The Plaid npm package is a client library for interacting with the Plaid API, which allows developers to connect their applications to users' bank accounts and financial data. It provides a range of functionalities including retrieving account balances, transaction histories, and verifying account ownership.
Retrieve Account Balances
This feature allows you to retrieve the current balance of all accounts associated with a given access token.
const plaid = require('plaid');
const client = new plaid.Client({
clientID: 'your_client_id',
secret: 'your_secret',
env: plaid.environments.sandbox
});
client.getBalance('access_token', (error, response) => {
if (error) {
console.error(error);
} else {
console.log(response.accounts);
}
});Retrieve Transaction Histories
This feature allows you to retrieve transaction histories for all accounts associated with a given access token within a specified date range.
const plaid = require('plaid');
const client = new plaid.Client({
clientID: 'your_client_id',
secret: 'your_secret',
env: plaid.environments.sandbox
});
client.getTransactions('access_token', 'start_date', 'end_date', (error, response) => {
if (error) {
console.error(error);
} else {
console.log(response.transactions);
}
});Verify Account Ownership
This feature allows you to verify account ownership and retrieve account and routing numbers for accounts associated with a given access token.
const plaid = require('plaid');
const client = new plaid.Client({
clientID: 'your_client_id',
secret: 'your_secret',
env: plaid.environments.sandbox
});
client.getAuth('access_token', (error, response) => {
if (error) {
console.error(error);
} else {
console.log(response.accounts);
}
});Yodlee offers a comprehensive financial data aggregation service, similar to Plaid. It provides access to a wide range of financial data, including account balances, transactions, and investment data. Yodlee is known for its extensive data coverage and is used by many financial institutions.
MX focuses on financial data aggregation and enhancement, providing tools for personal financial management, account verification, and transaction categorization. It is known for its user-friendly interfaces and data accuracy.
The official Node.js client library for the Plaid API.
$ npm install plaid
This release only supports the latest Plaid API version, 2020-09-14, and is generated from our OpenAPI schema.
For information about what has changed between versions and how to update your integration, head to the API upgrade guide.
The plaid-node client library is typically updated on a monthly basis. The canonical source for the latest version number is the client library changelog. New versions are published as GitHub tags, not as Releases. New versions are also published on npm. Plaid uses semantic versioning to version the client libraries, with potentially breaking changes being indicated by a major version bump.
All users are strongly recommended to use a recent version of the library, as older versions do not contain support for new endpoints and fields. For more details, see the Migration Guide.
Most endpoints require a valid client_id and secret as authentication. Attach them via the configuration.
import { Configuration, PlaidApi, PlaidEnvironments } from 'plaid';
const configuration = new Configuration({
basePath: PlaidEnvironments.sandbox,
baseOptions: {
headers: {
'PLAID-CLIENT-ID': CLIENT_ID,
'PLAID-SECRET': SECRET,
},
},
});
The PlaidEnvironments parameter dictates which Plaid API environment you will access. Values are:
PlaidEnvironments.production - production use and live data testing, creates Items on https://production.plaid.comPlaidEnvironments.sandbox - quickly build out your integration with stateful test data, creates Items on https://sandbox.plaid.comThe baseOptions field allows for clients to override the default options used to make requests. e.g.
const configuration = new Configuration({
basePath: PlaidEnvironments.sandbox,
baseOptions: {
// Axios request options
},
});
Dates and datetimes in requests and responses are represented as strings.
Time zone information is required for request fields that accept datetimes. Failing to include time zone information will result in an error. See the following examples for guidance on syntax.
If the API reference documentation for a field specifies format: date, use a string formatted as 'YYYY-MM-DD':
const start_date = '2022-05-05';
If the API reference documentation for a field specifies format: date-time, use a string formatted as 'YYYY-MM-DDTHH:mm:ssZ':
const start_date = '2019-12-12T22:35:49Z';
All errors can now be caught using try/catch with async/await or through promise chaining.
try {
await plaidClient.transactionsSync(request);
} catch (error) {
const err = error.response.data;
}
// or
plaidClient
.transactionsSync(request)
.then((data) => {
console.log(data);
})
.catch((e) => {
console.log(e.response.data);
});
Note that the full error object includes the API configuration object, including the request headers, which in turn include the API key and secret. To avoid logging your API secret, log only error.data and/or avoid logging the full error.config.headers object.
For more examples, see the test suites, Quickstart, or API Reference documentation.
Exchange a public_token from Plaid Link for a Plaid access_token and then
retrieve account data:
const response = await plaidClient.itemPublicTokenExchange({ public_token });
const access_token = response.data.access_token;
const accounts_response = await plaidClient.accountsGet({ access_token });
const accounts = accounts_response.data.accounts;
Retrieve the last 100 transactions for a transactions user (new, recommended method):
const response = await plaidClient.transactionsSync({
access_token
});
const transactions = response.data.transactions;
);
Retrieve the transactions for a transactions user for the last thirty days (using the older method):
const now = moment();
const today = now.format('YYYY-MM-DD');
const thirtyDaysAgo = now.subtract(30, 'days').format('YYYY-MM-DD');
const response = await plaidClient.transactionsGet({
access_token,
start_date: thirtyDaysAgo,
end_date: today,
});
const transactions = response.data.transactions;
console.log(
`You have ${transactions.length} transactions from the last thirty days.`,
);
Get accounts for a particular Item:
const response = await plaidClient.accountsGet({
access_token,
options: {
account_ids: ['123456790'],
},
});
console.log(response.data.accounts);
Download Asset Report PDF:
const pdfResp = await plaidClient.assetReportPdfGet(
{
asset_report_token: assetReportToken,
},
{
responseType: 'arraybuffer',
},
);
fs.writeFileSync('asset_report.pdf', pdfResp.data);
Every method returns a promise, so you can use async/await or promise chaining.
