Connections

A connection is the term for the relationship between your application and your user’s bank, facilitated by TrueLayer. Once your user has granted consent and undergone the authentication process, there will be a valid connection, identified by an access token that can be used to fetch Account Information from their bank.

A active connection requires an active consent and an active authentication.

To use any of TrueLayer's AIS powered products, you must first create a connection.

Consent

Open banking is built upon data access being shared by an end user who has given full and informed consent. The consent is given to and stored by the licensed Account Information Service Provider (AISP). If you are not a licensed AISP, the consent is given to TrueLayer.

Consent has a limited length of validity, and will expire. The length of validity varies because different countries set different rules.

When a consent expires you won’t be able to access data until the your user reconfirms their consent.

Authentication

Once your user has granted consent, TrueLayer can start the authentication process with their bank. Once they have successfully finished the authentication process, TrueLayer will receive and securely store the information needed to access your user's bank information upon request.

Authentications may expire, depending on the open banking standard and the individual bank being accessed.

In general, authentications expire after a set period of time. The duration of validity varies but is usually 90 days. The exception is the UK where authentications are open-ended and never expire. Instead, it is consent that needs to be reconfirmed at least every 90 days to continue data access.