Exchange Token

Exchange Token

After the end user has successfully completed the linking process, your back end calls this endpoint to exchange the token received by your front end for a link_id that can be used to access the link's data.

URL

POST
/link-session/exchange-token
Request
curl --request POST \
  --url https://api.moneykit.com/link-session/exchange-token \
  --header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
  --header 'X-Client-Id: SOME_STRING_VALUE' \
  --header 'X-Client-Secret: SOME_STRING_VALUE' \
  --header 'content-type: application/json' \
  --data '{"exchangeable_token":"c7318ff7-257c-490e-8242-03a815b223b7"}'
const options = {
  method: 'POST',
  headers: {
    'X-Client-Id': 'SOME_STRING_VALUE',
    'X-Client-Secret': 'SOME_STRING_VALUE',
    Authorization: 'Bearer REPLACE_BEARER_TOKEN',
    'content-type': 'application/json'
  },
  body: '{"exchangeable_token":"c7318ff7-257c-490e-8242-03a815b223b7"}'
};

fetch('https://api.moneykit.com/link-session/exchange-token', options)
  .then(response => response.json())
  .then(response => console.log(response))
  .catch(err => console.error(err));
import requests

url = "https://api.moneykit.com/link-session/exchange-token"

payload = {"exchangeable_token": "c7318ff7-257c-490e-8242-03a815b223b7"}
headers = {
    "X-Client-Id": "SOME_STRING_VALUE",
    "X-Client-Secret": "SOME_STRING_VALUE",
    "Authorization": "Bearer REPLACE_BEARER_TOKEN",
    "content-type": "application/json"
}

response = requests.request("POST", url, json=payload, headers=headers)

print(response.text)
package main

import (
	"fmt"
	"strings"
	"net/http"
	"io/ioutil"
)

func main() {

	url := "https://api.moneykit.com/link-session/exchange-token"

	payload := strings.NewReader("{\"exchangeable_token\":\"c7318ff7-257c-490e-8242-03a815b223b7\"}")

	req, _ := http.NewRequest("POST", url, payload)

	req.Header.Add("X-Client-Id", "SOME_STRING_VALUE")
	req.Header.Add("X-Client-Secret", "SOME_STRING_VALUE")
	req.Header.Add("Authorization", "Bearer REPLACE_BEARER_TOKEN")
	req.Header.Add("content-type", "application/json")

	res, _ := http.DefaultClient.Do(req)

	defer res.Body.Close()
	body, _ := ioutil.ReadAll(res.Body)

	fmt.Println(res)
	fmt.Println(string(body))

}
require 'uri'
require 'net/http'
require 'openssl'

url = URI("https://api.moneykit.com/link-session/exchange-token")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE

request = Net::HTTP::Post.new(url)
request["X-Client-Id"] = 'SOME_STRING_VALUE'
request["X-Client-Secret"] = 'SOME_STRING_VALUE'
request["Authorization"] = 'Bearer REPLACE_BEARER_TOKEN'
request["content-type"] = 'application/json'
request.body = "{\"exchangeable_token\":\"c7318ff7-257c-490e-8242-03a815b223b7\"}"

response = http.request(request)
puts response.read_body
import Foundation

let headers = [
  "X-Client-Id": "SOME_STRING_VALUE",
  "X-Client-Secret": "SOME_STRING_VALUE",
  "Authorization": "Bearer REPLACE_BEARER_TOKEN",
  "content-type": "application/json"
]
let parameters = ["exchangeable_token": "c7318ff7-257c-490e-8242-03a815b223b7"] as [String : Any]

let postData = JSONSerialization.data(withJSONObject: parameters, options: [])

let request = NSMutableURLRequest(url: NSURL(string: "https://api.moneykit.com/link-session/exchange-token")! as URL,
                                        cachePolicy: .useProtocolCachePolicy,
                                    timeoutInterval: 10.0)
request.httpMethod = "POST"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data

let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
  if (error != nil) {
    print(error)
  } else {
    let httpResponse = response as? HTTPURLResponse
    print(httpResponse)
  }
})

dataTask.resume()
Response
{
  "link": {
    "link_id": "mk_eqkWN34UEoa2NxyALG8pcV",
    "institution_id": "chase",
    "institution_name": "Chase",
    "institution_avatar": "https://example.com/avatar.png",
    "state": "connected",
    "error_code": null,
    "provider": "akoya",
    "link_tags": [
      "smoke_test",
      "user_type:admin"
    ],
    "webhook": "https://example.com/webhook",
    "products": {
      "additionalProp": {}
    },
    "available_products": [
      "account_numbers"
    ]
  }
}
{
  "error_code": "link_session_error.invalid_token_exchange",
  "error_message": "Invalid token for link",
  "documentation_url": string
}
{
  "error_code": "api_error.auth.expired_access_token",
  "error_message": "Access token expired",
  "documentation_url": string
}

exchangeable_token

: string

required

The token returned to your front end by Connect's onSuccess callback.

example: c7318ff7-257c-490e-8242-03a815b223b7

X-Client-Id

: string

Your client ID.

example: live_dcc75c42eb6122127356

X-Client-Secret

: string

Your client secret

example: vzPznCv3kT7fHsAr6y3jk38d

Responses

201

Successful Response

400

Invalid token exchange (bad token, incorrect link state, etc...).

error_code

: string

default: "link_session_error.invalid_token_exchange"

error_message

: string

Error message

example: Invalid token for link

documentation_url