provided, the payment is automatically set up as a standing order. If no schedule is specified, the payment will be executed only once., options: map{request_refund_details: bool, iban: str, bacs: any, scheme: str} # Additional payment options} @returns(200) {payment_id: str, status: str, request_id: str} # OK @endpoint POST /payment_initiation/payment/token/create @desc Create payment token @required {payment_id: str # The `payment_id` returned from `/payment_initiation/payment/create`.} @returns(200) {payment_token: str, payment_token_expiration_time: str(date-time), request_id: str} # OK @endpoint POST /payment_initiation/consent/create @desc Create payment consent @required {recipient_id: str # The ID of the recipient the payment consent is for. The created consent can be used to transfer funds to this recipient only., reference: str # A reference for the payment consent. This must be an alphanumeric string with at most 18 characters and must not contain any special characters., constraints: map{valid_date_time: map, max_payment_amount!: any, periodic_amounts!: [map]} # Limitations that will be applied to payments initiated using the payment consent.} @optional {scopes: [str] # An array of payment consent scopes., type: str(SWEEPING/COMMERCIAL) # Payment consent type. Defines possible use case for payments made with the given consent. `SWEEPING`: Allows moving money between accounts owned by the same user. `COMMERCIAL`: Allows initiating payments from the user's account to third parties., options: map{request_refund_details: bool, iban: str, bacs: any} # (Deprecated) Additional payment consent options. Please use `payer_details` to specify the account., payer_details: map{name!: str, numbers!: map, address: map, date_of_birth: str(date), phone_numbers: [str], emails: [str]} # An object representing the payment consent payer details. Payer `name` and account `numbers` are required to lock the account to which the consent can be created.} @returns(200) {consent_id: str, status: str, request_id: str} # OK @endpoint POST /payment_initiation/consent/get @desc Get payment consent @required {consent_id: str # The `consent_id` returned from `/payment_initiation/consent/create`.} @returns(200) OK @endpoint POST /payment_initiation/consent/revoke @desc Revoke payment consent @required {consent_id: str # The consent ID.} @returns(200) {request_id: str} # OK @endpoint POST /payment_initiation/consent/payment/execute @desc Execute a single payment using consent @required {consent_id: str # The consent ID., amount: map{currency!: str, value!: num(double)} # The amount and currency of a payment, idempotency_key: str # A random key provided by the client, per unique consent payment. Maximum of 128 characters. The API supports idempotency for safely retrying requests without accidentally performing the same operation twice. If a request to execute a consent payment fails due to a network connection error, you can retry the request with the same idempotency key to guarantee that only a single payment is created. If the request was successfully processed, it will prevent any payment that uses the same idempotency key, and was received within 48 hours of the first request, from being processed.} @optional {reference: str # A reference for the payment. This must be an alphanumeric string with at most 18 characters and must not contain any special characters (since not all institutions support them). If not provided, Plaid will automatically fall back to the reference from consent. In order to track settlement via Payment Confirmation, each payment must have a unique reference. If the reference provided through the API is not unique, Plaid will adjust it. Some institutions may limit the reference to less than 18 characters. If necessary, Plaid will adjust the reference by truncating it to fit the institution's requirements. Both the originally provided and automatically adjusted references (if any) can be found in the `reference` and `adjusted_reference` fields, respectively., scope: any, processing_mode: str(ASYNC/IMMEDIATE) # Decides the mode under which the payment processing should be performed, using `IMMEDIATE` as default. `IMMEDIATE`: Will immediately execute the payment, waiting for a response from the ASPSP before returning the result of the payment initiation. This is ideal for user-present flows. `ASYNC`: Will accept a payment execution request and schedule it for processing, immediately returning the new `payment_id`. Listen for webhooks to obtain real-time updates on the payment status. This is ideal for non user-present flows.} @returns(200) {payment_id: str, status: str, request_id: str, error: map?{error_type: str, error_code: str, error_code_reason: str?, error_message: str, display_message: str?, request_id: str, causes: [any], status: int?, documentation_url: str, suggested_action: str?, required_account_subtypes: [str], provided_account_subtypes: [str]}} # OK @endgroup @group sandbox @endpoint POST /sandbox/item/reset_login @desc Force a Sandbox Item into an error state @required {access_token: str # The access token associated with the Item data is being requested for.} @returns(200) {reset_login: bool, request_id: str} # OK @endpoint POST /sandbox/item/set_verification_status @desc Set verification status for Sandbox account @required {access_token: str # The access token associated with the Item data is being requested for., account_id: str # The `account_id` of the account whose verification status is to be modified, verification_status: str(automatically_verified/verification_expired) # The verification status to set the account to.} @returns(200) {request_id: str} # OK @endpoint POST /sandbox/user/reset_login @desc Force item(s) for a Sandbox User into an error state @optional {user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis)., item_ids: [str] # An array of `item_id`s associated with the User to be reset. If empty or `null`, this field will default to resetting all Items associated with the User., user_id: str # A unique user identifier, created by `/user/create`. Integrations that began using `/user/create` after December 10, 2025 use this field to identify a user instead of the `user_token`. For more details, see [new user APIs](https://plaid.com/docs/api/users/user-apis).} @returns(200) {request_id: str} # OK @endgroup @group item @endpoint POST /item/public_token/exchange @desc Exchange public token for an access token @required {public_token: str # Your `public_token`, obtained from the Link `onSuccess` callback or `/sandbox/item/public_token/create`.} @returns(200) {access_token: str, item_id: str, request_id: str} # OK @endpoint POST /item/public_token/create @desc Create public token @required {access_token: str # The access token associated with the Item data is being requested for.} @returns(200) {public_token: str, expiration: str(date-time), request_id: str} # OK @endgroup @group user @endpoint POST /user/create @desc Create user @required {client_user_id: str # A unique ID representing the end user. Maximum of 128 characters. Typically this will be a user ID number from your application. Personally identifiable information, such as an email address or phone number, should not be used in the `client_user_id`.} @optional {Plaid-New-User-API-Enabled: bool=false # The HTTP header used in API requests to determine which set of User APIs to invoke: the legacy CRA version or the new User API version., identity: map{name: map, date_of_birth: str(date), emails: [map], phone_numbers: [map], addresses: [map], id_numbers: [map]} # The identity fields associated with a user. For a user to be eligible for a Plaid Check Consumer Report, all fields are required except `id_number`. Providing a partial SSN is strongly recommended, and improves the accuracy of matching user records during compliance processes such as file disclosure, dispute, or security freeze requests. If creating a report that will be shared with GSEs such as Fannie or Freddie, a full Social Security Number must be provided via the `id_number` field., end_customer: str # A unique ID representing a CRA reseller's end customer. Maximum of 128 characters., consumer_report_user_identity: map{first_name!: str, last_name!: str, phone_numbers!: [str], emails!: [str], ssn_full: str, ssn_last_4: str, date_of_birth!: str(date), primary_address!: map} # This field is only used by integrations created before December 10, 2025. All other integrations must use the `identity` object instead. For more details, see [new user APIs](https://plaid.com/docs/api/users/user-apis). To create a Plaid Check Consumer Report for a user when using a `user_token`, this field must be present. If this field is not provided during user token creation, you can add it to the user later by calling `/user/update`. Once the field has been added to the user, you will be able to call `/link/token/create` with a non-empty `consumer_report_permissible_purpose` (which will automatically create a Plaid Check Consumer Report), or call `/cra/check_report/create` for that user., with_upgraded_user: bool # If your integration with the User API predates December 10, 2025, set this field to `true` to opt into the [new User API](https://plaid.com/docs/api/users/user-apis/). When enabled, you can use the `identity` field instead of `consumer_report_user_identity`.} @returns(200) {user_token: str, user_id: str, request_id: str} # OK @returns(201) {user_token: str, user_id: str, request_id: str} # Created @endpoint POST /user/get @desc Retrieve user identity and information @required {user_id: str # A unique user identifier, created by `/user/create`. Integrations that began using `/user/create` after December 10, 2025 use this field to identify a user instead of the `user_token`. For more details, see [new user APIs](https://plaid.com/docs/api/users/user-apis).} @optional {Plaid-New-User-API-Enabled: bool=false # The HTTP header used in API requests to determine which set of User APIs to invoke: the legacy CRA version or the new User API version.} @returns(200) {request_id: str, user_id: str, client_user_id: str?, created_at: str(date-time), updated_at: str(date-time), identity: map?{name: map?{given_name: str, family_name: str}, date_of_birth: str(date)?, emails: [map], phone_numbers: [map], addresses: [map], id_numbers: [map]}} # OK @endpoint POST /user/identity/remove @desc Remove user identity data @required {user_id: str # A unique user identifier, created by `/user/create`. Integrations that began using `/user/create` after December 10, 2025 use this field to identify a user instead of the `user_token`. For more details, see [new user APIs](https://plaid.com/docs/api/users/user-apis).} @optional {Plaid-New-User-API-Enabled: bool=false # The HTTP header used in API requests to determine which set of User APIs to invoke: the legacy CRA version or the new User API version.} @returns(200) {request_id: str} # OK @endpoint POST /user/update @desc Update user information @optional {Plaid-New-User-API-Enabled: bool=false # The HTTP header used in API requests to determine which set of User APIs to invoke: the legacy CRA version or the new User API version., user_id: str # A unique user identifier, created by `/user/create`. Integrations that began using `/user/create` after December 10, 2025 use this field to identify a user instead of the `user_token`. For more details, see [new user APIs](https://plaid.com/docs/api/users/user-apis)., identity: map{name: map, date_of_birth: str(date), emails: [map], phone_numbers: [map], addresses: [map], id_numbers: [map]} # The identity fields associated with a user. For a user to be eligible for a Plaid Check Consumer Report, all fields are required except `id_number`. Providing a partial SSN is strongly recommended, and improves the accuracy of matching user records during compliance processes such as file disclosure, dispute, or security freeze requests. If creating a report that will be shared with GSEs such as Fannie or Freddie, a full Social Security Number must be provided via the `id_number` field., user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis)., consumer_report_user_identity: map{first_name!: str, last_name!: str, phone_numbers!: [str], emails!: [str], ssn_full: str, ssn_last_4: str, date_of_birth!: str(date), primary_address!: map} # This field is only used by integrations created before December 10, 2025. All other integrations must use the `identity` object instead. For more details, see [new user APIs](https://plaid.com/docs/api/users/user-apis). To create a Plaid Check Consumer Report for a user when using a `user_token`, this field must be present. If this field is not provided during user token creation, you can add it to the user later by calling `/user/update`. Once the field has been added to the user, you will be able to call `/link/token/create` with a non-empty `consumer_report_permissible_purpose` (which will automatically create a Plaid Check Consumer Report), or call `/cra/check_report/create` for that user.} @returns(200) {request_id: str} # OK @endpoint POST /user/remove @desc Remove user @optional {Plaid-New-User-API-Enabled: bool=false # The HTTP header used in API requests to determine which set of User APIs to invoke: the legacy CRA version or the new User API version., user_id: str # A unique user identifier, created by `/user/create`. Integrations that began using `/user/create` after December 10, 2025 use this field to identify a user instead of the `user_token`. For more details, see [new user APIs](https://plaid.com/docs/api/users/user-apis)., user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis).} @returns(200) {request_id: str} # OK @endpoint POST /user/products/terminate @desc Terminate user-based products @required {user_id: str # A unique user identifier, created by `/user/create`. Integrations that began using `/user/create` after December 10, 2025 use this field to identify a user instead of the `user_token`. For more details, see [new user APIs](https://plaid.com/docs/api/users/user-apis).} @optional {products: [str] # An optional list of user-based products to terminate. If not provided, all user-based products will be terminated.} @returns(200) {request_id: str} # OK @example_request {"user_id":"usr_8c3ZbDBYjaqUXZ"} @endpoint POST /user/items/get @desc Get Items associated with a User @optional {user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis)., user_id: str # A unique user identifier, created by `/user/create`. Integrations that began using `/user/create` after December 10, 2025 use this field to identify a user instead of the `user_token`. For more details, see [new user APIs](https://plaid.com/docs/api/users/user-apis).} @returns(200) {items: [map], request_id: str} # OK @endpoint POST /user/items/associate @desc Associate Items to a User @required {user_id: str # A unique user identifier, created by `/user/create`. Integrations that began using `/user/create` after December 10, 2025 use this field to identify a user instead of the `user_token`. For more details, see [new user APIs](https://plaid.com/docs/api/users/user-apis)., item_ids: [str] # An array of `item_id`s to be associated with the `user_id`.} @returns(200) {request_id: str} # OK @endpoint POST /user/items/remove @desc Remove Items from a User @required {item_ids: [str] # An array of `item_id`s to be deleted. All Items for removal must be currently associated with the provided `user_id` or `user_token`. Otherwise, the entire operation will error and no Items will be deleted.} @optional {user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis)., user_id: str # A unique user identifier, created by `/user/create`. Integrations that began using `/user/create` after December 10, 2025 use this field to identify a user instead of the `user_token`. For more details, see [new user APIs](https://plaid.com/docs/api/users/user-apis).} @returns(200) {request_id: str} # OK @endpoint POST /user/third_party_token/create @desc Create a third-party user token @required {third_party_client_id: str # The Plaid API `client_id` of the third-party client the token will be shared with. The token will only be valid for the specified client.} @optional {user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis)., expiration_time: str(date-time) # The expiration date and time for the third-party user token in [ISO 8601](https://wikipedia.org/wiki/ISO_8601) format (`YYYY-MM-DDThh:mm:ssZ`). The expiration is restricted to a maximum of 24 hours from the token's creation time. If not provided, the token will automatically expire after 24 hours., user_id: str # A unique user identifier, created by `/user/create`. Integrations that began using `/user/create` after December 10, 2025 use this field to identify a user instead of the `user_token`. For more details, see [new user APIs](https://plaid.com/docs/api/users/user-apis).} @returns(200) {request_id: str, third_party_user_token: str} # OK @endpoint POST /user/third_party_token/remove @desc Remove a third-party user token @required {third_party_user_token: str # The third-party user token associated with the requested User data.} @returns(200) {removed: bool, request_id: str} # OK @endgroup @group credit @endpoint POST /credit/sessions/get @desc Retrieve Link sessions for your user @required {user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis).} @returns(200) {sessions: [map], request_id: str} # OK @endgroup @group payment_initiation @endpoint POST /payment_initiation/payment/get @desc Get payment details @required {payment_id: str # The `payment_id` returned from `/payment_initiation/payment/create`.} @returns(200) OK @endpoint POST /payment_initiation/payment/list @desc List payments @optional {count: int=10 # The maximum number of payments to return. If `count` is not specified, a maximum of 10 payments will be returned, beginning with the most recent payment before the cursor (if specified)., cursor: str(date-time) # A string in RFC 3339 format (i.e. "2019-12-06T22:35:49Z"). Only payments created before the cursor will be returned., consent_id: str # The consent ID. If specified, only payments, executed using this consent, will be returned.} @returns(200) {payments: [map], next_cursor: str(date-time)?, request_id: str} # OK @endgroup @group investments @endpoint POST /investments/holdings/get @desc Get Investment holdings @required {access_token: str # The access token associated with the Item data is being requested for.} @optional {options: map{account_ids: [str]} # An optional object to filter `/investments/holdings/get` results. If provided, must not be `null`.} @returns(200) {accounts: [any], holdings: [map], securities: [map], item: map{item_id: str, institution_id: str?, institution_name: str?, webhook: str?, auth_method: str?, error: map?{error_type: str, error_code: str, error_code_reason: str?, error_message: str, display_message: str?, request_id: str, causes: [any], status: int?, documentation_url: str, suggested_action: str?, required_account_subtypes: [str], provided_account_subtypes: [str]}, available_products: [str], billed_products: [str], products: [str], consented_products: [str], consent_expiration_time: str(date-time)?, update_type: str}, request_id: str, is_investments_fallback_item: bool} # OK @endpoint POST /investments/transactions/get @desc Get investment transactions @required {access_token: str # The access token associated with the Item data is being requested for., start_date: str(date) # The earliest date for which to fetch transaction history. Dates should be formatted as YYYY-MM-DD., end_date: str(date) # The most recent date for which to fetch transaction history. Dates should be formatted as YYYY-MM-DD.} @optional {options: map{account_ids: [str], count: int, offset: int, async_update: bool} # An optional object to filter `/investments/transactions/get` results. If provided, must be non-`null`.} @returns(200) {item: map{item_id: str, institution_id: str?, institution_name: str?, webhook: str?, auth_method: str?, error: map?{error_type: str, error_code: str, error_code_reason: str?, error_message: str, display_message: str?, request_id: str, causes: [any], status: int?, documentation_url: str, suggested_action: str?, required_account_subtypes: [str], provided_account_subtypes: [str]}, available_products: [str], billed_products: [str], products: [str], consented_products: [str], consent_expiration_time: str(date-time)?, update_type: str}, accounts: [any], securities: [map], investment_transactions: [map], total_investment_transactions: int, request_id: str, is_investments_fallback_item: bool} # OK @endpoint POST /investments/refresh @desc Refresh investment data @required {access_token: str # The access token associated with the Item data is being requested for.} @returns(200) {request_id: str} # OK @endpoint POST /investments/auth/get @desc Get data needed to authorize an investments transfer @required {access_token: str # The access token associated with the Item data is being requested for.} @optional {options: map{account_ids: [str]} # An optional object to filter `/investments/auth/get` results.} @returns(200) {accounts: [any], holdings: [map], securities: [map], owners: [map], numbers: map{acats: [map], aton: [map], retirement_401k: [map]}, data_sources: map{numbers: str, owners: str, holdings: str}, account_details_401k: [map], item: map{item_id: str, institution_id: str?, institution_name: str?, webhook: str?, auth_method: str?, error: map?{error_type: str, error_code: str, error_code_reason: str?, error_message: str, display_message: str?, request_id: str, causes: [any], status: int?, documentation_url: str, suggested_action: str?, required_account_subtypes: [str], provided_account_subtypes: [str]}, available_products: [str], billed_products: [str], products: [str], consented_products: [str], consent_expiration_time: str(date-time)?, update_type: str}, request_id: str} # OK @endgroup @group processor @endpoint POST /processor/token/create @desc Create processor token @required {access_token: str # The access token associated with the Item data is being requested for., account_id: str # The `account_id` value obtained from the `onSuccess` callback in Link, processor: str(dwolla/galileo/modern_treasury/ocrolus/vesta/drivewealth/vopay/achq/check/checkbook/circle/sila_money/rize/svb_api/unit/wyre/lithic/alpaca/astra/moov/treasury_prime/marqeta/checkout/solid/highnote/gemini/apex_clearing/gusto/adyen/atomic/i2c/wepay/riskified/utb/adp_roll/fortress_trust/bond/bakkt/teal/zero_hash/taba_pay/knot/sardine/alloy/finix/nuvei/layer/boom/paynote/stake/wedbush/esusu/ansa/scribeup/straddle/loanpro/bloom_credit/sfox/brale/parafin/cardless/open_ledger/valon/gainbridge/cardlytics/pinwheel/thread_bank/array/fiant/oatfi/curinos) # The processor you are integrating with.