Server-side, POST to /link/token/create with your client_id and secret in the request body, along with user.client_user_id (a stable unique identifier for the end user), client_name (your app name), products (e.g. ['auth', 'transactions']), country_codes, and language
Receive a link_token in the response; this token is short-lived (expiring in 4 hours) and single-use
Pass the link_token to your frontend and initialize Plaid Link with it using the Plaid Link SDK
The user completes the Link flow (selects their institution, authenticates); on success, the onSuccess callback returns a public_token and metadata including the account IDs selected
Send the public_token from your frontend to your server for exchange via /item/public_token/exchange
Never reuse a link_token across sessions; generate a fresh one for each Link initialization
Known gotchas
The products specified at link/token/create time determine what data the resulting access_token can access; adding products later requires update mode or a new Link session
Including 'transactions' and 'auth' together is common but each product may impose additional institution consent screens; choose only the products you need
For OAuth-supporting institutions, you must also provide a redirect_uri in the link/token/create request that matches a URI registered in your Plaid dashboard
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp