@this-npm-test-org/connection-plaid
v0.2.1
Published
Read-only bank account access via Plaid. Pulls transactions + balances for fund operating accounts so the reconcile-bank-activity intent can match observed bank movements against expected distributions and contributions.
Downloads
460
Readme
@this-npm-test-org/connection-plaid
Read-only bank account access via Plaid for amodal IR agents. Pulls transactions + balances for fund operating accounts so the reconcile-bank-activity intent can match observed bank movements against expected distributions and contributions.
The platform never moves money. JPMorgan (or whichever bank) executes the wires; this connection only reads the bank's record of what happened.
Auth
Plaid authenticates with client_id + secret (+ access_token for data calls)
in the request body — not an Authorization header — so this connection uses
auth.type: "body". Set:
| Env var | Value |
| --- | --- |
| PLAID_CLIENT_ID | Dashboard → Team Settings → Keys. Same across environments. |
| PLAID_SECRET | Secret for the target environment (sandbox / development / production). |
| PLAID_ACCESS_TOKEN | From the Link → public_token → /item/public_token/exchange flow. One per Item. |
| PLAID_BASE_URL | https://sandbox.plaid.com | https://development.plaid.com | https://production.plaid.com |
The runtime merges client_id/secret/access_token into the JSON body of every
call (requires runtime support for auth.type: "body").
Calling it
Plaid is a declarative REST connection, so it's reached through the runtime's
generic request tool (there are no per-operation plaid__* tools — those only
exist for code-shipping drivers). From an intent:
ctx.callTool('request', {
connection: 'plaid', method: 'POST', endpoint: '/transactions/sync',
data: { options: { account_ids: [accountId] } }, intent: 'read',
});
// → { status, data: { added, modified, next_cursor, ... } }Endpoints are allow-listed in connections/plaid/spec.json filter.include_paths
(/transactions/sync, /transactions/get, /accounts/get,
/accounts/balance/get, /item/get). The connection layer applies auth, the
access.json field-restriction policy (e.g. drops transaction.location), and
audit.
