Yodlee REST API Documentation

Yodlee Aggregation API is designed for clients who need permission-based access and bank-level security to access their customers bank, credit card, investments, loan accounts and other financial data.

Yodlee platform aggregates consumers financial data based on a user-permission model, whereby a consumer voluntarily provides online access credentials for an account or a set of accounts. The data is gathered and stored in Yodlee's database in a well-defined and normalized structure. The aggregation APIs allows you to retrieve and view this data.


Use of Yodlee APIs requires application login (referred as cobrand login) as well login for end user (referred to as user login). Cobrand login establishes authentication for client application with Yodlee platform. End user login allows clients to use APIs for their own customers.

Authentication Headers

Calls to Yodlee API require authentication tokens passed through Authorization HTTP header, the format for Authorization Header is as below:

GET /ysl/restserver/v1/accounts HTTP/1.1
Host: developer.api.yodlee.com
Connection: keep-alive
Accept: application/json
Origin: https://developer.yodlee.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.116 Safari/537.36
Authorization: {cobSession=08062013_0:a85b10c7d99cadaed03363dba4f9c5d9db0fbe38feebd5e749f67a61b64d5b1f02abbc2a294f3179bcbfa15fe8eac08292035b32128403fca134134b98226a53,userSession=08062013_2:e0af3dab005bc1a33915c5f486d2465ff08dfe65dd233bdc4c9ec0a908e580e7198323eea76f002420eed1ba7e3b974acff1979b3329b18953dab534cd0bf5b6}
Referer: https://developer.yodlee.com/apidocs/index.php
Accept-Encoding: gzip, deflate, sdch, br
Accept-Language: en-US,en;q=0.8

Refer to Get Started guide on how to use Yodlee APIs in your application.

Use your Yodlee Developer Portal Login to quickly set authentication tokens.

: :


Cobrand Token:

User Token:
Exclude user token
Some APIs don't require user tokens; review the appropriate API section.

Yodlee PKI Encryption

Yodlee is commited to security of information transferred between client applications to its server. Yodlee already uses industry standard security practices at transport layer (HTTPS). To go a step further, Yodlee APIs has optional feature to allow customers encrypt all sensitive information (account credentials) prior to sending those over API call. Sensitive information is encrypted using Yodlee Public Key (obtained using API call).

To use Yodlee PKI Feature along with Yodlee APIs refer to integration document Here

For encrypting sensitive credentials before API call, use encryption utility Here

Yodlee APIs working with PKI Features
1. Add Account : POST /v1/providerAccounts
2. Update Account: PUT /v1/providerAccounts

Yodlee FastLink

Today's banking and financial application consumers want one place where they can login and see all of their financial accounts. Yet adding and verifying financial accounts within a financial app can be a hassle.

For Internet innovators, the out-of-the-box experience makes it easy to integrate Yodlee FastLink into your financial app, speed it to market and cost effectively maintain it.

Read full documentation for Yodlee Fastlink

Steps to Launch Yodlee FastLink

1. Use cobrand and user login to obtain authentication tokens.
2. Use /{cobrandName}/v1/user/accessTokens call to obtain Fastlink launch parameters.
"parameters": "app=10003600&rsession=06102015_1:92cbda88abe983fabfcea7cce481390b16e12b95b5d782aa582daeedc35092e713224eda39cbcbdc3a63d1029268876ed0708a1159e89c5d792b59693a13fdb4&token=e7311413fc28d7914a7e4859f73bbe4781cdeec32e70a918628a21d549f9998a&redirectReq=true"

3. Use form post to Yodlee Fastlink URL with the parameters to launch Fastlink.
<form action="https://node.developer.yodlee.com/authenticate/restserver/" method="POST">
<input type="text" name="app" value="10003600" />
<input type="text" name="rsession" />
<input type="text" name="token" />
<input type="text" name="redirectReq" value="true"/>
<input type="submit" name="submit" />
Note: The customer should use the environment specific URL provided to launch Yodlee FastLink.