• API
  • Connect
  • Guides
  • Get Started
    • Overview
    • Changelog
    • Sandbox Banks
    • Example Projects
    • Client Libraries
  • Foundations
    • Authentication
    • Link Session
    • Links
    • Users
    • Institutions
    • Webhooks
  • Products
    • Accounts
    • Account Numbers
    • Transactions
    • Investments
    • Identity
  • Reference
    • Link Errors
    • Transactions Enrichment
    • Account Types
    • Flow Diagram

Authentication

Authentication

Endpoints

    POST

    Create Access Token

    Create a new short-lived access token by validating your client_id and client_secret.

    The access_token is to be forwarded with all subsequent requests as Authorization: Bearer {access_token} HTTP header.

    When the token expires you must regenerate your access_token.

    The client_id and client_secret can be supplied as POST body parameters, or as a HTTP basic auth header.

    GET

    Get Access Token Details

    Get details about the client and application associated with your access_token.

    GET

    Get JSON Web Key Set

    The JSON Web Key Set (JWKS) is a set of keys containing the public keys used to verify JWTs in webhooks sent by MoneyKit.

    The JWKS should be cached, but MoneyKit rotates its webhook keys periodically, so if an
    incoming webhook's JWT has a key ID (`kid`) not contained in the cached JWKS, you should fetch
    and cache the updated JWKS using this endpoint.