Exchange Token
Exchange Token
After the end user has successfully completed the linking process, your back end
calls this endpoint to exchange the token received by your front end for a link_id that can be used to access
the link's data.
URL
POST
/link-session/exchange-token
Request
curl --request POST \
--url https://api.moneykit.com/link-session/exchange-token \
--header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
--header 'X-Client-Id: SOME_STRING_VALUE' \
--header 'X-Client-Secret: SOME_STRING_VALUE' \
--header 'content-type: application/json' \
--data '{"exchangeable_token":"c7318ff7-257c-490e-8242-03a815b223b7"}'
const options = {
method: 'POST',
headers: {
'X-Client-Id': 'SOME_STRING_VALUE',
'X-Client-Secret': 'SOME_STRING_VALUE',
Authorization: 'Bearer REPLACE_BEARER_TOKEN',
'content-type': 'application/json'
},
body: '{"exchangeable_token":"c7318ff7-257c-490e-8242-03a815b223b7"}'
};
fetch('https://api.moneykit.com/link-session/exchange-token', options)
.then(response => response.json())
.then(response => console.log(response))
.catch(err => console.error(err));
import requests
url = "https://api.moneykit.com/link-session/exchange-token"
payload = {"exchangeable_token": "c7318ff7-257c-490e-8242-03a815b223b7"}
headers = {
"X-Client-Id": "SOME_STRING_VALUE",
"X-Client-Secret": "SOME_STRING_VALUE",
"Authorization": "Bearer REPLACE_BEARER_TOKEN",
"content-type": "application/json"
}
response = requests.request("POST", url, json=payload, headers=headers)
print(response.text)
package main
import (
"fmt"
"strings"
"net/http"
"io/ioutil"
)
func main() {
url := "https://api.moneykit.com/link-session/exchange-token"
payload := strings.NewReader("{\"exchangeable_token\":\"c7318ff7-257c-490e-8242-03a815b223b7\"}")
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("X-Client-Id", "SOME_STRING_VALUE")
req.Header.Add("X-Client-Secret", "SOME_STRING_VALUE")
req.Header.Add("Authorization", "Bearer REPLACE_BEARER_TOKEN")
req.Header.Add("content-type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := ioutil.ReadAll(res.Body)
fmt.Println(res)
fmt.Println(string(body))
}
require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://api.moneykit.com/link-session/exchange-token")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Post.new(url)
request["X-Client-Id"] = 'SOME_STRING_VALUE'
request["X-Client-Secret"] = 'SOME_STRING_VALUE'
request["Authorization"] = 'Bearer REPLACE_BEARER_TOKEN'
request["content-type"] = 'application/json'
request.body = "{\"exchangeable_token\":\"c7318ff7-257c-490e-8242-03a815b223b7\"}"
response = http.request(request)
puts response.read_body
import Foundation
let headers = [
"X-Client-Id": "SOME_STRING_VALUE",
"X-Client-Secret": "SOME_STRING_VALUE",
"Authorization": "Bearer REPLACE_BEARER_TOKEN",
"content-type": "application/json"
]
let parameters = ["exchangeable_token": "c7318ff7-257c-490e-8242-03a815b223b7"] as [String : Any]
let postData = JSONSerialization.data(withJSONObject: parameters, options: [])
let request = NSMutableURLRequest(url: NSURL(string: "https://api.moneykit.com/link-session/exchange-token")! as URL,
cachePolicy: .useProtocolCachePolicy,
timeoutInterval: 10.0)
request.httpMethod = "POST"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data
let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
if (error != nil) {
print(error)
} else {
let httpResponse = response as? HTTPURLResponse
print(httpResponse)
}
})
dataTask.resume()
Response
{
"link": {
"link_id": "mk_eqkWN34UEoa2NxyALG8pcV",
"institution_id": "chase",
"institution_name": "Chase",
"institution_avatar": "https://example.com/avatar.png",
"state": "connected",
"error_code": null,
"provider": "akoya",
"link_tags": [
"smoke_test",
"user_type:admin"
],
"webhook": "https://example.com/webhook",
"products": {
"accounts": {
"refreshed_at": "2023-02-16T09:14:11Z",
"last_attempted_at": "2023-02-16T09:14:11Z",
"error_code": "rate_limit",
"error_message": string,
"unavailable": string
},
"account_numbers": {
"refreshed_at": "2023-02-16T09:14:11Z",
"last_attempted_at": "2023-02-16T09:14:11Z",
"error_code": "rate_limit",
"error_message": string,
"unavailable": string
},
"identity": {
"refreshed_at": "2023-02-16T09:14:11Z",
"last_attempted_at": "2023-02-16T09:14:11Z",
"error_code": "rate_limit",
"error_message": string,
"unavailable": string
},
"transactions": {
"refreshed_at": "2023-02-16T09:14:11Z",
"last_attempted_at": "2023-02-16T09:14:11Z",
"error_code": "rate_limit",
"error_message": string,
"unavailable": string
},
"investments": {
"refreshed_at": "2023-02-16T09:14:11Z",
"last_attempted_at": "2023-02-16T09:14:11Z",
"error_code": "rate_limit",
"error_message": string,
"unavailable": string
},
"enrichment": {
"refreshed_at": "2023-02-16T09:14:11Z",
"last_attempted_at": "2023-02-16T09:14:11Z",
"error_code": "rate_limit",
"error_message": string,
"unavailable": string
}
},
"available_products": [
"account_numbers"
]
}
}
{
"error_code": "link_session_error.invalid_token_exchange",
"error_message": "Invalid token for link",
"documentation_url": string
}
{
"error_code": "api_error.auth.expired_access_token",
"error_message": "Access token expired",
"documentation_url": string
}
exchangeable_token
: string
required
The token returned to your front end by Connect's onSuccess callback.
example: c7318ff7-257c-490e-8242-03a815b223b7
X-Client-Id
: string
Your client ID.
example: live_dcc75c42eb6122127356
X-Client-Secret
: string
Your client secret
example: vzPznCv3kT7fHsAr6y3jk38d
Responses
201
Successful Response
link_id
: string
deprecated
Please use link.link_id for this value
example: mk_eqkWN34UEoa2NxyALG8pcV
link
: object
Details of the new link.
400
Invalid token exchange (bad token, incorrect link state, etc...).
error_code
: string
default: "link_session_error.invalid_token_exchange"
error_message
: string
Error message
example: Invalid token for link
documentation_url
Request
curl --request POST \
--url https://api.moneykit.com/link-session/exchange-token \
--header 'Authorization: Bearer REPLACE_BEARER_TOKEN' \
--header 'X-Client-Id: SOME_STRING_VALUE' \
--header 'X-Client-Secret: SOME_STRING_VALUE' \
--header 'content-type: application/json' \
--data '{"exchangeable_token":"c7318ff7-257c-490e-8242-03a815b223b7"}'
const options = {
method: 'POST',
headers: {
'X-Client-Id': 'SOME_STRING_VALUE',
'X-Client-Secret': 'SOME_STRING_VALUE',
Authorization: 'Bearer REPLACE_BEARER_TOKEN',
'content-type': 'application/json'
},
body: '{"exchangeable_token":"c7318ff7-257c-490e-8242-03a815b223b7"}'
};
fetch('https://api.moneykit.com/link-session/exchange-token', options)
.then(response => response.json())
.then(response => console.log(response))
.catch(err => console.error(err));
import requests
url = "https://api.moneykit.com/link-session/exchange-token"
payload = {"exchangeable_token": "c7318ff7-257c-490e-8242-03a815b223b7"}
headers = {
"X-Client-Id": "SOME_STRING_VALUE",
"X-Client-Secret": "SOME_STRING_VALUE",
"Authorization": "Bearer REPLACE_BEARER_TOKEN",
"content-type": "application/json"
}
response = requests.request("POST", url, json=payload, headers=headers)
print(response.text)
package main
import (
"fmt"
"strings"
"net/http"
"io/ioutil"
)
func main() {
