Basic concepts

Security protocols

Pluggy's API enforces the use of HTTPS TLSv1.2 or upper versions for security reasons. Other TLS version requests will be rejected. All communication requires to be in HTTPS.

API verbs and Protocols

Pluggy's API is a RESTful API based on JSON requests and responses, so all requests must have set the header Content-Type of application/json.

We follow the RESTful standards and all verbs match their specific action for the resource you will be communicating.


Our production environment is accepting requests in the following host:


Some Pluggy's responses can yield a large amount of data, in which cases the size of the response is limited and divided in pages.

For example, if you make a request to /transaction?accountId={ACCOUNT_ID}, you will receive an object like:

    "total": 200,
    "totalPages": 15,
    "results": [],
    "page": 1
  • total: the size of the data of the request
  • totalPages: the total number of pages encompassing all available records
  • results: the content of the current page
  • page: the number of the current page
    • For example, /transaction?accountId={ACCOUNT_ID}&page=2 is the second page of transactions results
    • By retrieving /transaction?accountId={ACCOUNT_ID}, then /transaction?accountId={ACCOUNT_ID}&page=2, and so on, you may access to all the data available, one page at a time.

To sum up, to obtain all the data from a paginate endpoint, after your first request you should iterate many times as totalPages making a new request and changing the page query param.