Skip to main content
Many US financial institutions use OAuth for authentication. When a customer selects an OAuth-supported institution in Flinks Connect, they are redirected to their bank’s website to authorize the connection, then redirected back.

Web integration

iframe setup

Embed Flinks Connect as an iframe with the required redirectUrl parameter:

Handling events

Use the Event Listener to track the OAuth flow:
Ensure your website allows pop-ups from the Flinks domain, as OAuth connections open the bank’s authorization page in a new window.

Mobile integration

For mobile apps, OAuth requires special handling because WebViews may not fully support the redirect flow. Use the device’s system browser (Safari on iOS, Chrome on Android) instead of a WebView for the best OAuth experience:
  1. Open Flinks Connect in the system browser using your iframe URL.
  2. Add oauthWindowRedirect=true to enable full-page redirects instead of pop-ups.
  3. Set up an HTTPS universal link (iOS) or App Link (Android) so the OAuth callback returns the user to your app.
Flinks only supports https redirect URIs. Custom URI schemes such as myapp:// are not supported. Use an HTTPS URL that your app claims through universal links or App Links.

Returning to your app

After the OAuth flow completes, Flinks redirects to your redirectUrl with the loginId:
Configure your app’s universal link (iOS) or App Link (Android) to open on this HTTPS URL and extract the loginId.

WebView configuration

If you must use a WebView, configure it properly:
  • Use SFSafariViewController or ASWebAuthenticationSession for the OAuth flow
  • Standard WKWebView may block redirects to external domains
  • Ensure your app’s domain is properly configured for universal links

Testing

Test your OAuth integration across multiple environments:

Simulate an OAuth flow in the Toolbox

You can test the full front-end OAuth experience in the Toolbox by adding demoOutbound=true to the iframe URL. This routes the Flinks Capital demo institution through the OAuth flow, so you can walk the OAuth screens end to end with sandbox data.
1

Generate an Authorize Token

Call /GenerateAuthorizeToken with your customerId, instance, and flinks-auth-key to obtain a token for the iframe. Use the Toolbox credentials.
2

Load the iframe in OAuth demo mode

Load Flinks Connect with demoOutbound=true and the token you generated:
3

Walk through the simulated OAuth screens

The demo reproduces the full front-end OAuth sequence:
  1. Consent page
  2. Financial institution selection
  3. FI redirecting page
  4. FI online banking: username / password
  5. FI online banking: consent screen
  6. FI online banking: account selection
  7. Success page (returns the loginId)
demoOutbound=true runs the Flinks Capital demo institution through the OAuth flow, which is how you exercise the OAuth screens in the sandbox. When you’re ready for end-to-end validation against a real OAuth institution, use a client (production) instance.