This page differs depending on which API version you are browsing at the moment.


  • Client-id and App-secret headers are no longer supported. In V4, each Client is able to create an unlimited amount of API keys for API use. You can manage your keys on the Keys and Secrets page.

  • Each request will now have consistent auth headers: App-id + Secret for both Apps and Services (ex: tokens#create).


  • categorize flag/field from Attempt object and from logins#create. Instead, the new categorization flag was added to the same route. Possible values: none, personal, business, default: personal.


  • All IDs are returned as strings in API responses and JS callbacks;
  • Categories objects from /api/v4/categories now include business and personal categories list;
  • fetch_type was replaced by fetch_scopes, required on login/token create and is optional on login/token reconnect or refresh;
  • Consent window is now automatically shown every time when creating a login with Connect, so there is no need to send the show_consent_confirmation flag in tokens#create anymore. In other cases, it will be shown only when fetch_scopes has changed.


  • override_credentials and override_credentials_strategy flags that allow overriding previous credentials when reconnecting a Login via an API request or Token respectively.

  • New currencies:

ERN - Eritrean nakfa (232)
ITL - Italian lira (380)
ECS - Ecuadorian sucre (218)
DEM - German mark (276)
KYD - Cayman Islands dollar (136)
CYP - Cypriot pound (196)
FRF - French franc (250)
SIT - Slovenian tolar (705)

New errors

  • AppIdNotProvided - missing App-id from headers;
  • ApiKeyNotFound - the API key with the provided App-id and Secret does not exist or is inactive;
  • FetchScopesInvalid - client sent invalid values. Ex: fetch_scopes: [accnts];
  • FetchScopesNotAllowed - client sent not supported values. Ex: he has access only to holder_info (Credit bureau for ex.) but sent fetch_scopes: [accounts].