When connecting to Pluggy from a client-side application (ie. Connect Widget) we require to use a
So for example, a newly created Connect Token can't be used to access information that has been created previously with a different Connect Token.
For any other kind of requests, such as retrieving all the Item related products data, configuring webhooks, and more, you'll need to do server-side requests, using your API Key.
Fistly, you'll need to authenticate with Pluggy API, using your
CLIENT_SECRET, to create an API Key. Note that these credentials are extremely sensitive, so please ensure to do this step in your secured Server only.
This API key expires after 2 hours, and will give you full access to all of Pluggy API endpoints.
Then, with your API key, you'll have to make a call to POST /connect_token.
connectTokenis valid for 30 minutes only.
The recommended usage is 1-per-connection, so we suggest creating a new one, each time you want to create or update an Item.
The usage of this Connect Token is identical as the API key, simply pass it in the request authentication header, Pluggy API will take care of validating its scope.
Attempts of accessing detailed products data using a Connect Token (instead of an API Key) will result in a
403 ForbiddenAPI response.
To summarize, this is an overview of the flow of how you can create an Item using a
If you are using our Pluggy Connect widget, you'll only need to take care of providing the Connect Token - the rest will be handled by us.
Updated 8 months ago