Start a new bank connection
Kick off a connection between a Client and a bank. Send only
institution_id (a v3 catalog id from GET /v3/institutions).
LedgerSync’s router picks the underlying source (Finicity vs
MX) per its routing rules — integrators don’t pick a source.
The response:
- Finicity / MX — we hand back a widget URL. Open it in
the user’s browser (or your mobile webview) and they’ll
finish linking. For MX the URL points at a
LedgerSync-hosted wrapper page
(
GET /connections/mx-wrapper) that embeds the MX widget and gives you the sameredirect_url+ls_tokencompletion hop as Finicity (verify it atPOST /connections/redirect-token/verify). - FDE — we return a
widget_urlto a LedgerSync-hosted connect page where the end user enters their bank credentials and answers any security questions in-session. Raw credentials are never sent to the API.
This one’s genuinely async — the bank or document pipeline
takes a few seconds to a minute. You get 202 Accepted and an
operation_id right away; the connection.active (or
connection.requires_action / connection.failed) webhook
fires when it’s done. Poll GET /operations/{operation_id}
if you can’t run a webhook handler.
Note on connection.id. While this operation is
queued/running, the embedded result.connection.id is a
UUID-prefixed placeholder (con_<uuid>) and cannot be used
with any other endpoint. The canonical id —
con_<SOURCE>_<bankAccountId> such as con_FINICITY_41294 or
con_MX_1224 — is only assigned once the user finishes the
widget and the source pushes its first callback. Read the
canonical id from
GET /operations/{operation_id} once status=succeeded, or
from the connection.active webhook. See the
Connection lifecycle section at the top of this reference
for the full handshake.
Authorizations
Pass your secret key in the Authorization header as a Bearer
token: Authorization: Bearer sk_test_... (sandbox) or
Bearer sk_live_... (production).
Keys are created in the developer portal and the plaintext secret is shown exactly once at creation. Treat them like passwords — never embed them in mobile apps or front-end code.
Headers
Safe-retry key for POSTs. Send any unique string per logical
request (a UUIDv4 is great). If the network drops and you retry
with the same Idempotency-Key within 24 hours, you get the
exact same response back instead of creating a duplicate.
Cached responses include failures (4xx and 5xx) too. If a call failed because of a bad input and you want to try again with the corrected input, use a fresh key — otherwise you'll keep getting the cached failure.
255"6f1a8c50-3e9c-4d4a-b1f5-2c5b9a2f7d11"
Path Parameters
Body
Source-hiding initiate-connection shape. The integrator passes
only institution_id (a v3 catalog id from
GET /v3/institutions); LedgerSync's router picks the underlying
source. No source field.
A v3 catalog id (e.g., ins_01HZX9CHASE) from GET /v3/institutions.
URL the widget redirects to on completion.
Ignored. FDE connects via a LedgerSync-hosted page, so raw bank credentials are never accepted over the API. Retained only so a body that still carries it is not rejected.
Response
The request was accepted but the underlying work runs
asynchronously. Use the returned operation_id to poll
GET /operations/{operation_id} or just wait for the matching
webhook event.
Returned with 202 Accepted for async operations.
"op_01HXYZ8A6N7K2W9PQ4T5Z3V6E0"
queued "https://api-sandbox.ledgersyncappv2.com/v3/operations/op_01HXYZ8A6N7K2W9PQ4T5Z3V6E0"
Rough ETA for completion. Best-effort.
