Hacker News new | ask | show | jobs
by robcohen 1000 days ago
This is the precise option I was thinking might be possible. Is it even reasonable for an individual developer to use their own API keys for something like this? I assume because you suggested it, it is. Any limitations that are impractical for personal use?
1 comments
debaserab2 1000 days ago
I'm in the middle of going down this path right now. It kind of works, except for certain banking institutions require more rigor than just getting accepted into the developer platform.

The steps, as far as I can tell, look something like this:

1) Sign up for Plaid developer account

2) Request developer access (without it you can only play with sandbox data)

3) Request production access

4) Submit application information including a name, website URL, and logo

5) Add a legal company entity name and address to my plaid account

6) Sign an MSA contract (no idea what its about)

7) Fill out a security questionnaire.

I'm at step 3 currently but I'm not sure how much further I'm realistically going to get. I'm not sure I could reasonably fill the rest without stretching the truth quite a bit and it seems to get deep into legal territory that I'm not sure I'm comfortable with.

There's also apparently different API behaviors depending on the bank: https://plaid.com/docs/link/oauth/#institution-specific-beha...

I don't have a lot of hope that this is going to pan out. I'm considering just scraping Chase with a headless puppeteer script instead.

It's possible that this may be simpler for other banks though, I've only tried Chase since that's my primary bank.

link
phoenixy1 1000 days ago
[I work at Plaid]

I will say that while annoying (especially for Chase, which has the most paperwork-type requirements for developers) this process should be totally doable for solo developers. You can put your own name as the legal entity name if you don't have a company. The Master Services Agreement (MSA) sounds scary but is just the contract between you and Plaid -- the legalese laying out what you're paying for, what Plaid is providing, and the rights and obligations of both parties. And when it comes to the security questionnaire, fill it out as accurately as you can, but you don't need to stress over it -- Plaid doesn't expect a solo hobbyist to have the same security measures as, like, a publicly traded company.

link
akerl_ 1000 days ago
Can confirm: I did this as a solo user of a personal API integration with Chase via Plaid. I answered honestly given the scope of what I was doing: for example, IIRC there was a question about whether all employees are background checked, and another about how we deal with terminated employee access. As the only user/employee/human, I could confidently say I background check all my employees and that if they’re terminated, their access will be promptly revoked :D
link
debaserab2 1000 days ago
Thanks for the info -- this is really good to know. I'll keep pressing on as far as I can!
link
ydant 997 days ago
Thank you! I wish Plaid would document this on the website. I've always been hesitant to convert from my dev account to a production account because everything gives the impression you're looking for a Serious Business.

I'd much rather just pay the money and have the standard API, and my workflows are all built around Plaid anyway.

I guess I'll give it a go now.

link