Explore

Plaid Take home

Challenge 1

Follow the instructions in Plaid's Quickstart, set up a local application to create a new Item using Sandbox credentials. Once you’ve created an Item, please provide the following information:

What language you used to set up the Quickstart

Node

The access_token that was generated

access-sandbox-a2c23604-caef-4829-821c-3bedf999145a

Names of all the accounts and their respective balances. A screenshot of this information is fine.

⁠

Screen Shot 2023-03-31 at 1.13.26 PM.png

⁠

The account numbers, routing numbers, and account_ids for the “Plaid Checking” and “Plaid Savings” accounts

Table

Table

Name

Routing numbers

account numbers

account_ids

Plaid Checking

011401533

1111222233330000

zeE8jjVWDPhA1QMPMy33hGJ878PVbjF3R188N

Plaid Savings

011401533

1111222233331111

Bjg8VVAB3GCRkDLPLj33U8P4l4X9eEtzdNJJo

There are no rows in this table

⁠

Screen Shot 2023-04-04 at 2.36.25 AM.png

⁠

Challenge 2:

A client is reaching out with a question about Plaid webhooks. Hi Plaid,

I am using the Auth and Transactions products in my app. I want my app to receive an AUTOMATICALLY_VERIFIED Auth webhook when the Item is verified, but I do not want to receive the TRANSACTIONS_REMOVED webhooks. Can I stop Transaction-specific webhooks from being sent to my app?

Also if I have to change my webhook URL, how do I update a webhook? Lastly, how do I remove a webhook?

Thanks,

Mel

Response

Hi Mel,

Great Questions! I’ll answer them below in the corresponding order.

Depending on which endpoint you are using you can stop Transaction-specific web hooks from being sent to your app. If you are using the

/transactions/sync⁠

endpoint, you can choose to not receive the

TRANSACTIONS_REMOVED⁠

webhook. The webhook gets sent to maintain backward compatibility but it is not necessary to listen for and respond to those webhooks when using

/transactions/sync⁠

If you are currently using the

transactions/get⁠

endpoint and you want to stop receiving the

TRANSACTIONS_REMOVED⁠

webhook I would recommend switching to using the

/transactions/sync⁠

endpoint instead.

Also, quick note, Plaid does not automatically send

TRANSACTIONS_REMOVED⁠

webhooks as part of the auth webhook flow. Therefore, changing the

TRANSACTIONS_REMOVED⁠

webhook should have no effect on your

AUTOMATICALLY_VERIFIED⁠

auth webhook. I linked the two documentation for each of these web hooks below.

⁠

https://plaid.com/docs/auth/coverage/automated/#handle-auth-webhooks⁠

⁠

https://plaid.com/docs/api/products/transactions/#transactionsget⁠

⁠

To update a webhook URL in Plaid I would suggest sending a post request to

/item/webhook/update⁠

. More detailed instructions for how to do this are under the heading in this

documentation⁠

If you’re using Node, you can send a request like below. Where you would put the new webhook url you want on line 4 where it says webhook.

⁠

Screen Shot 2023-04-03 at 5.23.04 PM.png

⁠

Once you update the webhook URL, Plaid will send webhook notifications to the new URL that you specified. If the URL is invalid or unreachable, Plaid will return an error message and will not send any notifications to that URL.

It's important to note that Plaid requires webhook endpoints to have valid SSL certificates and to respond to webhook notifications within a specified timeout period. If your webhook endpoint does not meet these requirements, you may experience issues with receiving webhook notifications from Plaid.

If you’re still confused after reading the documentation,

this tutorial⁠

is really helpful for getting a basic understanding of webhooks and how to update them.

How do I remove a webhook?

If the webhook is a transaction webhook you can:

Find the webhook subscription that you want to remove and click the Delete button next to it.

Confirm that you want to delete the webhook subscription by clicking the Delete button again.

If it’s not a transaction webhook:

You should send a post request to

/item/webhook/update⁠

but instead of putting a new URL like above, you would instead set it to null

Once you delete the webhook subscription, Plaid will no longer send any webhook notifications to that endpoint. If you want to start receiving notifications again, you will need to create a new webhook subscription in the Plaid dashboard.

