Plaid Stripe Integration without using Plaid Link - plaid

I am in the process of integrating Plaid and Stripe, but do not want to use the Plaid Link module to do this.
Once I use the Plaid 'auth' api to authorize a bank account, is there an end-point I can hit to send the information over to Stripe. Note that Plaid's 'exchange-token' end-point does not work as I need a public token to access the end-point.

I had this same issue and opened a support ticket with Plaid. I was told that I need to use Plaid Link.
Are there endpoints I can use with a user that I have already authd to get the public_token that is normally provided by this module?
No, not currently. These users will need to go through the flow
described in our Plaid + Stripe documentation here:
https://plaid.com/docs/link/stripe/

Related

OAuth or API key authorization?

I'm trining to create live stream on youtube using google API. Now it working only when I use oauth authorisation. When I use API key authorisation I get authorisation error (login required)
When I use oauth authorisation - it require to enter confirmation code each time I create new translation. Is it possible to use "liveStreams->insert" method of API with authorisation that does not require entering of confirmation code?
From what you are writing it appears to me that you haven't understood the concept of OAuth and when to use OAuth vs an API key.
Try to think about it this way: You, as a person, have a Google account. This Google account is not the same as your YouTube account (or, as it is more commonly refered to, your YouTube channel). But your Google account is associated with your YouTube channel (of which you can have multiple). Because you are logged in to your Google account and your channel and Google account are linked, the YouTube website knows who you are and gives you access to your channel.
Now you head over to the Google Cloud Console. Here you create a project, which is very similar to a YouTube account in the sense that it, too, is an independent account which in this case represents your app, but is linked to your Google account so the Cloud Console website knows to give you access to the project as long as you are logged-in to your Google account.
HOWEVER, your YouTube account is not linked to your Cloud Console project. When you make an API request with an API key, the API does not see you as in "your Google account", but rather your apps's Cloud Console Project. That's why with an API key, you can only access publicly available data (everything you could "see" when you browse YouTube while not being logged-in).
So, in order for an application to read private channel information or modify channel information, the API needs verification that whoever makes that request is actually allowed to do that. This is where OAuth comes into play.
When you say you have to provide the confirmation code for each request, I think you don't save the access token and refresh token. I highly recommend you read Using OAuth 2.0 to Access Google APIs and Obtaining authorization credentials over on Google Developers to help get you started.

How to replace people.me from Google+ with Google People/Google Sign In api?

I had a "sign in with Google+" function in my web-app. Upon signing in I would show user's email and name on the page and save it to database. To fetch user's profile data after sign in I used Google+ API method people.me with access_token in GET params.
Google+ API is going to shut down on March 7. I have to migrate to Google People or some other api. How do I achieve the same goal with a different google API? I need to fetch email and name by known auth token.
We use this through Laravel's Socialite, and they're replacing it with:
https://www.googleapis.com/userinfo/v2/me
You may want the profile scope as part of the OAuth flow to make the profile data accessible through this methods. Otherwise it will return incomplete data.

Using Plaid Link with Connect and Auth

I am using the Plaid Link javascript library but I am running into an issue. I want to be able to use both the Auth and Connect products but the Link modal only allows me to show either Auth or Connect but not both. The documentation says to use Auth and then upgrade my token to use Connect. Which is fine I can do that. However the Auth modal will not show any credit only institutions like AmEx. Since I want both to allow for Stripe integration and for pulling in all of a user's transactional data across all institutions, what's the best way to do this?
Currently I am considering showing the different modals in two different flows (add a bank account vs add a transaction history account) but that is not very good UX. Also the IDs assigned by Plaid will be different and have different access tokens so deduping is a nightmare.
Or writing a custom modal that will use the Auth product for institutions with bank accounts (Chase) and the Connect product for credit only institutions (AmEx) but that will likely be a lot of work.
You'll only be able to use the Plaid Link + Stripe ACH integration for institutions that support Auth. I'd recommend initializing Link with Auth as the product and then upgrading to Connect once you have exchanged the Link public token for a Plaid API access token.
To answer the UX question you brought up - you can actually bypass using Link's standard "institution select" view and instead display your own list (you can use the /institutions API endpoints to pull information about supported institutions) using Link's custom integration.
That way, you can show your users a single list of supported institutions. If you initialize Link twice (once with Auth and once with Connect) you can jump directly to the Auth-initialized Link or Connect-initialized Link depending on the user's institution.

Citrus wallet signup api for PHP

I want to make a interface so that user can register and login themselves at citrus using PHP technology and use that wallet in their payment. Does citrus provide any API for this?
Yes, Citrus-Pay does provide APIs for Integrating with Wallet where you can define your own interface.
Alternatively, you may also use the standard UI provided by Citrus. If you want to go forward with APIs,
1) Get a signup token using the API mentioned in this link: https://developers.citruspay.com/documentation/wallettab/identity-profile/oauth-token-api/
2) Call Find Or Create User API as next step. This API will trigger an OTP to the customer's mobile number passed in the request.(A Citrus Wallet is uniquely identified by a mobile number)
API on dev guide: https://developers.citruspay.com/documentation/wallettab/identity-profile/find-or-create-a-wallet/
3) Now this OTP has to be entered in an appropriate API.Which API to be used is told in the response of find or create wallet API called in step 2. (Password-based login is also supported).
It could be sign in with MOTP API ( for an existing citrus wallet customer) or verify mobile and sign API ( for new wallet accounts just being created)enter link description here
4)You will get a full access token (prepaid_pay) in response.Pass this in header of all other APIs which you need to call on behalf of user.
5)For Eg: To make a payment using the customers existing wallet balance , use the following API : https://developers.citruspay.com/documentation/wallettab/pay-using-citrus-wallet/make-payment/
Hope this helps

Updating gmail contextual gadgets to the OAuth2

We have a gmail gadget in apps marketplace that use SSO authorization described on this link: https://developers.google.com/google-apps/marketplace/best_practices?csw=1#gadget_sso. With recent update of marketplace is gadget flow will be updated to OAuth2 or it will stay the same?
If yes, then what is the deadline for the migration? I wasn't able to find this on the documentation about release.
Thank you!
In the new marketplace setup, you still have to use a popup to setup the correlation between the opensocial Id and the google user. But the popup will no longer use OpenId/SSO to identify the user to the application. Instead these two OAUTH2 scopes are pre-authorized :
https://www.googleapis.com/auth/userinfo.email
https://www.googleapis.com/auth/userinfo.profile
and that's enough to get the identity of the user.

Resources