} @returns(200) {processor_token: str, request_id: str} # OK @endpoint POST /processor/token/permissions/set @desc Control a processor's access to products @required {processor_token: str # The processor token obtained from the Plaid integration partner. Processor tokens are in the format: `processor--`, products: [str] # A list of products the processor token should have access to. An empty list will grant access to all products.} @returns(200) {request_id: str} # OK @endpoint POST /processor/token/permissions/get @desc Get a processor token's product permissions @required {processor_token: str # The processor token obtained from the Plaid integration partner. Processor tokens are in the format: `processor--`} @returns(200) {request_id: str, products: [str]} # OK @endpoint POST /processor/token/webhook/update @desc Update a processor token's webhook URL @required {processor_token: str # The processor token obtained from the Plaid integration partner. Processor tokens are in the format: `processor--`, webhook: str(url) # The new webhook URL to associate with the processor token. To remove a webhook from a processor token, set to `null`.} @returns(200) {request_id: str} # OK @endpoint POST /processor/stripe/bank_account_token/create @desc Create Stripe bank account token @required {access_token: str # The access token associated with the Item data is being requested for., account_id: str # The `account_id` value obtained from the `onSuccess` callback in Link} @returns(200) {stripe_bank_account_token: str, request_id: str} # OK @endpoint POST /processor/apex/processor_token/create @desc Create Apex bank account token @required {access_token: str # The access token associated with the Item data is being requested for., account_id: str # The `account_id` value obtained from the `onSuccess` callback in Link} @returns(200) {processor_token: str, request_id: str} # OK @endgroup @group item @endpoint POST /item/import @desc Import Item @required {products: [str] # Array of product strings, user_auth: map{user_id!: str, auth_token!: str} # Object of user ID and auth token pair, permitting Plaid to aggregate a user’s accounts} @optional {institution_id: str # The Plaid Institution ID associated with the Item., options: map{webhook: str(url)} # An optional object to configure `/item/import` request.} @returns(200) {access_token: str, request_id: str} # OK @endgroup @group link @endpoint POST /link/token/create @desc Create Link Token @required {client_name: str # The name of your application, as it should be displayed in Link. Maximum length of 30 characters. If a value longer than 30 characters is provided, Link will display "This Application" instead., language: str # The language that Link should be displayed in. When initializing with Identity Verification, this field is not used; for more details, see [Identity Verification supported languages](https://plaid.com/docs/identity-verification/#supported-languages). Supported languages are: - Danish (`'da'`) - Dutch (`'nl'`) - English (`'en'`) - Estonian (`'et'`) - French (`'fr'`) - German (`'de'`) - Hindi (`'hi'`) - Italian (`'it'`) - Latvian (`'lv'`) - Lithuanian (`'lt'`) - Norwegian (`'no'`) - Polish (`'pl'`) - Portuguese (`'pt'`) - Romanian (`'ro'`) - Spanish (`'es'`) - Swedish (`'sv'`) - Vietnamese (`'vi'`) When using a Link customization, the language configured here must match the setting in the customization, or the customization will not be applied., country_codes: [str] # Specify an array of Plaid-supported country codes using the ISO-3166-1 alpha-2 country code standard. Institutions from all listed countries will be shown. For a complete mapping of supported products by country, see https://plaid.com/global/. For access to additional countries beyond what you have been approved for, [contact Sales](https://plaid.com/contact/), your account manager, or support. If using Identity Verification, `country_codes` should be set to the country where your company is based, not the country where your user is located. For all other products, `country_codes` represents the location of your user's financial institution. If Link is launched with multiple country codes, only products that you are enabled for in all countries will be used by Link. While all countries are enabled by default in Sandbox, in Production only the countries you have requested access for are shown. To request access to additional countries, [file a product access Support ticket](https://dashboard.plaid.com/support/new/product-and-development/product-troubleshooting/request-product-access) via the Plaid dashboard. If using a Link customization, make sure the country codes in the customization match those specified in `country_codes`, or the customization may not be applied. If using the Auth features Instant Match, Instant Micro-deposits, Same-day Micro-deposits, Automated Micro-deposits, or Database Auth, `country_codes` must be set to `['US']`.} @optional {user: map{client_user_id!: str, legal_name: str, name: any, phone_number: str, phone_number_verified_time: str(date-time), email_address: str, email_address_verified_time: str(date-time), ssn: str, date_of_birth: str(date), address: any, id_number: any} # An object specifying information about the end user who will be linking their account. **Required** if `user_id` isn't included., user_id: str # A `user_id` generated using `/user/create`. Required for integrations that began using Plaid Protect, Multi-Item Link, or Plaid Check Consumer Report after December 10, 2025. For more details, see [new User APIs](https://plaid.com/docs/api/users/user-apis). One of either the `user_id` or the `user` field is required., products: [str] # List of Plaid product(s) that the linked Item must support. If launching Link in update mode, should be omitted (unless you are using update mode to add a credit product, such as Assets, Statements, Income, or Plaid Check Consumer Report, to an existing Item); at least one `product` is required otherwise. To maximize the number of institutions and accounts available, initialize Link with the minimal product set required for your use case, as the products specified will limit which institutions and account types will be available to your users in Link. Only institutions that support *all* requested products can be selected; if a user attempts to select an institution that does not support a listed product, a "Connectivity not supported" error message will appear in Link. For each specified product, the Item connected by the user must contain at least one compatible account. For details on compatible product / account type combinations, see [the account type/product support matrix](https://plaid.com/docs/api/accounts/#account-type--product-support-matrix). To add products without limiting the institution list or account types, use the [`optional_products`](https://plaid.com/docs/api/link/#link-token-create-request-optional-products) or [`required_if_supported_products`](https://plaid.com/docs/api/link/#link-token-create-request-required-if-supported-products) fields. Products can also be added to an Item by calling the product endpoint after obtaining an access token; this may require the product to be listed in the [`additional_consented_products`](https://plaid.com/docs/api/link/#link-token-create-request-additional-consented-products) array. For details, see [Choosing when to initialize products](https://plaid.com/docs/link/initializing-products/). `balance` is *not* a valid value, the Balance product does not require explicit initialization and will automatically be initialized when any other product is initialized. If launching Link with CRA products, `cra_base_reports` is required and must be included in the `products` array. Note that, unless you have opted to disable Instant Match support, institutions that support Instant Match will also be shown in Link if `auth` is specified as a product, even though these institutions do not contain `auth` in their product array. In Production, you will be billed for each product that you specify when initializing Link. Note that a product cannot be removed from an Item once the Item has been initialized with that product. To stop billing on an Item for subscription-based products, such as Liabilities, Investments, and Transactions, remove the Item via `/item/remove`., required_if_supported_products: [str] # List of Plaid product(s) you wish to use only if the institution and account(s) selected by the user support the product. Institutions that do not support these products will still be shown in Link. The products will only be extracted and billed if the user selects an institution and account type that supports them. There should be no overlap between this array and the `products`, `optional_products`, or `additional_consented_products` arrays. The `products` array must have at least one product. For more details on using this feature, see [Required if Supported Products](https://plaid.com/docs/link/initializing-products/#required-if-supported-products)., optional_products: [str] # List of Plaid product(s) that will enhance the consumer's use case, but that your app can function without. Plaid will attempt to fetch data for these products on a best-effort basis, and failure to support these products will not affect Item creation. There should be no overlap between this array and the `products`, `required_if_supported_products`, or `additional_consented_products` arrays. The `products` array must have at least one product. For more details on using this feature, see [Optional Products](https://plaid.com/docs/link/initializing-products/#optional-products)., additional_consented_products: [str] # List of additional Plaid product(s) you wish to collect consent for to support your use case. These products will not be billed until you start using them by calling the relevant endpoints. `balance` is *not* a valid value, the Balance product does not require explicit initialization and will automatically have consent collected. Institutions that do not support these products will still be shown in Link. There should be no overlap between this array and the `products` or `required_if_supported_products` arrays. If you include `signal` in `additional_consented_products`, you will need to call [`/signal/prepare`](https://plaid.com/docs/api/products/signal/#signalprepare) before calling `/signal/evaluate` for the first time on an Item in order to get the most accurate results. For more details, see [`/signal/prepare`](https://plaid.com/docs/api/products/signal/#signalprepare)., webhook: str(url) # The destination URL to which any webhooks should be sent. Note that webhooks for Payment Initiation (e-wallet transactions only), Transfer, Bank Transfer (including Auth micro-deposit notification webhooks), Monitor, and Identity Verification are configured via the Dashboard instead. In update mode, this field will not have an effect; to update the webhook receiver endpoint for an existing Item, use `/item/webhook/update` instead., access_token: str # The `access_token` associated with the Item to update or reference, used when updating, modifying, or accessing an existing `access_token`. Used when launching Link in update mode, when completing the Same-day (manual) Micro-deposit flow, or (optionally) when initializing Link for a returning user as part of the Transfer UI flow., access_tokens: [str] # A list of access tokens associated with the items to update in Link update mode for the Assets product. Using this instead of the `access_token` field allows the updating of multiple items at once. This feature is in closed beta, please contact your account manager for more info., link_customization_name: str # The name of the Link customization from the Plaid Dashboard to be applied to Link. If not specified, the `default` customization will be used. When using a Link customization, the language in the customization must match the language selected via the `language` parameter, and the countries in the customization should match the country codes selected via `country_codes`., appearance_mode: str(LIGHT/DARK/SYSTEM) # Enum representing the desired appearance mode for Link, used to force light or dark modes or set Link to change depending on user system settings. Currently in closed beta., redirect_uri: str # A URI indicating the destination where a user should be forwarded after completing the Link flow; used to support OAuth authentication flows when launching Link in the browser or another app. The `redirect_uri` should not contain any query parameters. When used in Production, must be an https URI. Note that any redirect URI must also be added to the Allowed redirect URIs list in the [developer dashboard](https://dashboard.plaid.com/team/api). If initializing on Android, `android_package_name` must be specified instead and `redirect_uri` should be left blank., android_package_name: str # The name of your app's Android package. Required if using the `link_token` to initialize Link on Android. Any package name specified here must also be added to the Allowed Android package names setting on the [developer dashboard](https://dashboard.plaid.com/team/api). When creating a `link_token` for initializing Link on other platforms, `android_package_name` must be left blank and `redirect_uri` should be used instead., institution_data: map{routing_number: str} # A map containing data used to highlight institutions in Link., card_switch: map{card_bin!: str} # A map containing data to pass in for the Card Switch flow., account_filters: map{depository: map, credit: map, loan: map, investment: map, other: map} # By default, Link will provide limited account filtering: it will only display Institutions that are compatible with all products supplied in the `products` parameter of `/link/token/create`, and, if `auth` is specified in the `products` array, will also filter out accounts other than `checking`, `savings`, and `cash management` accounts on the Account Select pane. You can further limit the accounts shown in Link by using `account_filters` to specify the account subtypes to be shown in Link. Only the specified subtypes will be shown. This filtering applies to both the Account Select view (if enabled) and the Institution Select view. Institutions that do not support the selected subtypes will be omitted from Link. To indicate that all subtypes should be shown, use the value `"all"`. If the `account_filters` filter is used, any account type for which a filter is not specified will be entirely omitted from Link. For a full list of valid types and subtypes, see the [Account schema](https://plaid.com/docs/api/accounts#account-type-schema). The filter may or may not impact the list of accounts shown by the institution in the OAuth account selection flow, depending on the specific institution. If the user selects excluded account subtypes in the OAuth flow, these accounts will not be added to the Item. If the user selects only excluded account subtypes, the link attempt will fail and the user will be prompted to try again., eu_config: map{headless: bool} # Configuration parameters for EU flows, institution_id: str # Used for certain legacy use cases, payment_configuration: map{amount!: str, description: str} # Specifies options for initializing Link for use with the Pay By Bank flow. This is an optional field to configure the user experience, and currently requires the amount field to be set., payment_initiation: map{payment_id: str, consent_id: str} # Specifies options for initializing Link for use with the Payment Initiation (Europe) product. This field is required if `payment_initiation` is included in the `products` array. Either `payment_id` or `consent_id` must be provided., employment: map{employment_source_types: [str], bank_employment: map} # Specifies options for initializing Link for use with the Employment product. This field is required if `employment` is included in the `products` array., income_verification: map{income_verification_id: str, asset_report_id: str, access_tokens: [str], income_source_types: [str], bank_income: map, payroll_income: map, stated_income_sources: [map]} # Specifies options for initializing Link for use with the Income product. This field is required if `income_verification` is included in the `products` array., base_report: map{days_requested!: int, client_report_id: str} # Specifies options for initializing Link for use with the Base Report product. This field is required if `assets` is included in the `products` array and the client is CRA-enabled., credit_partner_insights: map{days_requested: int} # Specifies options for initializing Link for use with the Credit Partner Insights product., cra_options: map{days_requested!: int, days_required: int, client_report_id: str, partner_insights: map, base_report: map, cashflow_insights: map, lend_score: map, network_insights: map, include_investments: bool} # Specifies options for initializing Link for use with Plaid Check products, consumer_report_permissible_purpose: str(ACCOUNT_REVIEW_CREDIT/ACCOUNT_REVIEW_NON_CREDIT/EXTENSION_OF_CREDIT/LEGITIMATE_BUSINESS_NEED_TENANT_SCREENING/LEGITIMATE_BUSINESS_NEED_OTHER/WRITTEN_INSTRUCTION_PREQUALIFICATION/WRITTEN_INSTRUCTION_OTHER/ELIGIBILITY_FOR_GOVT_BENEFITS) # Describes the reason you are generating a Consumer Report for this user. When calling `/link/token/create`, this field is required when using Plaid Check (CRA) products; invalid if not using Plaid Check (CRA) products. `ACCOUNT_REVIEW_CREDIT`: In connection with a consumer credit transaction for the review or collection of an account pursuant to FCRA Section 604(a)(3)(A). `ACCOUNT_REVIEW_NON_CREDIT`: For a legitimate business need of the information to review a non-credit account provided primarily for personal, family, or household purposes to determine whether the consumer continues to meet the terms of the account pursuant to FCRA Section 604(a)(3)(F)(2). `EXTENSION_OF_CREDIT`: In connection with a credit transaction initiated by and involving the consumer pursuant to FCRA Section 604(a)(3)(A). `LEGITIMATE_BUSINESS_NEED_TENANT_SCREENING`: For a legitimate business need in connection with a business transaction initiated by the consumer primarily for personal, family, or household purposes in connection with a property rental assessment pursuant to FCRA Section 604(a)(3)(F)(i). `LEGITIMATE_BUSINESS_NEED_OTHER`: For a legitimate business need in connection with a business transaction made primarily for personal, family, or household initiated by the consumer pursuant to FCRA Section 604(a)(3)(F)(i). `WRITTEN_INSTRUCTION_PREQUALIFICATION`: In accordance with the written instructions of the consumer pursuant to FCRA Section 604(a)(2), to evaluate an application’s profile to make an offer to the consumer. `WRITTEN_INSTRUCTION_OTHER`: In accordance with the written instructions of the consumer pursuant to FCRA Section 604(a)(2), such as when an individual agrees to act as a guarantor or assumes personal liability for a consumer, business, or commercial loan. `ELIGIBILITY_FOR_GOVT_BENEFITS`: In connection with an eligibility determination for a government benefit where the entity is required to consider an applicant’s financial status pursuant to FCRA Section 604(a)(3)(D)., auth: map{auth_type_select_enabled: bool, automated_microdeposits_enabled: bool, instant_match_enabled: bool, same_day_microdeposits_enabled: bool, instant_microdeposits_enabled: bool, reroute_to_credentials: str, database_match_enabled: bool, database_insights_enabled: bool, flow_type: str, sms_microdeposits_verification_enabled: bool} # Specifies options for initializing Link for use with the Auth product. This field can be used to enable or disable extended Auth flows for the resulting Link session. Omitting any field will result in a default that can be configured by your account manager. The default behavior described in the documentation is the default behavior that will apply if you have not requested your account manager to apply a different default. If you have enabled the [Dashboard Account Verification pane](https://dashboard.plaid.com/account-verification), the settings enabled there will override any settings in this object., transfer: map{intent_id: str, authorization_id: str, payment_profile_token: str} # Specifies options for initializing Link for use with the Transfer product., update: map{account_selection_enabled: bool, reauthorization_enabled: bool, user: bool, item_ids: [str]} # Specifies options for initializing Link for [update mode](https://plaid.com/docs/link/update-mode)., identity_verification: map{template_id!: any, consent: any, gave_consent: bool} # Specifies option for initializing Link for use with the Identity Verification product., statements: map{start_date!: str(date), end_date!: str(date)} # Specifies options for initializing Link for use with the Statements product. This field is required for the statements product., third_party_user_token: str # A third party user token associated with the current user., investments: map{allow_unverified_crypto_wallets: bool, allow_manual_entry: bool} # Configuration parameters for the Investments product, investments_auth: map{manual_entry_enabled: bool, masked_number_match_enabled: bool, stated_account_number_enabled: bool, rollover_401k_enabled: bool} # Configuration parameters for the Investments Move product, hosted_link: map{delivery_method: str, completion_redirect_uri: str, url_lifetime_seconds: int, is_mobile_app: bool} # Configuration parameters for Hosted Link. To enable the session for Hosted Link, send this object in the request. It can be empty., transactions: map{days_requested: int} # Configuration parameters for the Transactions product, cashflow_report: map{days_requested: int} # Configuration parameters for the Cashflow Report product. Currently in closed beta., cra_enabled: bool # If `true`, request a CRA connection. Defaults to `false`., identity: map{is_document_upload: bool, account_ids: [str], parsing_configs: [str]} # Identity object used to specify document upload, financekit_supported: bool # If `true`, indicates that client supports linking FinanceKit / AppleCard items. Defaults to `false`., enable_multi_item_link: bool # If `true`, enable linking multiple items in the same Link session. Defaults to `false`., user_token: str # A user token generated using `/user/create`. Any Item created during the Link session will be associated with the user. Integrations that began using Plaid Protect, Multi-Item Link, or Plaid Check Consumer Report before December 10, 2025 use this field instead of the `user_id`.