url := "https://api.moneykit.com/link-session/exchange-token"
payload := strings.NewReader("{\"exchangeable_token\":\"c7318ff7-257c-490e-8242-03a815b223b7\"}")
req, _ := http.NewRequest("POST", url, payload)
req.Header.Add("X-Client-Id", "SOME_STRING_VALUE")
req.Header.Add("X-Client-Secret", "SOME_STRING_VALUE")
req.Header.Add("Authorization", "Bearer REPLACE_BEARER_TOKEN")
req.Header.Add("content-type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := ioutil.ReadAll(res.Body)
fmt.Println(res)
fmt.Println(string(body))
}
require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://api.moneykit.com/link-session/exchange-token")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Post.new(url)
request["X-Client-Id"] = 'SOME_STRING_VALUE'
request["X-Client-Secret"] = 'SOME_STRING_VALUE'
request["Authorization"] = 'Bearer REPLACE_BEARER_TOKEN'
request["content-type"] = 'application/json'
request.body = "{\"exchangeable_token\":\"c7318ff7-257c-490e-8242-03a815b223b7\"}"
response = http.request(request)
puts response.read_body
import Foundation
let headers = [
"X-Client-Id": "SOME_STRING_VALUE",
"X-Client-Secret": "SOME_STRING_VALUE",
"Authorization": "Bearer REPLACE_BEARER_TOKEN",
"content-type": "application/json"
]
let parameters = ["exchangeable_token": "c7318ff7-257c-490e-8242-03a815b223b7"] as [String : Any]
let postData = JSONSerialization.data(withJSONObject: parameters, options: [])
let request = NSMutableURLRequest(url: NSURL(string: "https://api.moneykit.com/link-session/exchange-token")! as URL,
cachePolicy: .useProtocolCachePolicy,
timeoutInterval: 10.0)
request.httpMethod = "POST"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data
let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
if (error != nil) {
print(error)
} else {
let httpResponse = response as? HTTPURLResponse
print(httpResponse)
}
})
dataTask.resume()
Response
{
"link": {
"link_id": "mk_eqkWN34UEoa2NxyALG8pcV",
"institution_id": "chase",
"institution_name": "Chase",
"institution_avatar": "https://example.com/avatar.png",
"state": "connected",
"error_code": null,
"provider": "akoya",
"link_tags": [
"smoke_test",
"user_type:admin"
],
"webhook": "https://example.com/webhook",
"products": {
"accounts": {
"refreshed_at": "2023-02-16T09:14:11Z",
"last_attempted_at": "2023-02-16T09:14:11Z",
"error_code": "rate_limit",
"error_message": string,
"unavailable": string
},
"account_numbers": {
"refreshed_at": "2023-02-16T09:14:11Z",
"last_attempted_at": "2023-02-16T09:14:11Z",
"error_code": "rate_limit",
"error_message": string,
"unavailable": string
},
"identity": {
"refreshed_at": "2023-02-16T09:14:11Z",
"last_attempted_at": "2023-02-16T09:14:11Z",
"error_code": "rate_limit",
"error_message": string,
"unavailable": string
},
"transactions": {
"refreshed_at": "2023-02-16T09:14:11Z",
"last_attempted_at": "2023-02-16T09:14:11Z",
"error_code": "rate_limit",
"error_message": string,
"unavailable": string
},
"investments": {
"refreshed_at": "2023-02-16T09:14:11Z",
"last_attempted_at": "2023-02-16T09:14:11Z",
"error_code": "rate_limit",
"error_message": string,
"unavailable": string
},
"enrichment": {
"refreshed_at": "2023-02-16T09:14:11Z",
"last_attempted_at": "2023-02-16T09:14:11Z",
"error_code": "rate_limit",
"error_message": string,
"unavailable": string
}
},
"available_products": [
"account_numbers"
]
}
}
{
"error_code": "link_session_error.invalid_token_exchange",
"error_message": "Invalid token for link",
"documentation_url": string
}
{
"error_code": "api_error.auth.expired_access_token",
"error_message": "Access token expired",
"documentation_url": string
}