In order to enable consumers to more easily manage who has access to their financial data, Plaid provides a solution on my.plaid.com where access to their data can be changed or removed. A consumer can revoke access in one of two ways:
- The consumer logs in to my.plaid.com and removes one or multiple applications’ access to their banking data.
- The consumer requests Plaid’s deletion of their data and/or revokes consent for access, removing access from all Plaid-connected applications with which the consumer had previously authenticated.
In the case of #1 above, Plaid will immediately remove data access from the application(s) in question and depermission theItem
. In the case of #2 above, Plaid will delete data about that consumer from Plaid-controlled environments, except in certain circumstances, such as to retain data for auditing purposes or to comply with a legal obligation. In both these cases, Plaid will stop billing for any recurring products associated with the Item
s where access has been revoked.
Webhook behavior
Plaid makes sure you’re aware when a consumer takes either of the above two actions by sending an Item
webhook with the webhook code, USER_PERMISSION_REVOKED
:
{
"webhook_type": "ITEM",
"webhook_code": "USER_PERMISSION_REVOKED",
"item_id": "wz666MBjYWTp2PDzzggYhM6oWWmBb",
"error": {
"error_code": "USER_PERMISSION_REVOKED",
"error_message": "the holder of this account has revoked their permission for your application to access it",
"error_type": "ITEM_ERROR",
"status": 400
}
}
API behavior
Future API requests for anItem
that was depermissioned or deleted will return an Item
error with error code, ITEM_NOT_FOUND
:
{
"error_type": "ITEM_ERROR",
"http_code": 400,
"error_code": Enum (
"ITEM_NOT_FOUND"
)
"error_message": String
"display_message": nullable String,
"request_id": String
}
Because data depermissioning or deletion will result in Plaid’s removal of the access_token
from our systems, we recommend that you launch a new instance of Plaid Link and create new Item
s for returning consumers who had previously depermissioned access.