} @returns(200) {link_token: str, expiration: str(date-time), request_id: str, hosted_link_url: str, user_id: str} # OK @endpoint POST /link/token/get @desc Get Link Token @required {link_token: str # A `link_token` from a previous invocation of `/link/token/create`} @returns(200) {link_token: str, created_at: str(date-time)?, expiration: str(date-time)?, link_sessions: [map], metadata: map{initial_products: [str], webhook: str(url)?, country_codes: [str], language: str?, institution_data: map{routing_number: str}, account_filters: map{depository: map{account_subtypes: [str]}, credit: map{account_subtypes: [str]}, loan: map{account_subtypes: [str]}, investment: map{account_subtypes: [str]}}, redirect_uri: str?, client_name: str?}, user_id: str, request_id: str} # OK @endpoint POST /link/oauth/correlation_id/exchange @desc Exchange the Link Correlation Id for a Link Token @required {link_correlation_id: str # A `link_correlation_id` from a received OAuth redirect URI callback} @returns(200) {link_token: str, request_id: str} # OK @endgroup @group session @endpoint POST /session/token/create @desc Create a Link token for Layer @required {template_id: str # The id of a template defined in Plaid Dashboard} @optional {user: map{client_user_id!: str, user_id: any} # Details about the end user. Required if a root-level `user_id` is not provided., redirect_uri: str # A URI indicating the destination where a user should be forwarded after completing the Link flow; used to support OAuth authentication flows when launching Link in the browser or another app. The `redirect_uri` should not contain any query parameters. When used in Production, must be an https URI. Note that any redirect URI must also be added to the Allowed redirect URIs list in the [developer dashboard](https://dashboard.plaid.com/team/api). If initializing on Android, `android_package_name` must be specified instead and `redirect_uri` should be left blank., android_package_name: str # The name of your app's Android package. Required if using the session token to initialize Layer on Android. Any package name specified here must also be added to the Allowed Android package names setting on the [developer dashboard](https://dashboard.plaid.com/team/api). When creating a session token for initializing Layer on other platforms, `android_package_name` must be left blank and `redirect_uri` should be used instead., webhook: str(url) # The destination URL to which any webhooks should be sent. If you use the same webhook listener for all Sandbox or all Production activity, set this value in the Layer template editor in the Dashboard instead. Only provide a value in this field if you need to use multiple webhook URLs per environment (an uncommon use case). If provided, a value in this field will take priority over webhook values set in the Layer template editor., user_id: str # A unique user identifier, created by `/user/create`. Integrations that began using `/user/create` after December 10, 2025 use this field to identify a user instead of the `user_token`. For more details, see [new user APIs](https://plaid.com/docs/api/users/user-apis).} @returns(200) {request_id: str, link: map{link_token: str, expiration: str(date-time), user_id: str}} # OK @endgroup @group transfer @endpoint POST /transfer/get @desc Retrieve a transfer @optional {transfer_id: str # Plaid’s unique identifier for a transfer., authorization_id: str # Plaid’s unique identifier for a transfer authorization., originator_client_id: str # The Plaid client ID of the transfer originator. Should only be present if `client_id` is a third-party sender (TPS).} @returns(200) {transfer: map{id: str, authorization_id: str, ach_class: str, account_id: str, funding_account_id: str?, ledger_id: str?, type: str, user: map{legal_name: str, phone_number: str?, email_address: str?, address: map?{street: str?, city: str?, region: str?, postal_code: str?, country: str?}}, amount: str, description: str, created: str(date-time), status: str, sweep_status: str?, network: str, wire_details: map?{message_to_beneficiary: str?, wire_return_fee: str?}, cancellable: bool, failure_reason: map?{failure_code: str?, ach_return_code: str?, description: str}, metadata: map?, origination_account_id: str, guarantee_decision: str?, guarantee_decision_rationale: map?{code: str, description: str}, iso_currency_code: str, standard_return_window: str(date)?, unauthorized_return_window: str(date)?, expected_settlement_date: str(date)?, expected_funds_available_date: str(date)?, originator_client_id: str?, refunds: [map], recurring_transfer_id: str?, expected_sweep_settlement_schedule: [map], credit_funds_source: any, facilitator_fee: str, network_trace_id: str?}, request_id: str} # OK @endpoint POST /transfer/recurring/get @desc Retrieve a recurring transfer @required {recurring_transfer_id: str # Plaid’s unique identifier for a recurring transfer.} @returns(200) {recurring_transfer: map{recurring_transfer_id: str, created: str(date-time), next_origination_date: str(date)?, test_clock_id: str?, type: str, amount: str, status: str, ach_class: str, network: str, origination_account_id: str, account_id: str, funding_account_id: str, iso_currency_code: str, description: str, transfer_ids: [str], user: map{legal_name: str, phone_number: str?, email_address: str?, address: map?{street: str?, city: str?, region: str?, postal_code: str?, country: str?}}, schedule: map{interval_unit: str, interval_count: int, interval_execution_day: int, start_date: str(date), end_date: str(date)?}}, request_id: str} # OK @endgroup @group bank_transfer @endpoint POST /bank_transfer/get @desc Retrieve a bank transfer @required {bank_transfer_id: str # Plaid’s unique identifier for a bank transfer.} @returns(200) {bank_transfer: map{id: str, ach_class: str, account_id: str, type: str, user: map{legal_name: str, email_address: str?, routing_number: str}, amount: str, iso_currency_code: str, description: str, created: str(date-time), status: str, network: str, cancellable: bool, failure_reason: map?{ach_return_code: str?, description: str}, custom_tag: str?, metadata: map?, origination_account_id: str, direction: str?}, request_id: str} # OK @endgroup @group transfer @endpoint POST /transfer/authorization/create @desc Create a transfer authorization @required {access_token: str # The Plaid `access_token` for the account that will be debited or credited., account_id: str # The Plaid `account_id` corresponding to the end-user account that will be debited or credited., type: str(debit/credit) # The type of transfer. This will be either `debit` or `credit`. A `debit` indicates a transfer of money into the origination account; a `credit` indicates a transfer of money out of the origination account., network: str(ach/same-day-ach/rtp/wire) # The network or rails used for the transfer. For transfers submitted as `ach` or `same-day-ach`, the Standard ACH cutoff is 8:30 PM Eastern Time. For transfers submitted as `same-day-ach`, the Same Day ACH cutoff is 3:00 PM Eastern Time. It is recommended to send the request 15 minutes prior to the cutoff to ensure that it will be processed in time for submission before the cutoff. If the transfer is processed after this cutoff but before the Standard ACH cutoff, it will be sent over Standard ACH rails and will not incur same-day charges; this will apply to both legs of the transfer if applicable. The transaction limit for a Same Day ACH transfer is $1,000,000. Authorization requests sent with an amount greater than $1,000,000 will fail. For transfers submitted as `rtp`, Plaid will automatically route between Real Time Payment rail by TCH or FedNow rails as necessary. If a transfer is submitted as `rtp` and the counterparty account is not eligible for RTP, the `/transfer/authorization/create` request will fail with an `INVALID_FIELD` error code. To pre-check to determine whether a counterparty account can support RTP, call `/transfer/capabilities/get` before calling `/transfer/authorization/create`. Wire transfers are currently in early availability. To request access to `wire` as a payment network, contact your Account Manager. For transfers submitted as `wire`, the `type` must be `credit`; wire debits are not supported. The cutoff to submit a wire payment is 6:30 PM Eastern Time on a business day; wires submitted after that time will be processed on the next business day. The transaction limit for a wire is $999,999.99. Authorization requests sent with an amount greater than $999,999.99 will fail., amount: str # The amount of the transfer (decimal string with two digits of precision e.g. "10.00"). When calling `/transfer/authorization/create`, specify the maximum amount to authorize. When calling `/transfer/create`, specify the exact amount of the transfer, up to a maximum of the amount authorized. If this field is left blank when calling `/transfer/create`, the maximum amount authorized in the `authorization_id` will be sent., user: map{legal_name!: str, phone_number: str, email_address: str, address: map} # The legal name and other information for the account holder. If the account has multiple account holders, provide the information for the account holder on whose behalf the authorization is being requested. The `user.legal_name` field is required. Other fields are not currently used and are present to support planned future functionality.} @optional {funding_account_id: str # Specify the account used to fund the transfer. Should be specified if using legacy funding methods only. If using Plaid Ledger, leave this field blank. Customers can find a list of `funding_account_id`s in the Accounts page of your Plaid Dashboard, under the "Account ID" column. If this field is left blank and you are using legacy funding methods, this will default to the default `funding_account_id` specified during onboarding. Otherwise, Plaid Ledger will be used., ledger_id: str # Specify which ledger balance should be used to fund the transfer. You can find a list of `ledger_id`s in the Accounts page of your Plaid Dashboard. If this field is left blank, this will default to id of the default ledger balance., payment_profile_token: str # The payment profile token associated with the Payment Profile that will be debited or credited. Required if not using `access_token`., ach_class: str(ccd/ppd/tel/web) # Specifies the use case of the transfer. Required for transfers on an ACH network. For more details, see [ACH SEC codes](https://plaid.com/docs/transfer/creating-transfers/#ach-sec-codes). Codes supported for credits: `ccd`, `ppd` Codes supported for debits: `ccd`, `tel`, `web` `"ccd"` - Corporate Credit or Debit - fund transfer between two corporate bank accounts `"ppd"` - Prearranged Payment or Deposit - The transfer is part of a pre-existing relationship with a consumer. Authorization was obtained in writing either in person or via an electronic document signing, e.g. Docusign, by the consumer. Can be used for credits or debits. `"web"` - Internet-Initiated Entry. The transfer debits a consumer’s bank account. Authorization from the consumer is obtained over the Internet (e.g. a web or mobile application). Can be used for single debits or recurring debits. `"tel"` - Telephone-Initiated Entry. The transfer debits a consumer. Debit authorization has been received orally over the telephone via a recorded call., wire_details: map{message_to_beneficiary: str, wire_return_fee: str} # Information specific to wire transfers., device: map{ip_address: str, user_agent: str} # Information about the device being used to initiate the authorization. These fields are not currently incorporated into the risk check., origination_account_id: str # Plaid's unique identifier for the origination account for this authorization. If not specified, the default account will be used., iso_currency_code: str # The currency of the transfer amount. The default value is "USD"., idempotency_key: str # A random key provided by the client, per unique authorization, which expires after 48 hours. Maximum of 50 characters. The API supports idempotency for safely retrying requests without accidentally performing the same operation twice. For example, if a request to create an authorization fails due to a network connection error, you can retry the request with the same idempotency key to guarantee that only a single authorization is created. Idempotency does not apply to authorizations whose decisions are `user_action_required`. Therefore you may re-attempt the authorization after completing the required user action without changing `idempotency_key`. This idempotency key expires after 48 hours, after which the same key can be reused. Failure to provide this key may result in duplicate charges., user_present: bool # If the end user is initiating the specific transfer themselves via an interactive UI, this should be `true`; for automatic recurring payments where the end user is not actually initiating each individual transfer, it should be `false`. This field is not currently used and is present to support planned future functionality., with_guarantee: bool=true # If set to `false`, Plaid will not offer a `guarantee_decision` for this request (Guarantee customers only). This field is deprecated in favor for `guarantee`., request_guarantee: bool # Indicates whether the transfer should be evaluated for guarantee coverage. When set to `true`, Plaid assesses the transfer for guarantee coverage and returns a decision in the authorization response. When omitted or set to `false`, the authorization is evaluated without guarantee coverage., beacon_session_id: str # The unique identifier returned by Plaid's [beacon](https://plaid.com/docs/transfer/guarantee/#using-a-beacon) when it is run on your webpage., originator_client_id: str # The Plaid client ID that is the originator of this transfer. Only needed if creating transfers on behalf of another client as a [Platform customer](https://plaid.com/docs/transfer/application/#originators-vs-platforms)., credit_funds_source: any, test_clock_id: str # Plaid’s unique identifier for a test clock. This field may only be used when using `sandbox` environment. If provided, the `authorization` is created at the `virtual_time` on the provided test clock., ruleset_key: str # The key of the Ruleset for the transaction. This feature is currently in closed beta; to request access, contact your account manager.} @returns(200) {authorization: map{id: str, created: str(date-time), decision: str, decision_rationale: map?{code: str, description: str}, guarantee_decision: str?, guarantee_decision_rationale: map?{code: str, description: str}, payment_risk: map?{bank_initiated_return_score: int?, customer_initiated_return_score: int?, risk_level: str?, warnings: [map]}, proposed_transfer: map{ach_class: str, account_id: str, funding_account_id: str?, ledger_id: str?, type: str, user: map{legal_name: str, phone_number: str?, email_address: str?, address: map?}, amount: str, network: str, wire_details: map?{message_to_beneficiary: str?, wire_return_fee: str?}, origination_account_id: str, iso_currency_code: str, originator_client_id: str?, credit_funds_source: any}}, request_id: str} # OK @endpoint POST /transfer/authorization/cancel @desc Cancel a transfer authorization @required {authorization_id: str # Plaid’s unique identifier for a transfer authorization.} @returns(200) {request_id: str} # OK @endpoint POST /transfer/balance/get @desc (Deprecated) Retrieve a balance held with Plaid @optional {originator_client_id: str # Client ID of the end customer., type: str(prefunded_rtp_credits/prefunded_ach_credits) # The type of balance. `prefunded_rtp_credits` - Your prefunded RTP credit balance with Plaid `prefunded_ach_credits` - Your prefunded ACH credit balance with Plaid} @returns(200) {balance: map{available: str, current: str, type: str}, request_id: str} # OK @endpoint POST /transfer/capabilities/get @desc Get RTP eligibility information of a transfer @required {access_token: str # The Plaid `access_token` for the account that will be debited or credited., account_id: str # The Plaid `account_id` corresponding to the end-user account that will be debited or credited.} @optional {payment_profile_token: str # A payment profile token associated with the Payment Profile data that is being requested.} @returns(200) {institution_supported_networks: map{rtp: map{credit: bool}, rfp: map{debit: bool, max_amount: str?, iso_currency_code: str?}}, request_id: str} # OK @endpoint POST /transfer/configuration/get @desc Get transfer product configuration @optional {originator_client_id: str # The Plaid client ID of the transfer originator. Should only be present if `client_id` is a [Platform customer](https://plaid.com/docs/transfer/application/#originators-vs-platforms).} @returns(200) {request_id: str, max_single_transfer_amount: str, max_single_transfer_credit_amount: str, max_single_transfer_debit_amount: str, max_daily_credit_amount: str, max_daily_debit_amount: str, max_monthly_amount: str, max_monthly_credit_amount: str, max_monthly_debit_amount: str, iso_currency_code: str} # OK @endpoint POST /transfer/ledger/get @desc Retrieve Plaid Ledger balance @optional {ledger_id: str # Specify which ledger balance to get. Customers can find a list of `ledger_id`s in the Accounts page of your Plaid Dashboard. If this field is left blank, this will default to id of the default ledger balance., originator_client_id: str # Client ID of the end customer.} @returns(200) {ledger_id: str, balance: map{available: str, pending: str}, name: str, is_default: bool, request_id: str} # OK @endpoint POST /transfer/ledger/distribute @desc Move available balance between ledgers @required {from_ledger_id: str # The Ledger to pull money from., to_ledger_id: str # The Ledger to credit money to., amount: str # The amount to move (decimal string with two digits of precision e.g. "10.00"). Amount must be positive., idempotency_key: str # A unique key provided by the client, per unique ledger distribute. Maximum of 50 characters. The API supports idempotency for safely retrying the request without accidentally performing the same operation twice. For example, if a request to create a ledger distribute fails due to a network connection error, you can retry the request with the same idempotency key to guarantee that only a single distribute is created.} @optional {description: str # An optional description for the ledger distribute operation.} @returns(200) {request_id: str} # OK @endpoint POST /transfer/ledger/deposit @desc Deposit funds into a Plaid Ledger balance @required {amount: str # A positive amount of how much will be deposited into ledger (decimal string with two digits of precision e.g. "5.50")., idempotency_key: str # A unique key provided by the client, per unique ledger deposit. Maximum of 50 characters. The API supports idempotency for safely retrying the request without accidentally performing the same operation twice. For example, if a request to create a ledger deposit fails due to a network connection error, you can retry the request with the same idempotency key to guarantee that only a single deposit is created., network: str(ach/same-day-ach) # The ACH networks used for the funds flow. For requests submitted as either `ach` or `same-day-ach` the cutoff for Same Day ACH is 3:00 PM Eastern Time and the cutoff for Standard ACH transfers is 8:30 PM Eastern Time. It is recommended to submit a request at least 15 minutes before the cutoff time in order to ensure that it will be processed before the cutoff. Any request that is indicated as `same-day-ach` and that misses the Same Day ACH cutoff, but is submitted in time for the Standard ACH cutoff, will be sent over Standard ACH rails and will not incur same-day charges.} @optional {originator_client_id: str # Client ID of the customer that owns the Ledger balance. This is so Plaid knows which of your customers to payout or collect funds. Only applicable for [Platform customers](https://plaid.com/docs/transfer/application/#originators-vs-platforms). Do not include if you’re paying out to yourself., funding_account_id: str # Specify which funding account to use. Customers can find a list of `funding_account_id`s in the Accounts page of the Plaid Dashboard, under the "Account ID" column. If this field is left blank, the funding account associated with the specified Ledger will be used. If an `originator_client_id` is specified, the `funding_account_id` must belong to the specified originator., ledger_id: str # Specify which ledger balance to deposit to. Customers can find a list of `ledger_id`s in the Accounts page of your Plaid Dashboard. If this field is left blank, this will default to id of the default ledger balance., description: str # The description of the deposit that will be passed to the receiving bank (up to 10 characters). Note that banks utilize this field differently, and may or may not show it on the bank statement.} @returns(200) {sweep: map{id: str, funding_account_id: str, ledger_id: str?, created: str(date-time), amount: str, iso_currency_code: str, settled: str(date)?, expected_funds_available_date: str(date)?, status: str?, trigger: str?, description: str, network_trace_id: str?, failure_reason: map?{failure_code: str?, description: str?