Overview
Access to Yodlee API Calls
The quickest way to get started with Yodlee API calls is by registering for a Sandbox Account on the Yodlee Developer Portal.
| API Environment | Details | Notes |
|---|---|---|
| Sandbox – Developer Portal | Immediate access to all API requests for aggregation, account verification, and Yodlee FastLink tools. | Interactive API client to try individual REST calls. Open to all. Account access is limited to a 45 day trial. Extensions are granted on request. |
| Stage | API environment catering to specific implementation cases. Please reach out to Yodlee to learn more about the stage environment | Access is restricted |
| Production/Live | Access to the production environment is granted when a customer signs up with Yodlee. | Access to the live environment is restricted for the customer server IP address. Please reach out to Yodlee for more details on setting up the live environment. |
Integration Model
Integration with Yodlee is based on three objects
- Cobrand - Each Yodlee customer is referred to as a cobrand (partner). During the sign-up process, cobrand credentials are provided (for the respective environment).
- User - For every user in your system, Yodlee requires the creation of the respective user in the Yodlee system. A one-to-one relationship between users is required.
- User accounts - These are the financial accounts linked by end users. A user can add multiple financial accounts.
Authentication
Integration with Yodlee involves partner authentication (called Cobrand Authentication) using the cobrand credentials provided. User-specific operations require a second level of authentication for individual users. Cobrand and User logins return cobrand and user session tokens respectively and must be passed for successful API calls.
Cobrand Authentication
//Request Example - using Sandbox Environment
POST /ysl/restserver/v1/cobrand/login HTTP/1.1
Host: developer.api.yodlee.com
Accept: application/json
Content-Type: application/json
Content-Length: 164
Connection: keep-alive
{
"cobrand": {
"cobrandLogin": "cobrand_user_name",
"cobrandPassword": "cobrand_password",
"locale": "en_US"
}
}
//Response
{
"cobrandId": 10010352,
"applicationId": "3A4CAE9B71A1CCD7FF41F51006E9ED00",
"locale": "en_US",
"session": {
"cobSession": "08062013_0:0d1ee7eb871b4e48b31bb553b459ca661f66bca0928fdef32ba673c61bb11c92a402b2341b97ca39fdd4a2b3e168d8ca90f66dd115eeee5e797660165f6cf8dd"
}
}User Authentication
//Request Example - using Sandbox Enviornment
POST /ysl/restserver/v1/user/login HTTP/1.1
Host: developer.api.yodlee.com
Accept: application/json
Content-Type: application/json
Authorization: {cobSession=08062013_2:7af6ff3f739965e72c8b7248c96a2317958f2b2c1a0a1bfa26394c25747e6b18b4e118e95d499058cbdd9212972d70cd41cbc7139934b66cbd65e220712a23ed}
Content-Length: 138
Origin: https://developer.yodlee.com
Connection: keep-alive
{
"user": {
"loginName": "user_login_name",
"password": "user_password#123",
"locale": "en_US"
}
}
//Response example
{
"user": {
"id": 10060702,
"loginName": "user_login_name",
"name": {
"first": "John",
"last": "Doe"
},
"session": {
"userSession": "08062013_1:4daf4cf98182725d6fd018fa8d3165b73511a9d8f4c78f7fc65addfdb8288a0f451b49622d54635e681d3de153a73d608eaf9de7d41a23119cd249cb86d927c2"
},
"preferences": {
"currency": "USD",
"timeZone": "PST",
"dateFormat": "MM/dd/yyyy"
}
}
}Linking Accounts
Yodlee supports linking accounts from more than 15,000 global financial institutions. Linking accounts are crucial steps in integrating with Yodlee's core API. Yodlee supports linking accounts using Yodlee FastLink as well as linking directly with API calls.
Using Yodlee FastLink
Yodlee FastLink is a UI application available to all customers. Yodlee FastLink takes care of complex user flows for linking accounts including intuitive searches for financial institutions, credentials management, and error handling. Yodlee FastLink is a responsive, white-label hosted application. Yodlee continuously monitors and improves Yodlee FastLink for factors like conversion rates, user retention, optimal UI flows, and data analytics.
Refer to Yodlee FastLink 2.0 pages for more details.
Linking Accounts Using API Requests
Yodlee customers can opt to build their own UI application for link account user flows with Yodlee requests. Developers need to ensure all critical aspects of the link account flow are covered:
- Get a list of financial institutions supported by Yodlee (providers) using /provider end points. The API supports searching by name of the financial institution.
- After selecting a financial institution to link, the user needs to be presented with the form to capture the provider's login credentials. Use /providers/{providerId}
API to get a complete list of form fields needed to render the UI form on the application. - Call Add Account API POST /providerAccount. Status and additonalStatus fields in response to the POST /providers/providerAccount call will indicate if linking the account is successful
- With a successful link account call, a list of the user’s accounts are available using /accounts end point.
Handling MFAs
Some financial institutions require additional information from the user during login called multifactor authentication – in such cases, the Status and additionalStatus fields in the response will indicate the values IN_PROGRESS and USER_INPUT_REQUIRED – this requires the developers to present the MFA login form to users and capture the additional information required by the provider.
- Details of MFA are obtained by invoking GET /providerAccounts/{providerAccountId} API for presentation to the user.
- MFA details entered by the user need to be submitted using the PUT /providerAccounts API.
- Developers then are required to poll the status of the link account using the GET providerAccounts/{providerAccountId} API call.
Webhooks
Webhooks refer to the overall concept of sending notifications to webhook endpoints. Webhook endpoints are URLs defined by users to which Yodlee sends events. Use webhooks to be notified about events that happen in a refresh account flow. Your system can then take appropriate action based on this event.
Refer to the detailed Webhooks integration guide about receiving REFRESH notification events at your Webhooks endpoint.
Account Aggregation
Refer to Account Aggregation API versions, documentation, and API reference
Account Verification
Yodlee Instant Account Verification (IAV) offers a safe and secure way to onboard consumers, connect their financial accounts, mitigate payment and account funding risks, and verify the account and account status for products and services. Instead of a time-consuming process that forces consumers to look up account information or use micro deposits to verify their bank accounts, consumers need only enter their online banking credentials. IAV confirms the account and verifies the account balance in seconds.
Refer to detailed documentation for account verification
Yodlee FastLink
Refer to Yodlee FastLink 2.0 Documentation
Testing
To verify integration with Yodlee and see accounts and transactions data accessible to your application you can use real financial institution accounts. Use of real bank accounts is possible in the Sandbox, Stage, and live environments.
A Sandbox trial account also provides test financial institution accounts for testing during the registration process
Test Accounts
Yodlee also offers a tool to set up test (dummy) financial institution sites and related accounts. Refer to the Yodlee Dummy Account Generator to create your own test credentials.