In some cases, a Link Money API endpoint might require a generic token, which can access developer-specific resources but not user specific resources. These cases might include:

• Creating, updating, or retrieving a developer configuration
• Accessing anonymized bulk data
• Accessing utility data

In cases where a generic token is warranted, the endpoint documentation will state that the route requires a generic token.

Generate a Token

1. Retrieve your client_id and client_secret from the Developer Dashboard.

2. With the client_id and client_secret, you can make a POST call to the Authorization Server with your credentials to exchange them for a JWT:

   curl --request POST \\
     --url <https://dev-jhhgu9vc.auth0.com/oauth/token> \\
     --header 'content-type: application/json' \\
     --data '{"client_id":"{YOUR_CLIENT_ID}","client_secret":"{YOUR_CLIENT_SECRET}","audience":"<https://link-money-api/","grant_type":"client_credentials>"}'
   

   If the Authorization Server recognizes your client_id and client_secret, it will respond with a JSON payload containing the JWT:

   {
   	"token": "{YOUR_BEARER_TOKEN}",
   	"type": "Bearer"
   } 
   

3. Use the token value to make your calls to resources requiring a generic token by including it as a Bearer token in your Authorization header.

   curl --request GET \\
     --url <https://link-money-api-development.herokuapp.com/plaid/v1/transactions/get/v1/generic_resource> \\
     --header 'Authorization: Bearer {YOUR_BEARER_TOKEN}'
   

Considerations

• Generic tokens target only developer resources, not user resources.
• Generic tokens should not be user-facing and should be for internal use only.
• Generic bearer tokens in Link Money remain valid for one hour before they expire.