}}, request_id: str} # OK @endpoint POST /transfer/ledger/withdraw @desc Withdraw funds from a Plaid Ledger balance @required {amount: str # A positive amount of how much will be withdrawn from the ledger balance (decimal string with two digits of precision e.g. "5.50")., idempotency_key: str # A unique key provided by the client, per unique ledger withdraw. Maximum of 50 characters. The API supports idempotency for safely retrying the request without accidentally performing the same operation twice. For example, if a request to create a ledger withdraw fails due to a network connection error, you can retry the request with the same idempotency key to guarantee that only a single withdraw is created., network: str(ach/same-day-ach/rtp/wire) # The network or rails used for the transfer. For transfers submitted as `ach` or `same-day-ach`, the Standard ACH cutoff is 8:30 PM Eastern Time. For transfers submitted as `same-day-ach`, the Same Day ACH cutoff is 3:00 PM Eastern Time. It is recommended to send the request 15 minutes prior to the cutoff to ensure that it will be processed in time for submission before the cutoff. If the transfer is processed after this cutoff but before the Standard ACH cutoff, it will be sent over Standard ACH rails and will not incur same-day charges; this will apply to both legs of the transfer if applicable. The transaction limit for a Same Day ACH transfer is $1,000,000. Authorization requests sent with an amount greater than $1,000,000 will fail. For transfers submitted as `rtp`, Plaid will automatically route between Real Time Payment rail by TCH or FedNow rails as necessary. If a transfer is submitted as `rtp` and the counterparty account is not eligible for RTP, the `/transfer/authorization/create` request will fail with an `INVALID_FIELD` error code. To pre-check to determine whether a counterparty account can support RTP, call `/transfer/capabilities/get` before calling `/transfer/authorization/create`. Wire transfers are currently in early availability. To request access to `wire` as a payment network, contact your Account Manager. For transfers submitted as `wire`, the `type` must be `credit`; wire debits are not supported. The cutoff to submit a wire payment is 6:30 PM Eastern Time on a business day; wires submitted after that time will be processed on the next business day. The transaction limit for a wire is $999,999.99. Authorization requests sent with an amount greater than $999,999.99 will fail.} @optional {originator_client_id: str # Client ID of the customer that owns the Ledger balance. This is so Plaid knows which of your customers to payout or collect funds. Only applicable for [Platform customers](https://plaid.com/docs/transfer/application/#originators-vs-platforms). Do not include if you’re paying out to yourself., funding_account_id: str # Specify which funding account to use. Customers can find a list of `funding_account_id`s in the Accounts page of the Plaid Dashboard, under the "Account ID" column. If this field is left blank, the funding account associated with the specified Ledger will be used. If an `originator_client_id` is specified, the `funding_account_id` must belong to the specified originator., ledger_id: str # Specify which ledger balance to withdraw from. Customers can find a list of `ledger_id`s in the Accounts page of your Plaid Dashboard. If this field is left blank, this will default to id of the default ledger balance., description: str # The description of the deposit that will be passed to the receiving bank (up to 10 characters). Note that banks utilize this field differently, and may or may not show it on the bank statement.} @returns(200) {sweep: map{id: str, funding_account_id: str, ledger_id: str?, created: str(date-time), amount: str, iso_currency_code: str, settled: str(date)?, expected_funds_available_date: str(date)?, status: str?, trigger: str?, description: str, network_trace_id: str?, failure_reason: map?{failure_code: str?, description: str?}}, request_id: str} # OK @endpoint POST /transfer/originator/funding_account/update @desc Update the funding account associated with the originator @required {originator_client_id: str # The Plaid client ID of the transfer originator., funding_account: map{access_token!: str, account_id!: str} # The originator's funding account, linked with Plaid Link or `/transfer/migrate_account`.} @returns(200) {request_id: str} # OK @endpoint POST /transfer/originator/funding_account/create @desc Create a new funding account for an originator @required {originator_client_id: str # The Plaid client ID of the transfer originator., funding_account: map # The originator's funding account, linked with Plaid Link or `/transfer/migrate_account`.} @returns(200) {funding_account_id: str, request_id: str} # OK @endpoint POST /transfer/metrics/get @desc Get transfer product usage metrics @optional {originator_client_id: str # The Plaid client ID of the transfer originator. Should only be present if `client_id` is a [Platform customer](https://plaid.com/docs/transfer/application/#originators-vs-platforms).} @returns(200) {request_id: str, daily_debit_transfer_volume: str, daily_credit_transfer_volume: str, monthly_transfer_volume: str, monthly_debit_transfer_volume: str, monthly_credit_transfer_volume: str, iso_currency_code: str, return_rates: map?{last_60d: map?{overall_return_rate: str, unauthorized_return_rate: str, administrative_return_rate: str}}, authorization_usage: map?{daily_credit_utilization: str, daily_debit_utilization: str, monthly_credit_utilization: str, monthly_debit_utilization: str}} # OK @endpoint POST /transfer/create @desc Create a transfer @required {access_token: str # The Plaid `access_token` for the account that will be debited or credited., account_id: str # The Plaid `account_id` corresponding to the end-user account that will be debited or credited., authorization_id: str # Plaid’s unique identifier for a transfer authorization. This parameter also serves the purpose of acting as an idempotency identifier., description: str # The transfer description, maximum of 15 characters (RTP transactions) or 10 characters (ACH transactions). Should represent why the money is moving, not your company name. For recommendations on setting the `description` field to avoid ACH returns, see [Description field recommendations](https://www.plaid.com/docs/transfer/creating-transfers/#description-field-recommendations). If reprocessing a returned transfer, the `description` field must be `"Retry 1"` or `"Retry 2"`. You may retry a transfer up to 2 times, within 180 days of creating the original transfer. Only transfers that were returned with code `R01` or `R09` may be retried.} @optional {idempotency_key: str # Deprecated. `authorization_id` is now used as idempotency instead. A random key provided by the client, per unique transfer. Maximum of 50 characters. The API supports idempotency for safely retrying requests without accidentally performing the same operation twice. For example, if a request to create a transfer fails due to a network connection error, you can retry the request with the same idempotency key to guarantee that only a single transfer is created., type: any, network: any, amount: str # The amount of the transfer (decimal string with two digits of precision e.g. "10.00"). When calling `/transfer/authorization/create`, specify the maximum amount to authorize. When calling `/transfer/create`, specify the exact amount of the transfer, up to a maximum of the amount authorized. If this field is left blank when calling `/transfer/create`, the maximum amount authorized in the `authorization_id` will be sent., ach_class: any, user: map{legal_name: str, phone_number: str, email_address: str, address: map} # The legal name and other information for the account holder., metadata: map # The Metadata object is a mapping of client-provided string fields to any string value. The following limitations apply: The JSON values must be Strings (no nested JSON objects allowed) Only ASCII characters may be used Maximum of 50 key/value pairs Maximum key length of 40 characters Maximum value length of 500 characters, origination_account_id: str # Plaid’s unique identifier for the origination account for this transfer. If you have more than one origination account, this value must be specified. Otherwise, this field should be left blank., iso_currency_code: str # The currency of the transfer amount. The default value is "USD"., test_clock_id: str # Plaid’s unique identifier for a test clock. This field may only be used when using `sandbox` environment. If provided, the `transfer` is created at the `virtual_time` on the provided `test_clock`., facilitator_fee: str # The amount to deduct from `transfer.amount` and distribute to the platform’s Ledger balance as a facilitator fee (decimal string with two digits of precision e.g. "10.00"). The remainder will go to the end-customer’s Ledger balance. This must be value greater than 0 and less than or equal to the `transfer.amount`.} @returns(200) {transfer: map{id: str, authorization_id: str, ach_class: str, account_id: str, funding_account_id: str?, ledger_id: str?, type: str, user: map{legal_name: str, phone_number: str?, email_address: str?, address: map?{street: str?, city: str?, region: str?, postal_code: str?, country: str?}}, amount: str, description: str, created: str(date-time), status: str, sweep_status: str?, network: str, wire_details: map?{message_to_beneficiary: str?, wire_return_fee: str?}, cancellable: bool, failure_reason: map?{failure_code: str?, ach_return_code: str?, description: str}, metadata: map?, origination_account_id: str, guarantee_decision: str?, guarantee_decision_rationale: map?{code: str, description: str}, iso_currency_code: str, standard_return_window: str(date)?, unauthorized_return_window: str(date)?, expected_settlement_date: str(date)?, expected_funds_available_date: str(date)?, originator_client_id: str?, refunds: [map], recurring_transfer_id: str?, expected_sweep_settlement_schedule: [map], credit_funds_source: any, facilitator_fee: str, network_trace_id: str?}, request_id: str} # OK @endpoint POST /transfer/recurring/create @desc Create a recurring transfer @required {access_token: str # The Plaid `access_token` for the account that will be debited or credited., idempotency_key: str # A random key provided by the client, per unique recurring transfer. Maximum of 50 characters. The API supports idempotency for safely retrying requests without accidentally performing the same operation twice. For example, if a request to create a recurring fails due to a network connection error, you can retry the request with the same idempotency key to guarantee that only a single recurring transfer is created., account_id: str # The Plaid `account_id` corresponding to the end-user account that will be debited or credited., type: str(debit/credit) # The type of transfer. This will be either `debit` or `credit`. A `debit` indicates a transfer of money into the origination account; a `credit` indicates a transfer of money out of the origination account., network: str(ach/same-day-ach/rtp) # Networks eligible for recurring transfers., amount: str # The amount of the transfer (decimal string with two digits of precision e.g. "10.00"). When calling `/transfer/authorization/create`, specify the maximum amount to authorize. When calling `/transfer/create`, specify the exact amount of the transfer, up to a maximum of the amount authorized. If this field is left blank when calling `/transfer/create`, the maximum amount authorized in the `authorization_id` will be sent., description: str # The description of the recurring transfer., schedule: map{interval_unit!: str, interval_count!: int, interval_execution_day!: int, start_date!: str(date), end_date: str(date)} # The schedule that the recurring transfer will be executed on., user: map{legal_name!: str, phone_number: str, email_address: str, address: map} # The legal name and other information for the account holder.} @optional {funding_account_id: str # Specify the account used to fund the transfer. Customers can find a list of `funding_account_id`s in the Accounts page of your Plaid Dashboard, under the "Account ID" column. If this field is left blank, it will default to the default `funding_account_id` specified during onboarding., ach_class: str(ccd/ppd/tel/web) # Specifies the use case of the transfer. Required for transfers on an ACH network. For more details, see [ACH SEC codes](https://plaid.com/docs/transfer/creating-transfers/#ach-sec-codes). Codes supported for credits: `ccd`, `ppd` Codes supported for debits: `ccd`, `tel`, `web` `"ccd"` - Corporate Credit or Debit - fund transfer between two corporate bank accounts `"ppd"` - Prearranged Payment or Deposit - The transfer is part of a pre-existing relationship with a consumer. Authorization was obtained in writing either in person or via an electronic document signing, e.g. Docusign, by the consumer. Can be used for credits or debits. `"web"` - Internet-Initiated Entry. The transfer debits a consumer’s bank account. Authorization from the consumer is obtained over the Internet (e.g. a web or mobile application). Can be used for single debits or recurring debits. `"tel"` - Telephone-Initiated Entry. The transfer debits a consumer. Debit authorization has been received orally over the telephone via a recorded call., user_present: bool # If the end user is initiating the specific transfer themselves via an interactive UI, this should be `true`; for automatic recurring payments where the end user is not actually initiating each individual transfer, it should be `false`., iso_currency_code: str # The currency of the transfer amount. The default value is "USD"., test_clock_id: str # Plaid’s unique identifier for a test clock. This field may only be used when using the `sandbox` environment. If provided, the created `recurring_transfer` is associated with the `test_clock`. New originations are automatically generated when the associated `test_clock` advances. For more details, see [Simulating recurring transfers](https://plaid.com/docs/transfer/sandbox/#simulating-recurring-transfers)., device: map{ip_address!: str, user_agent!: str} # Information about the device being used to initiate the authorization.} @returns(200) {recurring_transfer: map, decision: str, decision_rationale: map?{code: str, description: str}, request_id: str} # OK @endgroup @group bank_transfer @endpoint POST /bank_transfer/create @desc Create a bank transfer @required {idempotency_key: str # A random key provided by the client, per unique bank transfer. Maximum of 50 characters. The API supports idempotency for safely retrying requests without accidentally performing the same operation twice. For example, if a request to create a bank transfer fails due to a network connection error, you can retry the request with the same idempotency key to guarantee that only a single bank transfer is created., access_token: str # The Plaid `access_token` for the account that will be debited or credited., account_id: str # The Plaid `account_id` for the account that will be debited or credited., type: str(debit/credit) # The type of bank transfer. This will be either `debit` or `credit`. A `debit` indicates a transfer of money into the origination account; a `credit` indicates a transfer of money out of the origination account., network: str(ach/same-day-ach/wire) # The network or rails used for the transfer. Valid options are `ach`, `same-day-ach`, or `wire`., amount: str # The amount of the bank transfer (decimal string with two digits of precision e.g. "10.00")., iso_currency_code: str # The currency of the transfer amount – should be set to "USD"., description: str # The transfer description. Maximum of 10 characters., user: map{legal_name!: str, email_address: str, routing_number: str} # The legal name and other information for the account holder.} @optional {ach_class: str(ccd/ppd/tel/web) # Specifies the use case of the transfer. Required for transfers on an ACH network. For more details, see [ACH SEC codes](https://plaid.com/docs/transfer/creating-transfers/#ach-sec-codes). Codes supported for credits: `ccd`, `ppd` Codes supported for debits: `ccd`, `tel`, `web` `"ccd"` - Corporate Credit or Debit - fund transfer between two corporate bank accounts `"ppd"` - Prearranged Payment or Deposit - The transfer is part of a pre-existing relationship with a consumer. Authorization was obtained in writing either in person or via an electronic document signing, e.g. Docusign, by the consumer. Can be used for credits or debits. `"web"` - Internet-Initiated Entry. The transfer debits a consumer’s bank account. Authorization from the consumer is obtained over the Internet (e.g. a web or mobile application). Can be used for single debits or recurring debits. `"tel"` - Telephone-Initiated Entry. The transfer debits a consumer. Debit authorization has been received orally over the telephone via a recorded call., custom_tag: str # An arbitrary string provided by the client for storage with the bank transfer. May be up to 100 characters., metadata: map # The Metadata object is a mapping of client-provided string fields to any string value. The following limitations apply: The JSON values must be Strings (no nested JSON objects allowed) Only ASCII characters may be used Maximum of 50 key/value pairs Maximum key length of 40 characters Maximum value length of 500 characters, origination_account_id: str # Plaid’s unique identifier for the origination account for this transfer. If you have more than one origination account, this value must be specified. Otherwise, this field should be left blank.} @returns(200) {bank_transfer: map{id: str, ach_class: str, account_id: str, type: str, user: map{legal_name: str, email_address: str?, routing_number: str}, amount: str, iso_currency_code: str, description: str, created: str(date-time), status: str, network: str, cancellable: bool, failure_reason: map?{ach_return_code: str?, description: str}, custom_tag: str?, metadata: map?, origination_account_id: str, direction: str?}, request_id: str} # OK @endgroup @group transfer @endpoint POST /transfer/list @desc List transfers @optional {start_date: str(date-time) # The start `created` datetime of transfers to list. This should be in RFC 3339 format (i.e. `2019-12-06T22:35:49Z`), end_date: str(date-time) # The end `created` datetime of transfers to list. This should be in RFC 3339 format (i.e. `2019-12-06T22:35:49Z`), count: int=25 # The maximum number of transfers to return., offset: int=0 # The number of transfers to skip before returning results., origination_account_id: str # Filter transfers to only those originated through the specified origination account., originator_client_id: str # Filter transfers to only those with the specified originator client., funding_account_id: str # Filter transfers to only those with the specified `funding_account_id`.} @returns(200) {transfers: [map], request_id: str} # OK @endpoint POST /transfer/recurring/list @desc List recurring transfers @optional {start_time: str(date-time) # The start `created` datetime of recurring transfers to list. This should be in RFC 3339 format (i.e. `2019-12-06T22:35:49Z`), end_time: str(date-time) # The end `created` datetime of recurring transfers to list. This should be in RFC 3339 format (i.e. `2019-12-06T22:35:49Z`), count: int=25 # The maximum number of recurring transfers to return., offset: int=0 # The number of recurring transfers to skip before returning results., funding_account_id: str # Filter recurring transfers to only those with the specified `funding_account_id`.} @returns(200) {recurring_transfers: [map], request_id: str} # OK @endgroup @group bank_transfer @endpoint POST /bank_transfer/list @desc List bank transfers @optional {start_date: str(date-time) # The start datetime of bank transfers to list. This should be in RFC 3339 format (i.e. `2019-12-06T22:35:49Z`), end_date: str(date-time) # The end datetime of bank transfers to list. This should be in RFC 3339 format (i.e. `2019-12-06T22:35:49Z`), count: int=25 # The maximum number of bank transfers to return., offset: int=0 # The number of bank transfers to skip before returning results., origination_account_id: str # Filter bank transfers to only those originated through the specified origination account., direction: str(outbound/inbound) # Indicates the direction of the transfer: `outbound` for API-initiated transfers, or `inbound` for payments received by the FBO account.} @returns(200) {bank_transfers: [map], request_id: str} # OK @endgroup @group transfer @endpoint POST /transfer/cancel @desc Cancel a transfer @required {transfer_id: str # Plaid’s unique identifier for a transfer.} @optional {originator_client_id: str # The Plaid client ID of the transfer originator. Should only be present if `client_id` is a third-party sender (TPS)., reason_code: str(AC03/AM09/CUST/DUPL/FRAD/TECH/UPAY/AC14/AM06/BE05/FOCR/MS02/MS03/RR04/RUTA) # Specifies the reason for cancelling transfer. This is required for RfP transfers, and will be ignored for other networks. `"AC03"` - Invalid Creditor Account Number `"AM09"` - Incorrect Amount `"CUST"` - Requested By Customer - Cancellation requested `"DUPL"` - Duplicate Payment `"FRAD"` - Fraudulent Payment - Unauthorized or fraudulently induced `"TECH"` - Technical Problem - Cancellation due to system issues `"UPAY"` - Undue Payment - Payment was made through another channel `"AC14"` - Invalid or Missing Creditor Account Type `"AM06"` - Amount Too Low `"BE05"` - Unrecognized Initiating Party `"FOCR"` - Following Refund Request `"MS02"` - No Specified Reason - Customer `"MS03"` - No Specified Reason - Agent `"RR04"` - Regulatory Reason `"RUTA"` - Return Upon Unable To Apply} @returns(200) {request_id: str} # OK @endpoint POST /transfer/recurring/cancel @desc Cancel a recurring transfer. @required {recurring_transfer_id: str # Plaid’s unique identifier for a recurring transfer.} @returns(200) {request_id: str} # OK @endgroup @group bank_transfer @endpoint POST /bank_transfer/cancel @desc Cancel a bank transfer @required {bank_transfer_id: str # Plaid’s unique identifier for a bank transfer.