Also, it's important to note that deleting a webhook subscription does not remove any data that has already been transmitted to the endpoint. If you want to remove all of your data from Plaid, you will need to delete your Plaid account.

Hope this answers your questions! Feel free to reach back out if you are having any issues with following these steps!

Thanks,

Plaid support

Challenge 3:

A client is reaching out with a question about using the Plaid API.

Hey there,

⁠

I am successfully making /asset_report/create API requests, but I’m not receiving the PRODUCT_READY webhook code when the asset report is finished generating. I followed the “Parameter reference” section of the documentation and made sure that my Link initialization configures a working webhook URL. Is your webhook server down, or am I missing something?

Thanks for your help!

Brady

Response

Hi Brady! I’m checking that our webhook server isn’t down with the engineering team. But in the meantime, if you’re not receiving the

PRODUCT_READY⁠

webhook code after successfully making the

/asset_report/create⁠

API request and configuring a webhook URL in your Link initialization, there are a few things you can check to troubleshoot the issue:

Call the /asset_report/get endpoint. If you get a 400 code and a Plaid error code of PRODUCT_NOT_READY then the asset report may need a bit more time to be generated.

Verify that your webhook URL is correct and working: Make sure that the webhook URL you configured in your Link initialization is correct and that your server is able to receive and process webhook notifications. You can test your webhook URL by sending a test webhook notification to it and verifying that your server receives it correctly. If you’re confused about how to do this I would suggest reading the

Simulating data and events⁠

section of

this documentation⁠

Log in to your Plaid account and check the Webhooks section of the Dashboard to verify that the webhook subscription for the

PRODUCT_READY⁠

event is active and configured correctly.

Check your webhook server logs to see if there are any errors that could be causing this issue.

Check for errors in the response to the

/asset_report/create⁠

API request: Check the response to the

/asset_report/create⁠

API request to see if there are any error codes or error messages that could indicate an issue with generating the asset report. If there are any errors, you may need to address those before you can receive the

PRODUCT_READY⁠

webhook notification.

Call the

/asset_report/refresh⁠

endpoint to see if you just needed to restart the workflow.

Make sure that your webhook server is publicly accessible and can receive POST requests from Plaid’s servers.

Steps to verify

Verify that your webhook server is publicly accessible by checking that it has a public IP address and that it’s not behind a firewall or NAT.

Make sure that your webhook server can receive POST requests from Plaid’s servers by checking that it’s configured to accept incoming requests on the correct port (usually port 443 for HTTPS).

Check that your webhook server is returning a 200 OK status code when it receives a webhook from Plaid.

Hopefully this helps you solve the issue. If not, let me know if you need any more help.

Thanks,

Plaid Support

Challenge 4:

A client has reached out to you because their application is not able to identify and stop users from adding the same bank as a duplicate. What advice would you give as to how to detect users that may be trying to add the same bank to a client's app more than once?

Hello -

In my program I’m using Plaid and my users are able to add banks as duplicates! I understand my end user receives a public_token via the link login screen and then it’s exchanged for an access_token for an institution, e.g. Bank of America.

What happens the next time our app asks the user to login to Bank of America? Will Plaid return a public_token that needs to be exchanged for a second and different access_token from the first one?

If the user entering their information again generates two different access_tokens for the same Bank of America institution, will this affect any production count? Should I keep track of the access_tokens to avoid duplicate tokens associated with the same bank for the same user?

Thank you!

Response

Hello,

You are correct, if the user logs into Bank of America plaid returns a public_token. If that same user tries to log into Bank of America again, there will be a duplicate item even if the user is using the same credentials. If you don’t account for this it could affect production count. Therefore, yes, you should probably keep track of the access_tokens to avoid duplicate tokens associated with the same bank for the same user. I would recommend you go through

this tutorial⁠

that goes through how duplicate items are created, how to prevent duplicate items, and how to identify existing duplicate items.

Also, the suggested way to prevent multiple items linked to the same financial institution for the same user is to check the institution id of a newly created item before performing the token exchange and storing the item. If you run into an issue with following the tutorial above I would suggest also looking through the code in

root items route⁠

as an example for how to handle this.

Thanks,

Plaid support

Want to print your doc?
This is not the way.

Try clicking the ⋯ next to your doc name or using a keyboard shortcut (

CtrlP

) instead.