Introducing one-time Link URLs
You can now send one-time LinkLink The authorization flow that allows end users to connect their accounting, banking, or commerce platforms to your application via Codat. URL to your customers to improve the reliability of data provided by them.
What's new?
To reduce the risk of LinkLink The authorization flow that allows end users to connect their accounting, banking, or commerce platforms to your application via Codat. URLs being leaked or reused, we have introduced the option to limit the validity and number of uses of these URLs. When enabled, all companyCompany In Codat, a company represents your customer's business entity. Companies can have multiple connections to different data sources.-specific and connectionConnection A link between a Codat company and a data source (like an accounting platform). Each connection represents authorized access to pull or push data from that platform.-specific LinkLink The authorization flow that allows end users to connect their accounting, banking, or commerce platforms to your application via Codat. URLs will have a one-time password (OTP) added as a query parameter:
| LinkLink The authorization flow that allows end users to connect their accounting, banking, or commerce platforms to your application via Codat. type | Without OTP | With OTP |
|---|---|---|
| CompanyCompany In Codat, a company represents your customer's business entity. Companies can have multiple connections to different data sources.-specific | https://link.codat.io/company/{companyId} | https://link.codat.io/company/{companyId}?link.otp=OTP123 |
| ConnectionConnection A link between a Codat company and a data source (like an accounting platform). Each connection represents authorized access to pull or push data from that platform.-specific | https://link-api.codat.io/companies/{companyId}/connections/{connectionId}/start | https://link-api.codat.io/companies/{companyId}/connections/{connectionId}/start?otp=OTP123 |
Additionally, you will notice the following behavior changes:
- Your customers won't be able to use the same LinkLink The authorization flow that allows end users to connect their accounting, banking, or commerce platforms to your application via Codat. URL more than once.
- CompanyCompany In Codat, a company represents your customer's business entity. Companies can have multiple connections to different data sources.-specific and connectionConnection A link between a Codat company and a data source (like an accounting platform). Each connection represents authorized access to pull or push data from that platform.-specific LinkLink The authorization flow that allows end users to connect their accounting, banking, or commerce platforms to your application via Codat. URLs will expire after one day even if they weren't used.
- You won't be able to use the generic Invite companyCompany In Codat, a company represents your customer's business entity. Companies can have multiple connections to different data sources. button to invite your customers to share their data.
Who is this relevant for?
All clients who want to have stricter rules around LinkLink The authorization flow that allows end users to connect their accounting, banking, or commerce platforms to your application via Codat. URLs sent to their customers.
How to get started?
Contact your Codat account manager with the request to enable one-time LinkLink The authorization flow that allows end users to connect their accounting, banking, or commerce platforms to your application via Codat. URLs. Depending on the type of the LinkLink The authorization flow that allows end users to connect their accounting, banking, or commerce platforms to your application via Codat. flow you are using, you also need to action the following:
If using Hosted LinkLink The authorization flow that allows end users to connect their accounting, banking, or commerce platforms to your application via Codat.
As a prerequisite to enabling one-time LinkLink The authorization flow that allows end users to connect their accounting, banking, or commerce platforms to your application via Codat. URLs, you also need to enable the new Hosted Link interface.
If using Hosted or build-your-own LinkLink The authorization flow that allows end users to connect their accounting, banking, or commerce platforms to your application via Codat.
If you are currently adding query parameters to LinkLink The authorization flow that allows end users to connect their accounting, banking, or commerce platforms to your application via Codat. URLs (for example, by appending ?link.showSandboxIntegrations=false), confirm that your code can handle URLs that already contain query strings.
If using LinkLink The authorization flow that allows end users to connect their accounting, banking, or commerce platforms to your application via Codat. SDK
To enforce the imited validity of LinkLink The authorization flow that allows end users to connect their accounting, banking, or commerce platforms to your application via Codat. URLs using the LinkLink The authorization flow that allows end users to connect their accounting, banking, or commerce platforms to your application via Codat. SDK, you need to retrieve an access token for your customer using the Get company access token endpoint and pass it when initializing the SDK. This serves as an equivalent to a one-time password appended to a LinkLink The authorization flow that allows end users to connect their accounting, banking, or commerce platforms to your application via Codat. URL.