} @returns(200) {request_id: str} # OK @endgroup @group transfer @endpoint POST /transfer/event/list @desc List transfer events @optional {start_date: str(date-time) # The start `created` datetime of transfers to list. This should be in RFC 3339 format (i.e. `2019-12-06T22:35:49Z`), end_date: str(date-time) # The end `created` datetime of transfers to list. This should be in RFC 3339 format (i.e. `2019-12-06T22:35:49Z`), transfer_id: str # Plaid’s unique identifier for a transfer., account_id: str # The account ID to get events for all transactions to/from an account., transfer_type: str(debit/credit) # The type of transfer. This will be either `debit` or `credit`. A `debit` indicates a transfer of money into your origination account; a `credit` indicates a transfer of money out of your origination account., event_types: [str] # Filter events by event type., sweep_id: str # Plaid’s unique identifier for a sweep., count: int=25 # The maximum number of transfer events to return. If the number of events matching the above parameters is greater than `count`, the most recent events will be returned., offset: int=0 # The offset into the list of transfer events. When `count`=25 and `offset`=0, the first 25 events will be returned. When `count`=25 and `offset`=25, the next 25 events will be returned., origination_account_id: str # The origination account ID to get events for transfers from a specific origination account., originator_client_id: str # Filter transfer events to only those with the specified originator client., funding_account_id: str # Filter transfer events to only those with the specified `funding_account_id`.} @returns(200) {transfer_events: [map], has_more: bool, request_id: str} # OK @endpoint POST /transfer/ledger/event/list @desc List transfer ledger events @optional {originator_client_id: str # Filter transfer events to only those with the specified originator client. (This field is specifically for resellers. Caller's client ID will be used if this field is not specified.), start_date: str(date-time) # The start created datetime of transfers to list. This should be in RFC 3339 format (i.e. 2019-12-06T22:35:49Z), end_date: str(date-time) # The end created datetime of transfers to list. This should be in RFC 3339 format (i.e. 2019-12-06T22:35:49Z), ledger_id: str # Plaid's unique identifier for a Plaid Ledger Balance., ledger_event_id: str # Plaid's unique identifier for the ledger event., source_type: str(TRANSFER/SWEEP/REFUND) # Source of the ledger event. `"TRANSFER"` - The source of the ledger event is a transfer `"SWEEP"` - The source of the ledger event is a sweep `"REFUND"` - The source of the ledger event is a refund, source_id: str # Plaid's unique identifier for a transfer, sweep, or refund., count: int=25 # The maximum number of transfer events to return. If the number of events matching the above parameters is greater than `count`, the most recent events will be returned., offset: int=0 # The offset into the list of transfer events. When `count`=25 and `offset`=0, the first 25 events will be returned. When `count`=25 and `offset`=25, the next 25 events will be returned.} @returns(200) {ledger_events: [map], has_more: bool, request_id: str} # OK @endgroup @group bank_transfer @endpoint POST /bank_transfer/event/list @desc List bank transfer events @optional {start_date: str(date-time) # The start datetime of bank transfers to list. This should be in RFC 3339 format (i.e. `2019-12-06T22:35:49Z`), end_date: str(date-time) # The end datetime of bank transfers to list. This should be in RFC 3339 format (i.e. `2019-12-06T22:35:49Z`), bank_transfer_id: str # Plaid’s unique identifier for a bank transfer., account_id: str # The account ID to get events for all transactions to/from an account., bank_transfer_type: str(debit/credit) # The type of bank transfer. This will be either `debit` or `credit`. A `debit` indicates a transfer of money into your origination account; a `credit` indicates a transfer of money out of your origination account., event_types: [str] # Filter events by event type., count: int=25 # The maximum number of bank transfer events to return. If the number of events matching the above parameters is greater than `count`, the most recent events will be returned., offset: int=0 # The offset into the list of bank transfer events. When `count`=25 and `offset`=0, the first 25 events will be returned. When `count`=25 and `offset`=25, the next 25 bank transfer events will be returned., origination_account_id: str # The origination account ID to get events for transfers from a specific origination account., direction: str(inbound/outbound) # Indicates the direction of the transfer: `outbound`: for API-initiated transfers `inbound`: for payments received by the FBO account.} @returns(200) {bank_transfer_events: [map], request_id: str} # OK @endgroup @group transfer @endpoint POST /transfer/event/sync @desc Sync transfer events @required {after_id: int # The latest (largest) `event_id` fetched via the sync endpoint, or 0 initially.} @optional {count: int=100 # The maximum number of transfer events to return.} @returns(200) {transfer_events: [map], has_more: bool, request_id: str} # OK @endgroup @group bank_transfer @endpoint POST /bank_transfer/event/sync @desc Sync bank transfer events @required {after_id: int # The latest (largest) `event_id` fetched via the sync endpoint, or 0 initially.} @optional {count: int=25 # The maximum number of bank transfer events to return.} @returns(200) {bank_transfer_events: [map], request_id: str} # OK @endgroup @group transfer @endpoint POST /transfer/sweep/get @desc Retrieve a sweep @required {sweep_id: str # Plaid's unique identifier for the sweep (UUID) or a shortened form consisting of the first 8 characters of the identifier (8-digit hexadecimal string).} @returns(200) {sweep: map{id: str, funding_account_id: str, ledger_id: str?, created: str(date-time), amount: str, iso_currency_code: str, settled: str(date)?, expected_funds_available_date: str(date)?, status: str?, trigger: str?, description: str, network_trace_id: str?, failure_reason: map?{failure_code: str?, description: str?}}, request_id: str} # OK @endgroup @group bank_transfer @endpoint POST /bank_transfer/sweep/get @desc Retrieve a sweep @required {sweep_id: str # Identifier of the sweep.} @returns(200) {sweep: map{id: str, created_at: str(date-time), amount: str, iso_currency_code: str}, request_id: str} # OK @endgroup @group transfer @endpoint POST /transfer/sweep/list @desc List sweeps @optional {start_date: str(date-time) # The start `created` datetime of sweeps to return (RFC 3339 format)., end_date: str(date-time) # The end `created` datetime of sweeps to return (RFC 3339 format)., count: int=25 # The maximum number of sweeps to return., offset: int=0 # The number of sweeps to skip before returning results., amount: str # Filter sweeps to only those with the specified amount., status: str(pending/posted/settled/funds_available/returned/failed) # The status of a sweep transfer `"pending"` - The sweep is currently pending `"posted"` - The sweep has been posted `"settled"` - The sweep has settled. This is the terminal state of a successful credit sweep. `"returned"` - The sweep has been returned. This is the terminal state of a returned sweep. Returns of a sweep are extremely rare, since sweeps are money movement between your own bank account and your own Ledger. `"funds_available"` - Funds from the sweep have been released from hold and applied to the ledger's available balance. (Only applicable to deposits.) This is the terminal state of a successful deposit sweep. `"failed"` - The sweep has failed. This is the terminal state of a failed sweep., originator_client_id: str # Filter sweeps to only those with the specified originator client., funding_account_id: str # Filter sweeps to only those with the specified `funding_account_id`., transfer_id: str # Filter sweeps to only those with the included `transfer_id`., trigger: str(manual/incoming/balance_threshold/automatic_aggregate) # The trigger of the sweep `"manual"` - The sweep is created manually by the customer `"incoming"` - The sweep is created by incoming funds flow (e.g. Incoming Wire) `"balance_threshold"` - The sweep is created by balance threshold setting `"automatic_aggregate"` - The sweep is created by the Plaid automatic aggregation process. These funds did not pass through the Plaid Ledger balance.} @returns(200) {sweeps: [map], request_id: str} # OK @endgroup @group bank_transfer @endpoint POST /bank_transfer/sweep/list @desc List sweeps @optional {origination_account_id: str # If multiple origination accounts are available, `origination_account_id` must be used to specify the account that the sweeps belong to., start_time: str(date-time) # The start `created` datetime of sweeps to return (RFC 3339 format)., end_time: str(date-time) # The end `created` datetime of sweeps to return (RFC 3339 format)., count: int=25 # The maximum number of sweeps to return.} @returns(200) {sweeps: [map], request_id: str} # OK @endpoint POST /bank_transfer/balance/get @desc Get balance of your Bank Transfer account @optional {origination_account_id: str # If multiple origination accounts are available, `origination_account_id` must be used to specify the account for which balance will be returned.} @returns(200) {balance: map{available: str, transactable: str}, origination_account_id: str?, request_id: str} # OK @endpoint POST /bank_transfer/migrate_account @desc Migrate account into Bank Transfers @required {account_number: str # The user's account number., routing_number: str # The user's routing number., account_type: str # The type of the bank account (`checking` or `savings`).} @optional {wire_routing_number: str # The user's wire transfer routing number. This is the ABA number; for some institutions, this may differ from the ACH number used in `routing_number`.} @returns(200) {access_token: str, account_id: str, request_id: str} # OK @endgroup @group transfer @endpoint POST /transfer/migrate_account @desc Migrate account into Transfers @required {account_number: str # The user's account number., routing_number: str # The user's routing number., account_type: str # The type of the bank account (`checking` or `savings`).} @optional {wire_routing_number: str # The user's wire transfer routing number. This is the ABA number; for some institutions, this may differ from the ACH number used in `routing_number`. This field must be set for the created item to be eligible for wire transfers.} @returns(200) {access_token: str, account_id: str, request_id: str} # OK @endpoint POST /transfer/intent/create @desc Create a transfer intent object to invoke the Transfer UI @required {mode: str(PAYMENT/DISBURSEMENT) # The direction of the flow of transfer funds. `PAYMENT`: Transfers funds from an end user's account to your business account. `DISBURSEMENT`: Transfers funds from your business account to an end user's account., amount: str # The amount of the transfer (decimal string with two digits of precision e.g. "10.00"). When calling `/transfer/authorization/create`, specify the maximum amount to authorize. When calling `/transfer/create`, specify the exact amount of the transfer, up to a maximum of the amount authorized. If this field is left blank when calling `/transfer/create`, the maximum amount authorized in the `authorization_id` will be sent., description: str # A description for the underlying transfer. Maximum of 15 characters., user: map{legal_name!: str, phone_number: str, email_address: str, address: map} # The legal name and other information for the account holder.} @optional {account_id: str # The Plaid `account_id` corresponding to the end-user account that will be debited or credited., funding_account_id: str # Specify the account used to fund the transfer. Should be specified if using legacy funding methods only. If using Plaid Ledger, leave this field blank. Customers can find a list of `funding_account_id`s in the Accounts page of your Plaid Dashboard, under the "Account ID" column. If this field is left blank and you are using legacy funding methods, this will default to the default `funding_account_id` specified during onboarding. Otherwise, Plaid Ledger will be used., network: str(ach/same-day-ach/rtp)=same-day-ach # The network or rails used for the transfer. Defaults to `same-day-ach`. For transfers submitted using `ach`, the Standard ACH cutoff is 8:30 PM Eastern Time. For transfers submitted using `same-day-ach`, the Same Day ACH cutoff is 3:00 PM Eastern Time. It is recommended to send the request 15 minutes prior to the cutoff to ensure that it will be processed in time for submission before the cutoff. If the transfer is processed after this cutoff but before the Standard ACH cutoff, it will be sent over Standard ACH rails and will not incur same-day charges. For transfers submitted using `rtp`, in the case that the account being credited does not support RTP, the transfer will be sent over ACH as long as an `ach_class` is provided in the request. If RTP isn't supported by the account and no `ach_class` is provided, the transfer will fail to be submitted., ach_class: str(ccd/ppd/tel/web) # Specifies the use case of the transfer. Required for transfers on an ACH network. For more details, see [ACH SEC codes](https://plaid.com/docs/transfer/creating-transfers/#ach-sec-codes). Codes supported for credits: `ccd`, `ppd` Codes supported for debits: `ccd`, `tel`, `web` `"ccd"` - Corporate Credit or Debit - fund transfer between two corporate bank accounts `"ppd"` - Prearranged Payment or Deposit - The transfer is part of a pre-existing relationship with a consumer. Authorization was obtained in writing either in person or via an electronic document signing, e.g. Docusign, by the consumer. Can be used for credits or debits. `"web"` - Internet-Initiated Entry. The transfer debits a consumer’s bank account. Authorization from the consumer is obtained over the Internet (e.g. a web or mobile application). Can be used for single debits or recurring debits. `"tel"` - Telephone-Initiated Entry. The transfer debits a consumer. Debit authorization has been received orally over the telephone via a recorded call., origination_account_id: str # Plaid’s unique identifier for the origination account for the intent. If not provided, the default account will be used., metadata: map # The Metadata object is a mapping of client-provided string fields to any string value. The following limitations apply: The JSON values must be Strings (no nested JSON objects allowed) Only ASCII characters may be used Maximum of 50 key/value pairs Maximum key length of 40 characters Maximum value length of 500 characters, iso_currency_code: str # The currency of the transfer amount, e.g. "USD", require_guarantee: bool=false # When `true`, the transfer requires a `GUARANTEED` decision by Plaid to proceed (Guarantee customers only).} @returns(200) {transfer_intent: map{id: str, created: str(date-time), status: str, account_id: str?, origination_account_id: str, funding_account_id: str, amount: str, mode: str, network: str, ach_class: str, user: map{legal_name: str, phone_number: str?, email_address: str?, address: map?{street: str?, city: str?, region: str?, postal_code: str?, country: str?}}, description: str, metadata: map?, iso_currency_code: str, require_guarantee: bool?}, request_id: str} # OK @endpoint POST /transfer/intent/get @desc Retrieve more information about a transfer intent @required {transfer_intent_id: str # Plaid's unique identifier for a transfer intent object.} @returns(200) {transfer_intent: map{id: str, created: str(date-time), status: str, transfer_id: str?, failure_reason: map?{error_type: str, error_code: str, error_message: str}, authorization_decision: str?, authorization_decision_rationale: map?{code: str, description: str}, account_id: str?, origination_account_id: str, funding_account_id: str, amount: str, mode: str, network: str, ach_class: str, user: map{legal_name: str, phone_number: str?, email_address: str?, address: map?{street: str?, city: str?, region: str?, postal_code: str?, country: str?}}, description: str, metadata: map?, iso_currency_code: str, require_guarantee: bool?, guarantee_decision: str?, guarantee_decision_rationale: map?{code: str, description: str}}, request_id: str} # OK @endpoint POST /transfer/repayment/list @desc Lists historical repayments @optional {start_date: str(date-time) # The start `created` datetime of repayments to return (RFC 3339 format)., end_date: str(date-time) # The end `created` datetime of repayments to return (RFC 3339 format)., count: int=25 # The maximum number of repayments to return., offset: int=0 # The number of repayments to skip before returning results.} @returns(200) {repayments: [map], request_id: str} # OK @example_request {"start_time":"2022-01-10T12:34:56Z","count":1} @endpoint POST /transfer/repayment/return/list @desc List the returns included in a repayment @required {repayment_id: str # Identifier of the repayment to query.} @optional {count: int=25 # The maximum number of repayments to return., offset: int=0 # The number of repayments to skip before returning results.} @returns(200) {repayment_returns: [map], request_id: str} # OK @example_request {"start_time":"2022-01-10T12:34:56Z","count":1,"repayment_id":"d4bfce70-2470-4298-ae87-5e9b3e18bfaf"} @endpoint POST /transfer/platform/requirement/submit @desc Submit additional onboarding information on behalf of an originator @required {originator_client_id: str # The client ID of the originator, requirement_submissions: [map{requirement_type!: str, value!: str, person_id: str(uuid)}] # Use the `/transfer/platform/requirement/submit` endpoint to submit a list of requirement submissions that all relate to the originator. Must contain between 1 and 50 requirement submissions. See [Requirement type schema documentation](https://docs.google.com/document/d/1NEQkTD0sVK50iAQi6xHigrexDUxZ4QxXqSEfV_FFTiU/) for a list of requirements and possible values.} @returns(200) {request_id: str} # OK @endpoint POST /transfer/originator/create @desc Create a new originator @required {company_name: str # The company name of the end customer being created. This will be displayed in public-facing surfaces, e.g. Plaid Dashboard.} @returns(200) {originator_client_id: str, company_name: str, request_id: str} # OK @endpoint POST /transfer/questionnaire/create @desc Generate a Plaid-hosted onboarding UI URL. @required {originator_client_id: str # Client ID of the end customer., redirect_uri: str(url) # URL the end customer will be redirected to after completing questions in Plaid-hosted onboarding flow.} @returns(200) {onboarding_url: str, request_id: str} # OK @endpoint POST /transfer/diligence/submit @desc Submit transfer diligence on behalf of the originator @required {originator_client_id: str # Client ID of the originator whose diligence that you want to submit., originator_diligence: map{dba!: str, tax_id!: str, credit_usage_configuration: map, debit_usage_configuration: map, address!: map, website!: str(url), naics_code!: str, funding_account!: map} # The diligence information for the originator.} @returns(200) {request_id: str} # OK @endpoint POST /transfer/diligence/document/upload @desc Upload transfer diligence document on behalf of the originator @required {originator_client_id: str # The Client ID of the originator whose document that you want to upload., file: str(binary) # A file to upload. The file size must be less than 20MB. Supported file extensions: .pdf., purpose: str # Specifies the purpose of the uploaded file. `"DUE_DILIGENCE"` - The transfer due diligence document of the originator.} @returns(200) {request_id: str} # OK @endpoint POST /transfer/originator/get @desc Get status of an originator's onboarding @required {originator_client_id: str # Client ID of the end customer (i.e. the originator).} @returns(200) {originator: map{client_id: str, transfer_diligence_status: str, company_name: str, outstanding_requirements: [map]}, request_id: str} # OK @endpoint POST /transfer/originator/list @desc Get status of all originators' onboarding @optional {count: int=25 # The maximum number of originators to return., offset: int=0 # The number of originators to skip before returning results.} @returns(200) {originators: [map], request_id: str} # OK @endpoint POST /transfer/refund/create @desc Create a refund @required {transfer_id: str # The ID of the transfer to refund., amount: str # The amount of the refund (decimal string with two digits of precision e.g. "10.00")., idempotency_key: str # A random key provided by the client, per unique refund. Maximum of 50 characters. The API supports idempotency for safely retrying requests without accidentally performing the same operation twice. For example, if a request to create a refund fails due to a network connection error, you can retry the request with the same idempotency key to guarantee that only a single refund is created.} @returns(200) {refund: map{id: str, transfer_id: str, amount: str, status: str, failure_reason: map?{failure_code: str?, ach_return_code: str?, description: str}, ledger_id: str?, created: str(date-time), network_trace_id: str?}, request_id: str} # OK @endpoint POST /transfer/refund/get @desc Retrieve a refund @required {refund_id: str # Plaid’s unique identifier for a refund.} @returns(200) {refund: map{id: str, transfer_id: str, amount: str, status: str, failure_reason: map?{failure_code: str?, ach_return_code: str?, description: str}, ledger_id: str?, created: str(date-time), network_trace_id: str?}, request_id: str} # OK @endpoint POST /transfer/refund/cancel @desc Cancel a refund @required {refund_id: str # Plaid’s unique identifier for a refund.} @returns(200) {request_id: str} # OK @endpoint POST /transfer/platform/originator/create @desc Create an originator for Transfer for Platforms customers @required {originator_client_id: str # The client ID of the originator, tos_acceptance_metadata: map{agreement_accepted!: bool, originator_ip_address!: str, agreement_accepted_at!: str(date-time)} # Metadata related to the acceptance of Terms of Service, originator_reviewed_at: str(date-time) # ISO8601 timestamp indicating the most recent time the platform collected onboarding data from the originator} @optional {webhook: str(url) # The webhook URL to which a `PLATFORM_ONBOARDING_UPDATE` webhook should be sent.