API methods that return either a success or an error can be used with the
usual then/catch paradigm, e.g.
plaidPromise
.then((successResponse) => {
// ...
})
.catch((err) => {
// ...
});
For example:
import * as bodyParser from 'body-parser';
import * as express from 'express';
import { Configuration, PlaidApi, PlaidEnvironments } from 'plaid';
const configuration = new Configuration({
basePath: PlaidEnvironments.sandbox,
baseOptions: {
headers: {
'PLAID-CLIENT-ID': CLIENT_ID,
'PLAID-SECRET': SECRET,
'Plaid-Version': '2020-09-14',
},
},
});
const plaidClient = new PlaidApi(configuration);
const app = express();
const port = process.env.PORT || 3000;
app.use(
bodyParser.urlencoded({
extended: true,
}),
);
app.use(bodyParser.json());
app.post('/plaid_exchange', (req, res) => {
var public_token = req.body.public_token;
return plaidClient
.itemPublicTokenExchange({ public_token })
.then((tokenResponse) => tokenResponse.access_token)
.then((access_token) => plaidClient.accountsGet({ access_token }))
.then((accountsResponse) => console.log(accountsResponse.data.accounts))
.catch((error) => {
const err = error.response.data;
// Indicates plaid API error
console.error('/exchange token returned an error', {
error_type: err.error_type,
error_code: err.error_code,
error_message: err.error_message,
display_message: err.display_message,
documentation_url: err.documentation_url,
request_id: err.request_id,
});
// Inspect error_type to handle the error in your application
switch (err.error_type) {
case 'INVALID_REQUEST':
// ...
break;
case 'INVALID_INPUT':
// ...
break;
case 'RATE_LIMIT_EXCEEDED':
// ...
break;
case 'API_ERROR':
// ...
break;
case 'ITEM_ERROR':
// ...
break;
default:
// fallthrough
}
res.sendStatus(500);
});
});
app.listen(port, () => {
console.log(`Listening on port ${port}`);
});
Migrating from version 9.0.0 or later of the library to a recent version should involve very minor integration changes. Many customers will not need to make changes to their integrations at all. To see a list of all potentially-breaking changes since your current version, see the client library changelog and search for "Breaking changes in this version". Breaking changes are annotated at the top of each major version header.
Version 9.0.0 of the client library was released in August 2021 and represents a major interface change. Any customer migrating from a version prior to 9.0.0 should consult the migration guide below.
This version represents a transition in how we maintain our external client libraries. We are now using an API spec written in OpenAPI 3.0.0 and running our definition file through OpenAPITool's typescript-axios generator. All tests have been rewritten in Typescript.
From:
const configs = {
clientID: CLIENT_ID,
secret: SECRET,
env: plaid.environments.sandbox,
options: {
version: '2020-09-14',
},
};
new plaid.Client(configs);
To:
const configuration = new Configuration({
basePath: PlaidEnvironments.sandbox,
baseOptions: {
headers: {
'PLAID-CLIENT-ID': CLIENT_ID,
'PLAID-SECRET': SECRET,
'Plaid-Version': '2020-09-14',
},
},
});
new PlaidApi(configuration);
All endpoint requests now take a request model, have better Typescript support and the functions have been renamed to move the verb to the end (e.g getTransactions is now transactionsGet).
Callbacks are no longer supported.
From:
pCl.sandboxPublicTokenCreate(
testConstants.INSTITUTION,
testConstants.PRODUCTS,
{},
cb,
);
To:
const request: SandboxPublicTokenCreateRequest = {
institution_id: TestConstants.INSTITUTION,
initial_products: TestConstants.PRODUCTS as Products[],
options,
};
const response = await plaidClient.sandboxPublicTokenCreate(request);
From:
pCl.getTransactions(
accessToken,
startDate,
endDate,
{ count: count, offset: offset },
(err, response) => {
if (err) {
if (err.status_code === 400 && err.error_code === 'PRODUCT_NOT_READY') {
setTimeout(() => {
getTransactionsWithRetries(
accessToken,
startDate,
endDate,
count,
offset,
num_retries_remaining - 1,
cb,
);
}, 1000);
} else {
throw new Error('Unexpected error while polling for transactions', err);
}
} else {
cb(null, response);
}
},
);
To:
plaidClient
.transactionsGet(request)
.then((response) => resolve(response.data))
.catch(() => {
setTimeout(() => {
if (retriesLeft === 1) {
return reject('Ran out of retries while polling for transactions');
}
getTransactionsWithRetries(
plaidClient,
access_token,
start_date,
end_date,
count,
offset,
ms,
retriesLeft - 1,
).then((response) => resolve(response));
}, ms);
});
or use `try/catch`
try {
await plaidClient.transactionsGet(request);
} catch (error) {
const err = error.response.data;
...
}
While the API and pre-9.0.0 versions represent enums using strings, 9.0.0 and later allows either strings or Node enums.
Old:
products: ['auth', 'transactions'],
Current:
products: ['auth', 'transactions'],
// or
const { Products } = require("plaid");
products: [Products.Auth, Products.Transactions],
Open an issue!
Click here!
FAQs
A node.js client for the Plaid API
We found that plaid demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 12 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PyPI confirms no security flaws were exploited in the Ultralytics supply chain attack and highlights improvements for safer package publishing.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.