} @returns(200) {request_id: str} # OK @endpoint POST /transfer/platform/person/create @desc Create a person associated with an originator @required {originator_client_id: str # The client ID of the originator} @optional {name: map{given_name!: str, family_name!: str} # The person's legal name, email_address: str # A valid email address. Must not have leading or trailing spaces., phone_number: str # A valid phone number in E.164 format. Phone number input may be validated against valid number ranges; number strings that do not match a real-world phone numbering scheme may cause the request to fail, even in the Sandbox test environment., address: map{city!: str, country!: str, postal_code!: str, region!: str, street!: str, street2: str} # Home address of a person, id_number: map{value!: str, type!: str} # ID number of the person, date_of_birth: str(date) # The date of birth of the person. Formatted as YYYY-MM-DD., relationship_to_originator: str # The relationship between this person and the originator they are related to., ownership_percentage: int # The percentage of ownership this person has in the onboarding business. Only applicable to beneficial owners with 25% or more ownership., title: str # The title of the person at the business. Only applicable to control persons - for example, "CEO", "President", "Owner", etc.} @returns(200) {request_id: str, person_id: str} # OK @endgroup @group sandbox @endpoint POST /sandbox/bank_transfer/simulate @desc Simulate a bank transfer event in Sandbox @required {bank_transfer_id: str # Plaid’s unique identifier for a bank transfer., event_type: str # The asynchronous event to be simulated. May be: `posted`, `failed`, or `reversed`. An error will be returned if the event type is incompatible with the current transfer status. Compatible status --> event type transitions include: `pending` --> `failed` `pending` --> `posted` `posted` --> `reversed`} @optional {failure_reason: map{ach_return_code: str, description: str} # The failure reason if the type of this transfer is `"failed"` or `"reversed"`. Null value otherwise.} @returns(200) {request_id: str} # OK @endpoint POST /sandbox/transfer/sweep/simulate @desc Simulate creating a sweep @optional {test_clock_id: str # Plaid’s unique identifier for a test clock. If provided, the sweep to be simulated is created on the day of the `virtual_time` on the `test_clock`. If the date of `virtual_time` is on weekend or a federal holiday, the next available banking day is used., webhook: str(url) # The webhook URL to which a `TRANSFER_EVENTS_UPDATE` webhook should be sent.} @returns(200) {sweep: map, request_id: str} # OK @endpoint POST /sandbox/transfer/simulate @desc Simulate a transfer event in Sandbox @required {transfer_id: str # Plaid’s unique identifier for a transfer., event_type: str # The asynchronous event to be simulated. May be: `posted`, `settled`, `failed`, `funds_available`, or `returned`. An error will be returned if the event type is incompatible with the current transfer status. Compatible status --> event type transitions include: `pending` --> `failed` `pending` --> `posted` `posted` --> `returned` `posted` --> `settled` `settled` --> `funds_available` (only applicable to ACH debits.)} @optional {test_clock_id: str # Plaid’s unique identifier for a test clock. If provided, the event to be simulated is created at the `virtual_time` on the provided `test_clock`., failure_reason: map{failure_code: str, ach_return_code: str, description: str} # The failure reason if the event type for a transfer is `"failed"` or `"returned"`. Null value otherwise., webhook: str(url) # The webhook URL to which a `TRANSFER_EVENTS_UPDATE` webhook should be sent.} @returns(200) {request_id: str} # OK @endpoint POST /sandbox/transfer/refund/simulate @desc Simulate a refund event in Sandbox @required {refund_id: str # Plaid’s unique identifier for a refund., event_type: str # The asynchronous event to be simulated. May be: `refund.posted`, `refund.settled`, `refund.failed`, or `refund.returned`. An error will be returned if the event type is incompatible with the current refund status. Compatible status --> event type transitions include: `refund.pending` --> `refund.failed` `refund.pending` --> `refund.posted` `refund.posted` --> `refund.returned` `refund.posted` --> `refund.settled` `refund.posted` events can only be simulated if the refunded transfer has been transitioned to settled. This mimics the ordering of events in Production.} @optional {test_clock_id: str # Plaid’s unique identifier for a test clock. If provided, the event to be simulated is created at the `virtual_time` on the provided `test_clock`., failure_reason: map{failure_code: str, ach_return_code: str, description: str} # The failure reason if the event type for a transfer is `"failed"` or `"returned"`. Null value otherwise., webhook: str(url) # The webhook URL to which a `TRANSFER_EVENTS_UPDATE` webhook should be sent.} @returns(200) {request_id: str} # OK @endpoint POST /sandbox/transfer/ledger/simulate_available @desc Simulate converting pending balance to available balance @optional {ledger_id: str # Specify which ledger balance to simulate converting pending balance to available balance. If this field is left blank, this will default to id of the default ledger balance., originator_client_id: str # Client ID of the end customer (i.e. the originator). Only applicable to Transfer for Platforms customers., test_clock_id: str # Plaid’s unique identifier for a test clock. If provided, only the pending balance that is due before the `virtual_timestamp` on the test clock will be converted., webhook: str(url) # The webhook URL to which a `TRANSFER_EVENTS_UPDATE` webhook should be sent.} @returns(200) {request_id: str} # OK @endpoint POST /sandbox/transfer/ledger/deposit/simulate @desc Simulate a ledger deposit event in Sandbox @required {sweep_id: str # Plaid’s unique identifier for a sweep., event_type: str(sweep.posted/sweep.settled/sweep.returned/sweep.failed) # The asynchronous event to be simulated. May be: `posted`, `settled`, `failed`, or `returned`. An error will be returned if the event type is incompatible with the current ledger sweep status. Compatible status --> event type transitions include: `sweep.pending` --> `sweep.posted` `sweep.pending` --> `sweep.failed` `sweep.posted` --> `sweep.settled` `sweep.posted` --> `sweep.returned` `sweep.settled` --> `sweep.returned`} @optional {failure_reason: map{failure_code: str, ach_return_code: str, description: str} # The failure reason if the event type for a transfer is `"failed"` or `"returned"`. Null value otherwise.} @returns(200) {request_id: str} # OK @endpoint POST /sandbox/transfer/ledger/withdraw/simulate @desc Simulate a ledger withdraw event in Sandbox @required {sweep_id: str # Plaid’s unique identifier for a sweep., event_type: str(sweep.posted/sweep.settled/sweep.returned/sweep.failed) # The asynchronous event to be simulated. May be: `posted`, `settled`, `failed`, or `returned`. An error will be returned if the event type is incompatible with the current ledger sweep status. Compatible status --> event type transitions include: `sweep.pending` --> `sweep.posted` `sweep.pending` --> `sweep.failed` `sweep.posted` --> `sweep.settled` `sweep.posted` --> `sweep.returned` `sweep.settled` --> `sweep.returned`} @optional {failure_reason: map{failure_code: str, ach_return_code: str, description: str} # The failure reason if the event type for a transfer is `"failed"` or `"returned"`. Null value otherwise.} @returns(200) {request_id: str} # OK @endpoint POST /sandbox/transfer/repayment/simulate @desc Trigger the creation of a repayment @returns(200) {request_id: str} # OK @endpoint POST /sandbox/transfer/fire_webhook @desc Manually fire a Transfer webhook @required {webhook: str(url) # The URL to which the webhook should be sent.} @returns(200) {request_id: str} # OK @endpoint POST /sandbox/transfer/test_clock/create @desc Create a test clock @optional {virtual_time: str(date-time) # The virtual timestamp on the test clock. If not provided, the current timestamp will be used. This will be of the form `2006-01-02T15:04:05Z`.} @returns(200) {test_clock: map{test_clock_id: str, virtual_time: str(date-time)}, request_id: str} # OK @endpoint POST /sandbox/transfer/test_clock/advance @desc Advance a test clock @required {test_clock_id: str # Plaid’s unique identifier for a test clock. This field is only populated in the Sandbox environment, and only if a `test_clock_id` was included in the `/transfer/recurring/create` request. For more details, see [Simulating recurring transfers](https://plaid.com/docs/transfer/sandbox/#simulating-recurring-transfers)., new_virtual_time: str(date-time) # The virtual timestamp on the test clock. This will be of the form `2006-01-02T15:04:05Z`.} @returns(200) {request_id: str} # OK @endpoint POST /sandbox/transfer/test_clock/get @desc Get a test clock @required {test_clock_id: str # Plaid’s unique identifier for a test clock. This field is only populated in the Sandbox environment, and only if a `test_clock_id` was included in the `/transfer/recurring/create` request. For more details, see [Simulating recurring transfers](https://plaid.com/docs/transfer/sandbox/#simulating-recurring-transfers).} @returns(200) {test_clock: map{test_clock_id: str, virtual_time: str(date-time)}, request_id: str} # OK @endpoint POST /sandbox/transfer/test_clock/list @desc List test clocks @optional {start_virtual_time: str(date-time) # The start virtual timestamp of test clocks to return. This should be in RFC 3339 format (i.e. `2019-12-06T22:35:49Z`), end_virtual_time: str(date-time) # The end virtual timestamp of test clocks to return. This should be in RFC 3339 format (i.e. `2019-12-06T22:35:49Z`), count: int=25 # The maximum number of test clocks to return., offset: int=0 # The number of test clocks to skip before returning results.} @returns(200) {test_clocks: [map], request_id: str} # OK @endpoint POST /sandbox/payment_profile/reset_login @desc Reset the login of a Payment Profile @required {payment_profile_token: str # A payment profile token associated with the Payment Profile data that is being requested.} @returns(200) {reset_login: bool, request_id: str} # OK @endpoint POST /sandbox/payment/simulate @desc Simulate a payment event in Sandbox @required {payment_id: str # The ID of the payment to simulate, webhook: str # The webhook url to use for any payment events triggered by the simulated status change., status: str # The status to set the payment to. Valid statuses include: - `PAYMENT_STATUS_INITIATED` - `PAYMENT_STATUS_INSUFFICIENT_FUNDS` - `PAYMENT_STATUS_FAILED` - `PAYMENT_STATUS_EXECUTED` - `PAYMENT_STATUS_SETTLED` - `PAYMENT_STATUS_CANCELLED` - `PAYMENT_STATUS_REJECTED`} @returns(200) {request_id: str, old_status: str, new_status: str} # OK @endgroup @group employers @endpoint POST /employers/search @desc Search employer database @required {query: str # The employer name to be searched for., products: [str] # The Plaid products the returned employers should support. Currently, this field must be set to `"deposit_switch"`.} @returns(200) {employers: [map], request_id: str} # OK @endgroup @group income @endpoint POST /income/verification/create @desc (Deprecated) Create an income verification instance @required {webhook: str # The URL endpoint to which Plaid should send webhooks related to the progress of the income verification process.} @optional {precheck_id: str # The ID of a precheck created with `/income/verification/precheck`. Will be used to improve conversion of the income verification flow., options: map{access_tokens: [str]} # Optional arguments for `/income/verification/create`} @returns(200) {income_verification_id: str, request_id: str} # OK @endpoint POST /income/verification/paystubs/get @desc (Deprecated) Retrieve information from the paystubs used for income verification @optional {income_verification_id: str # The ID of the verification for which to get paystub information., access_token: str # The access token associated with the Item data is being requested for.} @returns(200) {document_metadata: [map], paystubs: [map], error: map?{error_type: str, error_code: str, error_code_reason: str?, error_message: str, display_message: str?, request_id: str, causes: [any], status: int?, documentation_url: str, suggested_action: str?, required_account_subtypes: [str], provided_account_subtypes: [str]}, request_id: str} # OK @endpoint POST /income/verification/documents/download @desc (Deprecated) Download the original documents used for income verification @optional {income_verification_id: str # The ID of the verification., access_token: str # The access token associated with the Item data is being requested for., document_id: str # The document ID to download. If passed, a single document will be returned in the resulting zip file, rather than all document} @returns(200) A ZIP file containing source documents(s) used as the basis for income verification. @endpoint POST /income/verification/taxforms/get @desc (Deprecated) Retrieve information from the tax documents used for income verification @optional {income_verification_id: str # The ID of the verification., access_token: str # The access token associated with the Item data is being requested for.} @returns(200) {request_id: str, document_metadata: [map], taxforms: [map], error: map?{error_type: str, error_code: str, error_code_reason: str?, error_message: str, display_message: str?, request_id: str, causes: [any], status: int?, documentation_url: str, suggested_action: str?, required_account_subtypes: [str], provided_account_subtypes: [str]}} # OK @endpoint POST /income/verification/precheck @desc (Deprecated) Check digital income verification eligibility and optimize conversion @optional {user: map{first_name: str, last_name: str, email_address: str, home_address: map} # Information about the user whose eligibility is being evaluated., employer: map{name: str, address: map, tax_id: str, url: str(url)} # Information about the end user's employer, payroll_institution: map{name: str} # Information about the end user's payroll institution, transactions_access_token: any, transactions_access_tokens: [str] # An array of access tokens corresponding to Items belonging to the user whose eligibility is being checked. Note that if the Items specified here are not already initialized with `transactions`, providing them in this field will cause these Items to be initialized with (and billed for) the Transactions product., us_military_info: map{is_active_duty: bool, branch: str} # Data about military info in the income verification precheck.} @returns(200) {precheck_id: str, request_id: str, confidence: str} # OK @endgroup @group employment @endpoint POST /employment/verification/get @desc (Deprecated) Retrieve a summary of an individual's employment information @required {access_token: str # The access token associated with the Item data is being requested for.} @returns(200) {employments: [map], request_id: str} # OK @endgroup @group credit @endpoint POST /credit/audit_copy_token/create @desc Create Asset or Income Report Audit Copy Token @required {report_tokens: [str] # List of report tokens; can include at most one VOA/standard Asset Report tokens and one VOE Asset Report Token.} @returns(200) {audit_copy_token: str, request_id: str} # OK @endpoint POST /credit/audit_copy_token/remove @desc Remove an Audit Copy token @required {audit_copy_token: str # The `audit_copy_token` granting access to the Audit Copy you would like to revoke.} @returns(200) {removed: bool, request_id: str} # OK @endpoint POST /credit/asset_report/freddie_mac/get @desc Retrieve an Asset Report with Freddie Mac format. Only Freddie Mac can use this endpoint. @required {audit_copy_token: str # A token that can be shared with a third party auditor to allow them to obtain access to the Asset Report. This token should be stored securely.} @returns(200) {DEAL: map{LOANS: map{LOAN: map{LOAN_IDENTIFIERS: map}}, PARTIES: map{PARTY: [map]}, SERVICES: map{SERVICE: map{VERIFICATION_OF_ASSET: map, STATUSES: map}}}, request_id: str, SchemaVersion: num} # OK @endpoint POST /credit/freddie_mac/reports/get @desc Retrieve an Asset Report with Freddie Mac format (aka VOA - Verification Of Assets), and a Verification Of Employment (VOE) report if this one is available. Only Freddie Mac can use this endpoint. @required {audit_copy_token: str # A token that can be shared with a third party auditor to allow them to obtain access to the Asset Report. This token should be stored securely.} @returns(200) {DEAL: map{LOANS: map{LOAN: map{LOAN_IDENTIFIERS: map, LoanRoleType: str}}, PARTIES: map{PARTY: [map]}, SERVICES: map{SERVICE: map{VERIFICATION_OF_ASSET: [map], STATUSES: map}}}, request_id: str, SchemaVersion: num} # OK @endgroup @group beta @endpoint POST /beta/credit/v1/bank_employment/get @desc Retrieve information from the bank accounts used for employment verification @required {user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis).} @returns(200) {bank_employment_reports: [map], request_id: str} # OK @endgroup @group credit @endpoint POST /credit/bank_income/get @desc Retrieve information from the bank accounts used for income verification @optional {user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis)., user_id: any, options: map{count: int} # An optional object for `/credit/bank_income/get` request options.} @returns(200) {bank_income: [map], request_id: str} # OK @endpoint POST /credit/bank_income/pdf/get @desc Retrieve information from the bank accounts used for income verification in PDF format @required {user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis).} @optional {user_id: any} @returns(200) A PDF of the Bank Income Report @endpoint POST /credit/bank_income/refresh @desc Refresh a user's bank income information @required {user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis).} @optional {user_id: any, options: map{days_requested: int} # An optional object for `/credit/bank_income/refresh` request options.} @returns(200) {request_id: str} # OK @endpoint POST /credit/bank_income/webhook/update @desc Subscribe and unsubscribe to proactive notifications for a user's income profile @required {user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis)., enable_webhooks: bool # Whether the user should be enabled for proactive webhook notifications when their income changes} @optional {user_id: any} @returns(200) {request_id: str} # OK @endpoint POST /credit/payroll_income/parsing_config/update @desc Update the parsing configuration for a document income verification @required {user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis)., parsing_config: [str] # The types of analysis to enable for the document income verification session} @optional {user_id: any, item_id: str # The `item_id` of the Item associated with this webhook, warning, or error} @returns(200) {request_id: str} # OK @endpoint POST /credit/bank_statements/uploads/get @desc Retrieve data for a user's uploaded bank statements @required {user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis).} @optional {options: map{item_ids: [str]} # An optional object for `/credit/bank_statements/uploads/get` request options.} @returns(200) {items: [map], request_id: str} # OK @endpoint POST /credit/payroll_income/get @desc Retrieve a user's payroll information @optional {user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis)., user_id: any, options: map{item_ids: [str]} # An optional object for `/credit/payroll_income/get` request options.} @returns(200) {items: [map], error: map?{error_type: str, error_code: str, error_code_reason: str?, error_message: str, display_message: str?, request_id: str, causes: [any], status: int?, documentation_url: str, suggested_action: str?, required_account_subtypes: [str], provided_account_subtypes: [str]}, request_id: str} # OK @endpoint POST /credit/payroll_income/risk_signals/get @desc Retrieve fraud insights for a user's manually uploaded document(s). @optional {user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis)., user_id: any} @returns(200) {items: [map], error: map?{error_type: str, error_code: str, error_code_reason: str?, error_message: str, display_message: str?, request_id: str, causes: [any], status: int?, documentation_url: str, suggested_action: str?, required_account_subtypes: [str], provided_account_subtypes: [str]}, request_id: str} # OK @endpoint POST /credit/payroll_income/precheck @desc Check income verification eligibility and optimize conversion @optional {user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis)., user_id: any, access_tokens: [str] # An array of access tokens corresponding to Items belonging to the user whose eligibility is being checked. Note that if the Items specified here are not already initialized with `transactions`, providing them in this field will cause these Items to be initialized with (and billed for) the Transactions product., employer: map{name: str, address: map, tax_id: str, url: str(url)} # Information about the end user's employer, us_military_info: map{is_active_duty: bool, branch: str} # Data about military info in the income verification precheck., payroll_institution: map{name: str} # Information about the end user's payroll institution} @returns(200) {request_id: str, confidence: str} # OK @endpoint POST /credit/employment/get @desc Retrieve a summary of an individual's employment information @required {user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis).} @returns(200) {items: [map], request_id: str} # OK @endpoint POST /credit/payroll_income/refresh @desc Refresh a digital payroll income verification @required {user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis).} @optional {user_id: any, options: map{item_ids: [str], webhook: str} # An optional object for `/credit/payroll_income/refresh` request options.} @returns(200) {request_id: str, verification_refresh_status: str} # success @endpoint POST /credit/relay/create @desc Create a relay token to share an Asset Report with a partner client @required {report_tokens: [str] # List of report token strings, with at most one token of each report type. Currently only Asset Report token is supported., secondary_client_id: str # The `secondary_client_id` is the client id of the third party with whom you would like to share the relay token.} @optional {webhook: str(url) # URL to which Plaid will send webhooks when the Secondary Client successfully retrieves an Asset Report by calling `/credit/relay/get`.} @returns(200) {relay_token: str, request_id: str} # OK @endpoint POST /credit/relay/get @desc Retrieve the reports associated with a relay token that was shared with you @required {relay_token: str # The `relay_token` granting access to the report you would like to get., report_type: str # The report type. It can be `asset`. Income report types are not yet supported.} @optional {include_insights: bool=false # `true` if you would like to retrieve the Asset Report with Insights, `false` otherwise. This field defaults to `false` if omitted.} @returns(200) {report: map{asset_report_id: str, insights: map?{risk: map?{bank_penalties: map?, gambling: map?, loan_disbursements: map?, loan_payments: map?, negative_balance: map?}, affordability: map?{expenditure: map?, income: map?}}, client_report_id: str?, date_generated: str(date-time), days_requested: num, user: map{client_user_id: str?, first_name: str?, middle_name: str?, last_name: str?, ssn: str?, phone_number: str?, email: str?}, items: [map]}, warnings: [map], request_id: str} # OK @endpoint POST /credit/relay/pdf/get @desc Retrieve the pdf reports associated with a relay token that was shared with you (beta) @required {relay_token: str # The `relay_token` granting access to the report you would like to get., report_type: str # The report type. It can be `asset`. Income report types are not yet supported.} @returns(200) A PDF of the Asset Report @endpoint POST /credit/relay/refresh @desc Refresh a report of a relay token @required {relay_token: str # The `relay_token` granting access to the report you would like to refresh., report_type: str # The report type. It can be `asset`. Income report types are not yet supported.} @optional {webhook: str(url) # The URL registered to receive webhooks when the report of a relay token has been refreshed.} @returns(200) {relay_token: str, asset_report_id: str, request_id: str} # OK @endpoint POST /credit/relay/remove @desc Remove relay token @required {relay_token: str # The `relay_token` you would like to revoke.} @returns(200) {removed: bool, request_id: str} # OK @endgroup @group sandbox @endpoint POST /sandbox/bank_transfer/fire_webhook @desc Manually fire a Bank Transfer webhook @required {webhook: str(url) # The URL to which the webhook should be sent.} @returns(200) {request_id: str} # OK @endpoint POST /sandbox/income/fire_webhook @desc Manually fire an Income webhook @required {item_id: str # The Item ID associated with the verification., webhook: str(url) # The URL to which the webhook should be sent., webhook_code: str(INCOME_VERIFICATION/INCOME_VERIFICATION_RISK_SIGNALS) # The webhook codes that can be fired by this test endpoint.} @optional {user_id: str # The Plaid `user_id` of the User associated with this webhook, warning, or error., verification_status: str(VERIFICATION_STATUS_PROCESSING_COMPLETE/VERIFICATION_STATUS_PROCESSING_FAILED/VERIFICATION_STATUS_PENDING_APPROVAL) # `VERIFICATION_STATUS_PROCESSING_COMPLETE`: The income verification status processing has completed. If the user uploaded multiple documents, this webhook will fire when all documents have finished processing. Call the `/income/verification/paystubs/get` endpoint and check the document metadata to see which documents were successfully parsed. `VERIFICATION_STATUS_PROCESSING_FAILED`: A failure occurred when attempting to process the verification documentation. `VERIFICATION_STATUS_PENDING_APPROVAL`: (deprecated) The income verification has been sent to the user for review.} @returns(200) {request_id: str} # OK @endpoint POST /sandbox/bank_income/fire_webhook @desc Manually fire a bank income webhook in sandbox @required {webhook_code: str(BANK_INCOME_REFRESH_UPDATE/BANK_INCOME_REFRESH_COMPLETE) # The webhook codes this endpoint can be used to test, webhook_fields: map{user_id!: str, bank_income_refresh_complete_result: str} # Optional fields which will be populated in the simulated webhook} @optional {webhook_override: str(url) # The URL to which the webhook should be sent. If provided, this will override the URL set in the dashboard.} @returns(200) {request_id: str} # OK @endpoint POST /sandbox/cra/cashflow_updates/update @desc Trigger an update for Cash Flow Updates @optional {user_token: str # The user token associated with the User data is being requested for. This field is used only by customers with pre-existing integrations that already use the `user_token` field. All other customers should use the `user_id` instead. For more details, see [New User APIs](https://plaid.com/docs/api/users/user-apis)., webhook_codes: [str] # Webhook codes corresponding to the Cash Flow Updates events to be simulated., user_id: str # A unique user identifier, created by `/user/create`. Integrations that began using `/user/create` after December 10, 2025 use this field to identify a user instead of the `user_token`. For more details, see [new user APIs](https://plaid.com/docs/api/users/user-apis).} @returns(200) {request_id: str} # OK @endpoint POST /sandbox/oauth/select_accounts @desc Save the selected accounts when connecting to the Platypus Oauth institution @required {oauth_state_id: str, accounts: [str]} @returns(200) OK @endgroup @group signal @endpoint POST /signal/evaluate @desc Evaluate a planned ACH transaction @required {access_token: str # The access token associated with the Item data is being requested for., account_id: str # The Plaid `account_id` of the account that is the funding source for the proposed transaction. The `account_id` is returned in the `/accounts/get` endpoint as well as the [`onSuccess`](https://plaid.com/docs/link/ios/#link-ios-onsuccess-linkSuccess-metadata-accounts-id) callback metadata. This will return an [`INVALID_ACCOUNT_ID`](https://plaid.com/docs/errors/invalid-input/#invalid_account_id) error if the account has been removed at the bank or if the `account_id` is no longer valid., client_transaction_id: str # The unique ID that you would like to use to refer to this evaluation attempt - for example, a payment attempt ID. You will use this later to debug this evaluation, and/or report an ACH return, etc. The max length for this field is 36 characters., amount: num(double) # The transaction amount, in USD (e.g. `102.05`)} @optional {user_present: bool # `true` if the end user is present while initiating the ACH transfer and the endpoint is being called; `false` otherwise (for example, when the ACH transfer is scheduled and the end user is not present, or you call this endpoint after the ACH transfer but before submitting the Nacha file for ACH processing). When using a Balance-only ruleset, this field is ignored. This field is not currently used as part of Signal Transaction Score evaluations, but may be used in the future., client_user_id: str # A unique ID that identifies the end user in your system. This ID is used to correlate requests by a user with multiple Items. Personally identifiable information, such as an email address or phone number, should not be used in the `client_user_id`., is_recurring: bool # Use `true` if the ACH transaction is a part of recurring schedule (for example, a monthly repayment); `false` otherwise. When using a Balance-only ruleset, this field is ignored., default_payment_method: str # The default ACH payment method to complete the transaction. When using a Balance-only ruleset, this field is ignored. `SAME_DAY_ACH`: Same Day ACH by Nacha. The debit transaction is processed and settled on the same day. `STANDARD_ACH`: Standard ACH by Nacha. `MULTIPLE_PAYMENT_METHODS`: If there is no default debit rail or there are multiple payment methods. Possible values: `SAME_DAY_ACH`, `STANDARD_ACH`, `MULTIPLE_PAYMENT_METHODS`, user: map{name: map, phone_number: str, email_address: str, address: map} # Details about the end user initiating the transaction (i.e., the account holder). These fields are optional, but strongly recommended to increase the accuracy of results when using Signal Transaction Scores. When using a Balance-only ruleset, if the Signal Addendum has been signed, these fields are ignored; if the Addendum has not been signed, using these fields will result in an error., device: map{ip_address: str, user_agent: str} # Details about the end user's device. These fields are optional, but strongly recommended to increase the accuracy of results when using Signal Transaction Scores. When using a Balance-only Ruleset, these fields are ignored if the Signal Addendum has been signed; if it has not been signed, using these fields will result in an error., risk_profile_key: str # Specifying `risk_profile_key` is deprecated. Please provide `ruleset` instead., ruleset_key: str # The key of the ruleset to use for evaluating this transaction. You can create a ruleset using the Plaid Dashboard, under [Signal->Rules](https://dashboard.plaid.com/signal/risk-profiles). If not provided, for all new customers as of October 15, 2025, the `default` ruleset will be used. For existing Signal Transaction Scores customers as of October 15, 2025, by default, no ruleset will be used if the `ruleset_key` is not provided. For more information, or to opt out of using rulesets, see [Signal Rules](https://plaid.com/docs/signal/signal-rules/).} @returns(200) {request_id: str, scores: map?{customer_initiated_return_risk: map{score: int, risk_tier: int}, bank_initiated_return_risk: map{score: int, risk_tier: int}}, core_attributes: map{unauthorized_transactions_count_7d: int?, unauthorized_transactions_count_30d: int?, unauthorized_transactions_count_60d: int?, unauthorized_transactions_count_90d: int?, nsf_overdraft_transactions_count_7d: int?, nsf_overdraft_transactions_count_30d: int?, nsf_overdraft_transactions_count_60d: int?, nsf_overdraft_transactions_count_90d: int?, days_since_first_plaid_connection: int?, plaid_connections_count_7d: int?, plaid_connections_count_30d: int?, total_plaid_connections_count: int?, is_savings_or_money_market_account: bool?, total_credit_transactions_amount_10d: num(double)?, total_debit_transactions_amount_10d: num(double)?, p50_credit_transactions_amount_28d: num(double)?, p50_debit_transactions_amount_28d: num(double)?, p95_credit_transactions_amount_28d: num(double)?, p95_debit_transactions_amount_28d: num(double)?, days_with_negative_balance_count_90d: int?, p90_eod_balance_30d: num(double)?, p90_eod_balance_60d: num(double)?, p90_eod_balance_90d: num(double)?, p10_eod_balance_30d: num(double)?, p10_eod_balance_60d: num(double)?, p10_eod_balance_90d: num(double)?, available_balance: num(double)?, current_balance: num(double)?, balance_last_updated: str(date-time)?, phone_change_count_28d: int?, phone_change_count_90d: int?, email_change_count_28d: int?, email_change_count_90d: int?, address_change_count_28d: int?, address_change_count_90d: int?, plaid_non_oauth_authentication_attempts_count_3d: int?, plaid_non_oauth_authentication_attempts_count_7d: int?, plaid_non_oauth_authentication_attempts_count_30d: int?, failed_plaid_non_oauth_authentication_attempts_count_3d: int?, failed_plaid_non_oauth_authentication_attempts_count_7d: int?, failed_plaid_non_oauth_authentication_attempts_count_30d: int?, debit_transactions_count_10d: int?, credit_transactions_count_10d: int?, debit_transactions_count_30d: int?, credit_transactions_count_30d: int?, debit_transactions_count_60d: int?, credit_transactions_count_60d: int?, debit_transactions_count_90d: int?, credit_transactions_count_90d: int?, total_debit_transactions_amount_30d: num(double)?, total_credit_transactions_amount_30d: num(double)?, total_debit_transactions_amount_60d: num(double)?, total_credit_transactions_amount_60d: num(double)?, total_debit_transactions_amount_90d: num(double)?, total_credit_transactions_amount_90d: num(double)?, p50_eod_balance_30d: num(double)?, p50_eod_balance_60d: num(double)?, p50_eod_balance_90d: num(double)?, p50_eod_balance_31d_to_60d: num(double)?, p50_eod_balance_61d_to_90d: num(double)?, p90_eod_balance_31d_to_60d: num(double)?, p90_eod_balance_61d_to_90d: num(double)?, p10_eod_balance_31d_to_60d: num(double)?, p10_eod_balance_61d_to_90d: num(double)?, transactions_last_updated: str(date-time)?, is_account_closed: bool?, is_account_frozen_or_restricted: bool?, distinct_ip_addresses_count_3d: int?, distinct_ip_addresses_count_7d: int?, distinct_ip_addresses_count_30d: int?, distinct_ip_addresses_count_90d: int?, distinct_user_agents_count_3d: int?, distinct_user_agents_count_7d: int?, distinct_user_agents_count_30d: int?, distinct_user_agents_count_90d: int?, distinct_ssl_tls_connection_sessions_count_3d: int?, distinct_ssl_tls_connection_sessions_count_7d: int?, distinct_ssl_tls_connection_sessions_count_30d: int?, distinct_ssl_tls_connection_sessions_count_90d: int?, days_since_account_opening: int?, balance_to_transaction_amount_ratio: num(double)?}, risk_profile: map?{key: str, outcome: str}, ruleset: map?{ruleset_key: str, result: str, triggered_rule_details: map?{internal_note: str, custom_action_key: str}, outcome: str}, warnings: [map]} # OK @endpoint POST /signal/schedule @desc Schedule a planned ACH transaction @required {access_token: str # The access token associated with the Item data is being requested for., account_id: str # The Plaid `account_id` of the account that is the funding source for the proposed transaction. The `account_id` is returned in the `/accounts/get` endpoint as well as the [`onSuccess`](https://plaid.com/docs/link/ios/#link-ios-onsuccess-linkSuccess-metadata-accounts-id) callback metadata. This will return an [`INVALID_ACCOUNT_ID`](https://plaid.com/docs/errors/invalid-input/#invalid_account_id) error if the account has been removed at the bank or if the `account_id` is no longer valid., client_transaction_id: str # The unique ID that you would like to use to refer to this transaction. For your convenience mapping your internal data, you could use your internal ID/identifier for this transaction. The max length for this field is 36 characters., amount: num(double) # The transaction amount, in USD (e.g. `102.05`)} @optional {default_payment_method: str(SAME_DAY_ACH/STANDARD_ACH/MULTIPLE_PAYMENT_METHODS) # The payment method specified in the `default_payment_method` field directly impacts the timing recommendations provided by the API for submitting the debit entry to your processor or ODFI. If unspecified, defaults to `STANDARD_ACH`. `SAME_DAY_ACH`: Same Day ACH (as defined by Nacha). The API assumes the settlement will occur on the same business day if the `/signal/schedule` request is submitted by 6:00 PM UTC. Note: The actual cutoff time can vary depending on your payment processor or ODFI. Nacha has established three processing windows for Same Day ACH (UTC): 2:30 PM, 6:45 PM, and 8:45 PM. `STANDARD_ACH`: Standard ACH (as defined by Nacha), typically settled one to three business days after submission. `MULTIPLE_PAYMENT_METHODS`: Indicates that there is no default debit rail or multiple payment methods are available, and the transaction could use any of them based on customer policy or availability.} @returns(200) {optimal_date: str(date)?, recommendations: [map], warnings: [map], request_id: str} # OK @endpoint POST /signal/decision/report @desc Report whether you initiated an ACH transaction @required {client_transaction_id: str # Must be the same as the `client_transaction_id` supplied when calling `/signal/evaluate`, initiated: bool # `true` if the ACH transaction was initiated, `false` otherwise. This field must be returned as a boolean. If formatted incorrectly, this will result in an [`INVALID_FIELD`](https://plaid.com/docs/errors/invalid-request/#invalid_field) error.} @optional {days_funds_on_hold: int # The actual number of days (hold time) since the ACH debit transaction that you wait before making funds available to your customers. The holding time could affect the ACH return rate. For example, use 0 if you make funds available to your customers instantly or the same day following the debit transaction, or 1 if you make funds available the next day following the debit initialization., decision_outcome: str(APPROVE/REVIEW/REJECT/TAKE_OTHER_RISK_MEASURES/NOT_EVALUATED) # The payment decision from the risk assessment. `APPROVE`: approve the transaction without requiring further actions from your customers. For example, use this field if you are placing a standard hold for all the approved transactions before making funds available to your customers. You should also use this field if you decide to accelerate the fund availability for your customers. `REVIEW`: the transaction requires manual review `REJECT`: reject the transaction `TAKE_OTHER_RISK_MEASURES`: for example, placing a longer hold on funds than those approved transactions or introducing customer frictions such as step-up verification/authentication `NOT_EVALUATED`: if only logging the results without using them, payment_method: str(SAME_DAY_ACH/NEXT_DAY_ACH/STANDARD_ACH/MULTIPLE_PAYMENT_METHODS) # The payment method to complete the transaction after the risk assessment. It may be different from the default payment method. `SAME_DAY_ACH`: Same Day ACH by Nacha. The debit transaction is processed and settled on the same day. `STANDARD_ACH`: Standard ACH by Nacha. `MULTIPLE_PAYMENT_METHODS`: if there is no default debit rail or there are multiple payment methods., amount_instantly_available: num(double) # The amount (in USD) made available to your customers instantly following the debit transaction. It could be a partial amount of the requested transaction (example: 102.05)., submitted_at: str(date-time) # The date the ACH debit was submitted to the bank for processing (in ISO 8601 format: `YYYY-MM-DDTHH:mm:ssZ`). This field should correspond to the attempt initiated after the `/signal/schedule` call.} @returns(200) {request_id: str} # OK @endpoint POST /signal/return/report @desc Report a return for an ACH transaction @required {client_transaction_id: str # Must be the same as the `client_transaction_id` supplied when calling `/signal/evaluate` or `/accounts/balance/get`., return_code: str # Must be a valid ACH return code (e.g. "R01") If formatted incorrectly, this will result in an [`INVALID_FIELD`](https://plaid.com/docs/errors/invalid-request/#invalid_field) error.} @optional {returned_at: str(date-time) # Date and time when you receive the returns from your payment processors, in ISO 8601 format (`YYYY-MM-DDTHH:mm:ssZ`).} @returns(200) {request_id: str} # OK @endpoint POST /signal/prepare @desc Opt-in an Item to Signal Transaction Scores @required {access_token: str # The access token associated with the Item data is being requested for.} @returns(200) {request_id: str} # OK @endgroup @group wallet @endpoint POST /wallet/create @desc Create an e-wallet @required {iso_currency_code: str(GBP/EUR) # An ISO-4217 currency code, used with e-wallets and transactions.} @returns(200) OK @endpoint POST /wallet/get @desc Fetch an e-wallet @required {wallet_id: str # The ID of the e-wallet} @returns(200) OK @endpoint POST /wallet/list @desc Fetch a list of e-wallets @optional {iso_currency_code: str(GBP/EUR) # An ISO-4217 currency code, used with e-wallets and transactions., cursor: str # A base64 value representing the latest e-wallet that has already been requested. Set this to `next_cursor` received from the previous `/wallet/list` request. If provided, the response will only contain e-wallets created before that e-wallet. If omitted, the response will contain e-wallets starting from the most recent, and in descending order., count: int=10 # The number of e-wallets to fetch} @returns(200) {wallets: [map], next_cursor: str, request_id: str} # OK @endpoint POST /wallet/transaction/execute @desc Execute a transaction using an e-wallet @required {idempotency_key: str # A random key provided by the client, per unique wallet transaction. Maximum of 128 characters. The API supports idempotency for safely retrying requests without accidentally performing the same operation twice. If a request to execute a wallet transaction fails due to a network connection error, then after a minimum delay of one minute, you can retry the request with the same idempotency key to guarantee that only a single wallet transaction is created. If the request was successfully processed, it will prevent any transaction that uses the same idempotency key, and was received within 24 hours of the first request, from being processed., wallet_id: str # The ID of the e-wallet to debit from, counterparty: map{name!: str, numbers!: map, address: map, date_of_birth: str(date)} # An object representing the e-wallet transaction's counterparty, amount: map{iso_currency_code!: str, value!: num(double)} # The amount and currency of a transaction, reference: str # A reference for the transaction. This must be an alphanumeric string with 6 to 18 characters and must not contain any special characters or spaces. Ensure that the `reference` field is unique for each transaction.} @optional {originating_fund_source: map{full_name!: str, address!: map, account_number!: str, bic!: str} # The original source of the funds. This field is required by local regulation for certain businesses (e.g. money remittance) to send payouts to recipients in the EU and UK.} @returns(200) {transaction_id: str, status: str, request_id: str} # OK @endpoint POST /wallet/transaction/get @desc Fetch an e-wallet transaction @required {transaction_id: str # The ID of the transaction to fetch} @returns(200) OK @endpoint POST /wallet/transaction/list @desc List e-wallet transactions @required {wallet_id: str # The ID of the e-wallet to fetch transactions from} @optional {cursor: str # A value representing the latest transaction to be included in the response. Set this from `next_cursor` received in the previous `/wallet/transaction/list` request. If provided, the response will only contain that transaction and transactions created before it. If omitted, the response will contain transactions starting from the most recent, and in descending order by the `created_at` time., count: int=10 # The number of transactions to fetch, options: map{start_time: str(date-time), end_time: str(date-time)} # Additional wallet transaction options} @returns(200) {transactions: [map], next_cursor: str, request_id: str} # OK @endgroup @group beta @endpoint POST /beta/transactions/v1/enhance @desc enhance locally-held transaction data @required {account_type: str # The type of account for the requested transactions (`depository` or `credit`)., transactions: [map{id!: str, description!: str, amount!: num(double), iso_currency_code!: str}] # An array of raw transactions to be enhanced.} @returns(200) {enhanced_transactions: [map]} # OK @endpoint POST /beta/transactions/rules/v1/create @desc Create transaction category rule @required {client_user_id: str # A unique ID representing the end user. This ID is used to associate rules with a specific user., pfc_primary_category: str # A personal finance primary category. See the [taxonomy csv file](https://plaid.com/documents/pfc-taxonomy-all.csv) for a full list of personal finance categories., pfc_detailed_category: str # A personal finance detailed category. See the [taxonomy csv file](https://plaid.com/documents/pfc-taxonomy-all.csv) for a full list of personal finance categories., rule_details: map{field!: str, type!: str, query!: str} # A representation of transactions rule details.} @returns(200) {rule: map{id: str, user_id: str, created_at: str(date-time), updated_at: str(date-time), pfc_primary_category: str, pfc_detailed_category: str, rule_details: map{field: str, type: str, query: str}}, request_id: str} # OK @example_request {"client_id":"7f57eb3d2a9j6480121fx361","secret":"79g03eoofwl8240v776r2h667442119","client_user_id":"your-client-user-id","pfc_primary_category":"FOOD_AND_DRINK","pfc_detailed_category":"FOOD_AND_DRINK_FAST_FOOD","rule_details":{"field":"MERCHANT_NAME","type":"SUBSTRING_MATCH","query":"Burger Shack"}} @endpoint POST /beta/transactions/rules/v1/list @desc Return a list of rules created for the Item associated with the access token. @required {client_user_id: str # A unique ID representing the end user whose rules should be listed.} @returns(200) {rules: [map], request_id: str} # OK @example_request {"client_id":"7f57eb3d2a9j6480121fx361","secret":"79g03eoofwl8240v776r2h667442119","client_user_id":"your-client-user-id"} @endpoint POST /beta/transactions/rules/v1/remove @desc Remove transaction rule @required {client_user_id: str # A unique ID representing the end user the rule belongs to., rule_id: str # A rule's unique identifier} @returns(200) {request_id: str} # OK @example_request {"client_id":"7f57eb3d2a9j6480121fx361","secret":"79g03eoofwl8240v776r2h667442119","client_user_id":"your-client-user-id","rule_id":"eVBnVMp7zdTJLkRNr33Rs6zr7KNJqBF"} @endpoint POST /beta/transactions/user_insights/v1/get @desc Obtain user insights based on transactions sent through /transactions/enrich @required {client_user_id: str # A unique client-provided `client_user_id` to retrieve insights for.} @returns(200) {user_data_overview: map{transaction_count: int, oldest_transaction_date: str(date), newest_transaction_date: str(date), days_available: int, total_outflows: num(double), total_inflows: num(double)}, counterparty_insights: map{financial_institution_insights: [map], merchant_insights: [map]}, category_insights: map{primary_category_insights: [map], detailed_category_insights: [map]}, recurring_transactions: map{inflow_streams: [map], outflow_streams: [map]}} # OK @endpoint POST /beta/ewa_report/v1/get @desc Get EWA Score Report @required {access_token: str # The access token associated with the Item data is being requested for.} @returns(200) {request_id: str, ewa_report_id: str, generation_time: str(date-time), ewa_scores: [map]} # OK @example_request {"access_token":"access-sandbox-71e02f71-0960-4a27-abd2-5631e04f2175"} @endgroup @group issues @endpoint POST /issues/search @desc Search for an Issue @optional {item_id: str # A unique identifier for the Plaid Item., link_session_id: str # A unique identifier for the Link session., link_session_request_id: str # The `request_id` for the Link session that might have had an institution connection issue.} @returns(200) {issues: [map], request_id: str} # OK @endpoint POST /issues/get @desc Get an Issue @required {issue_id: str # The unique identifier of the issue to retrieve.} @returns(200) {issue: map{issue_id: str, institution_names: [str], institution_ids: [str], created_at: str(date-time), summary: str, detailed_description: str, status: str}, request_id: str} # OK @endpoint POST /issues/subscribe @desc Subscribe to an Issue @required {issue_id: str # The unique identifier of the issue to subscribe to., webhook: str # The webhook URL where notifications should be sent when the issue status changes.} @returns(200) {request_id: str} # Subscription was successful @endgroup @group payment_profile @endpoint POST /payment_profile/create @desc Create payment profile @returns(200) {payment_profile_token: str, request_id: str} # OK @endpoint POST /payment_profile/get @desc Get payment profile @required {payment_profile_token: str # A payment profile token associated with the Payment Profile data that is being requested.} @returns(200) {updated_at: str(date-time), created_at: str(date-time), deleted_at: str(date-time)?, status: str, request_id: str} # OK @endpoint POST /payment_profile/remove @desc Remove payment profile @required {payment_profile_token: str # A payment profile token associated with the Payment Profile data that is being requested.} @returns(200) {request_id: str} # OK @endgroup @group partner @endpoint POST /partner/customer/create @desc Creates a new end customer for a Plaid reseller. @required {company_name: str # The company name of the end customer being created. This will be used to display the end customer in the Plaid Dashboard. It will not be shown to end users., is_diligence_attested: bool # Denotes whether or not the partner has completed attestation of diligence for the end customer to be created., legal_entity_name: str # The end customer's legal name. This will be shared with financial institutions as part of the OAuth registration process. It will not be shown to end users., website: str # The end customer's website., application_name: str # The name of the end customer's application. This will be shown to end users when they go through the Plaid Link flow. The application name must be unique and cannot match the name of another application already registered with Plaid., address: map{city: str, street: str, region: str, postal_code: str, country_code: str} # The end customer's address., is_bank_addendum_completed: bool # Denotes whether the partner has forwarded the Plaid bank addendum to the end customer.} @optional {products: [str] # The products to be enabled for the end customer. If empty or `null`, this field will default to the products enabled for the reseller at the time this endpoint is called., create_link_customization: bool # If `true`, the end customer's default Link customization will be set to match the partner's. You can always change the end customer's Link customization in the Plaid Dashboard. See the [Link Customization docs](https://plaid.com/docs/link/customization/) for more information. If you require the ability to programmatically create end customers using multiple different Link customization profiles, contact your Plaid Account Manager for assistance. Important: Data Transparency Messaging (DTM) use cases will not be copied to the end customer's Link customization unless the **Publish changes** button is clicked after the use cases are applied. Link will not work in Production unless the end customer's DTM use cases are configured. For more details, see [Data Transparency Messaging](https://plaid.com/docs/link/data-transparency-messaging-migration-guide/)., logo: str # Base64-encoded representation of the end customer's logo. Must be a PNG of size 1024x1024 under 4MB. The logo will be shared with financial institutions and shown to the end user during Link flows. A logo is required if `create_link_customization` is `true`. If `create_link_customization` is `false` and the logo is omitted, the partner's logo will be used if one exists, otherwise a stock logo will be used., technical_contact: map{given_name: str, family_name: str, email: str} # The technical contact for the end customer. Defaults to partner's technical contact if omitted., billing_contact: map{given_name: str, family_name: str, email: str} # The billing contact for the end customer. Defaults to partner's billing contact if omitted., customer_support_info: map{email: str, phone_number: str, contact_url: str, link_update_url: str} # This information is public. Users of your app will see this information when managing connections between your app and their bank accounts in Plaid Portal. Defaults to partner's customer support info if omitted. This field is mandatory for partners whose Plaid accounts were created after November 26, 2024 and will be mandatory for all partners by the 1033 compliance deadline., assets_under_management: map{amount!: num(double), iso_currency_code!: str} # Assets under management for the given end customer. Required for end customers with monthly service commitments., redirect_uris: [str] # A list of URIs indicating the destination(s) where a user can be forwarded after completing the Link flow; used to support OAuth authentication flows when launching Link in the browser or another app. URIs should not contain any query parameters. When used in Production, URIs must use https. To modify redirect URIs for an end customer after creating them, go to the end customer's [API page](https://dashboard.plaid.com/team/api) in the Dashboard., registration_number: str # The unique identifier assigned to a financial institution by regulatory authorities, if applicable. For banks, this is the FDIC Certificate Number. For credit unions, this is the Credit Union Charter Number.} @returns(200) {end_customer: map, request_id: str} # OK @example_request {"client_id":"7f57eb3d2a9j6480121fx361","secret":"79g03eoofwl8240v776r2h667442119","company_name":"Plaid","is_diligence_attested":true,"products":["auth","identity"],"create_link_customization":true,"legal_entity_name":"Plaid","website":"plaid.com","application_name":"Plaid","technical_contact":{"given_name":"Alice","family_name":"Smith","email":"alice.smith@example.com"},"billing_contact":{"given_name":"Bob","family_name":"Jones","email":"bob.jones@example.com"},"address":{"city":"New York","street":"123 Main St","region":"NY","postal_code":"12345","country_code":"US"},"is_bank_addendum_completed":true,"customer_support_info":{"email":"support@example.com","phone_number":"1234567890","contact_url":"example.com/contact","link_update_url":"example.com/update"},"redirect_uris":["http://localhost/oauth.html","https://www.example.com/oauth.html"]} @endpoint POST /partner/customer/get @desc Returns a Plaid reseller's end customer. @required {end_customer_client_id: str} @returns(200) {end_customer: map{client_id: str, company_name: str, status: str}, request_id: str} # OK @example_request {"client_id":"7f57eb3d2a9j6480121fx361","secret":"79g03eoofwl8240v776r2h667442119","end_customer_client_id":"7f57eb3d2a9j6480121fx361"} @endpoint POST /partner/customer/enable @desc Enables a Plaid reseller's end customer in the Production environment. @required {end_customer_client_id: str} @returns(200) {production_secret: str, request_id: str} # OK @example_request {"client_id":"7f57eb3d2a9j6480121fx361","secret":"79g03eoofwl8240v776r2h667442119","end_customer_client_id":"7f57eb3d2a9j6480121fx361"} @endpoint POST /partner/customer/remove @desc Removes a Plaid reseller's end customer. @required {end_customer_client_id: str # The `client_id` of the end customer to be removed.} @returns(200) {request_id: str} # OK @example_request {"client_id":"7f57eb3d2a9j6480121fx361","secret":"79g03eoofwl8240v776r2h667442119","end_customer_client_id":"7f57eb3d2a9j6480121fx361"} @endpoint POST /partner/customer/oauth_institutions/get @desc Returns OAuth-institution registration information for a given end customer. @required {end_customer_client_id: str} @returns(200) {flowdown_status: str, questionnaire_status: str, institutions: [map], request_id: str} # OK @example_request {"client_id":"7f57eb3d2a9j6480121fx361","secret":"79g03eoofwl8240v776r2h667442119","end_customer_client_id":"7f57eb3d2a9j6480121fx361"} @endgroup @group beta @endpoint POST /beta/partner/customer/v1/create @desc Creates a new end customer for a Plaid reseller. @required {company_name: str # The company name of the end customer being created. This will be used to display the end customer in the Plaid Dashboard. It will not be shown to end users., website: str # The end customer's website., application_name: str # The name of the end customer's application. This will be shown to end users when they go through the Plaid Link flow. The application name must be unique and cannot match the name of another application already registered with Plaid., customer_support_info: map{email: str, phone_number: str, contact_url: str, link_update_url: str} # This information is public. Users of your app will see this information when managing connections between your app and their bank accounts in Plaid Portal. Defaults to partner's customer support info if omitted. This field is mandatory for partners whose Plaid accounts were created after November 26, 2024 and will be mandatory for all partners by the 1033 compliance deadline., address: map{city: str, street: str, region: str, postal_code: str, country_code: str} # The end customer's address.} @optional {is_diligence_attested: bool # Denotes whether or not the partner has completed attestation of diligence for the end customer to be created., products: [str] # The products to be enabled for the end customer. If empty or `null`, this field will default to the products enabled for the reseller at the time this endpoint is called., create_link_customization: bool # If `true`, the end customer's default Link customization will be set to match the partner's. You can always change the end customer's Link customization in the Plaid Dashboard. See the [Link Customization docs](https://plaid.com/docs/link/customization/) for more information. If you require the ability to programmatically create end customers using multiple different Link customization profiles, contact your Plaid Account Manager for assistance. Important: Data Transparency Messaging (DTM) use cases will not be copied to the end customer's Link customization unless the **Publish changes** button is clicked after the use cases are applied. Link will not work in Production unless the end customer's DTM use cases are configured. For more details, see [Data Transparency Messaging](https://plaid.com/docs/link/data-transparency-messaging-migration-guide/)., logo: str # Base64-encoded representation of the end customer's logo. Must be a PNG of size 1024x1024 under 4MB. The logo will be shared with financial institutions and shown to the end user during Link flows. A logo is required if `create_link_customization` is `true`. If `create_link_customization` is `false` and the logo is omitted, the partner's logo will be used if one exists, otherwise a stock logo will be used., legal_entity_name: str # The end customer's legal name. This will be shared with financial institutions as part of the OAuth registration process. It will not be shown to end users., technical_contact: map{given_name: str, family_name: str, email: str} # The technical contact for the end customer. Defaults to partner's technical contact if omitted., billing_contact: map{given_name: str, family_name: str, email: str} # The billing contact for the end customer. Defaults to partner's billing contact if omitted., redirect_uris: [str] # A list of URIs indicating the destination(s) where a user can be forwarded after completing the Link flow; used to support OAuth authentication flows when launching Link in the browser or another app. URIs should not contain any query parameters. When used in Production, URIs must use https. To modify redirect URIs for an end customer after creating them, go to the end customer's [API page](https://dashboard.plaid.com/team/api) in the Dashboard., bank_addendum_acceptance: map{customer_accepted: bool, customer_ip_address: str, customer_agreement_timestamp: str(date-time)} # The bank addendum acceptance for the end customer., questionnaires: map{cra: map} # The questionnaires for the end customer.} @returns(200) {end_customer: map, request_id: str} # OK @example_request {"client_id":"7f57eb3d2a9j6480121fx361","secret":"79g03eoofwl8240v776r2h667442119","company_name":"Plaid","products":["auth","identity"],"create_link_customization":true,"legal_entity_name":"Plaid","website":"plaid.com","application_name":"Plaid","technical_contact":{"given_name":"Alice","family_name":"Smith","email":"alice.smith@example.com"},"billing_contact":{"given_name":"Bob","family_name":"Jones","email":"bob.jones@example.com"},"address":{"city":"New York","street":"123 Main St","region":"NY","postal_code":"12345","country_code":"US"},"customer_support_info":{"email":"support@example.com","phone_number":"1234567890","contact_url":"example.com/contact","link_update_url":"example.com/update"},"redirect_uris":["http://localhost/oauth.html","https://www.example.com/oauth.html"]} @endpoint POST /beta/partner/customer/v1/get @desc Retrieves the details of a Plaid reseller's end customer. @required {end_customer_client_id: str} @returns(200) {end_customer: map{client_id: str, company_name: str, status: str, product_statuses: map, requirements_due: [str]}, request_id: str} # OK @example_request {"client_id":"7f57eb3d2a9j6480121fx361","secret":"79g03eoofwl8240v776r2h667442119","end_customer_client_id":"634758733ebb4f00134b85ea"} @endpoint POST /beta/partner/customer/v1/update @desc Updates an existing end customer. @required {end_customer_client_id: str} @optional {legal_entity_name: str, redirect_uris: [str], bank_addendum_acceptance: map{customer_accepted: bool, customer_ip_address: str, customer_agreement_timestamp: str(date-time)} # The bank addendum acceptance for the end customer., questionnaires: map{cra: map} # The questionnaires for the end customer.} @returns(200) {end_customer: map{client_id: str, company_name: str, status: str, product_statuses: map, requirements_due: [str]}, request_id: str} # OK @example_request {"client_id":"7f57eb3d2a9j6480121fx361","secret":"79g03eoofwl8240v776r2h667442119","end_customer_client_id":"634758733ebb4f00134b85ea","bank_addendum_acceptance":{"customer_accepted":true,"customer_agreement_timestamp":"2025-01-01T01:00:00Z","customer_ip_address":"127.0.0.1"},"questionnaires":{"cra":{"is_technical_service_provider_involved":true,"is_third_party_involved":true,"purposes":{"WRITTEN_INSTRUCTION":{"use_cases":["CREDIT_UNDERWRITING","TENANT_SCREENING"]}}}}} @endpoint POST /beta/partner/customer/v1/enable @desc Enables a Plaid reseller's end customer in the Production environment. @required {end_customer_client_id: str} @optional {products: [str]} @returns(200) {end_customer_client_id: str, status: str, product_statuses: map, production_secret: str, request_id: str} # OK @example_request {"client_id":"7f57eb3d2a9j6480121fx361","secret":"79g03eoofwl8240v776r2h667442119","end_customer_client_id":"634758733ebb4f00134b85ea","products":["auth"]} @endgroup @group link_delivery @endpoint POST /link_delivery/create @desc Create Hosted Link session @required {link_token: str # A `link_token` from a previous invocation of `/link/token/create`.} @optional {options: map{recipient: map} # Optional metadata related to the Hosted Link session} @returns(200) {link_delivery_url: str, link_delivery_session_id: str, request_id: str} # OK @endpoint POST /link_delivery/get @desc Get Hosted Link session @required {link_delivery_session_id: str # The ID for the Hosted Link session from a previous invocation of `/link_delivery/create`.} @returns(200) {status: str, created_at: str(date-time), completed_at: str(date-time)?, request_id: str, access_tokens: [str]?, item_ids: [str]?} # OK @endgroup @group fdx @endpoint POST /fdx/notifications @desc Webhook receiver for fdx notifications @required {notificationId: str # Id of notification, type: str(ACCOUNT_TAKEOVER/ADDRESS_CHANGED/BALANCE/CONSENT_EXPIRED/CONSENT_GRANTED/CONSENT_REVOKED/CONSENT_UPDATED/CUSTOM/MFA_TARGET_CHANGED/PHONE_CHANGED/PLANNED_OUTAGE/RISK/SERVICE/SUSPECTED_INCIDENT/TAN_ACTIVATED/TAN_CREATED/TAN_REVOKED/TAN_SUSPENDED) # Type of Notification, sentOn: str(date-time) # ISO 8601 date-time in format 'YYYY-MM-DDThh:mm:ss.nnn[Z|[+|-]hh:mm]' according to [IETF RFC3339](https://xml2rfc.tools.ietf.org/public/rfc/html/rfc3339.html#anchor14), category: str(SECURITY/MAINTENANCE/FRAUD/CONSENT/NEW_DATA/TOKENIZED_ACCOUNT_NUMBER) # Category of Notification, notificationPayload: map{id: str, idType: str, event: map} # Custom key-value pairs payload for a notification} @optional {subtype: str # An optional initiator-defined event subtype code or description if the event type needs to be further categorized or described., severity: str(EMERGENCY/ALERT/WARNING/NOTICE/INFO) # Severity level of notification, priority: str(HIGH/MEDIUM/LOW) # Priority of notification, publisher: map{name!: str, type!: str, homeUri: str(uri), logoUri: str(uri), registry: str, registeredEntityName: str, registeredEntityId: str} # FDX Participant - an entity or person that is a part of a FDX API transaction, subscriber: map{name!: str, type!: str, homeUri: str(uri), logoUri: str(uri), registry: str, registeredEntityName: str, registeredEntityId: str} # FDX Participant - an entity or person that is a part of a FDX API transaction, url: map{href!: str(uri-reference), action: str, rel: str, types: [str]} # REST application constraint (Hypermedia As The Engine Of Application State)} @returns(200) OK @endpoint GET /fdx/recipients @desc Get Recipients @returns(200) {recipients: [any]} # OK @endpoint GET /fdx/recipient/{recipientId} @desc Get Recipient @required {recipientId: str # Recipient Identifier. Uniquely identifies the recipient} @optional {OAUTH-STATE-ID: str # The value that is passed into the OAuth URI 'state' query parameter.} @returns(200) OK @endgroup @group network_insights @endpoint POST /network_insights/report/get @desc Retrieve network insights for the provided `access_tokens` @required {access_tokens: [str] # A list of access tokens that the Network Insights will be requested for. These correspond to previous Items a user has connected.} @returns(200) {report: map{report_id: str, generated_time: str(date-time), network_attributes: map, items: [map]}, request_id: str} # OK @endgroup @end