How come the credential_id is not returned as part of the token response? Naomi July 19, 2019 17:23 Updated Follow We do already but it's hidden. You can decode the access token by using a web token decoder (we use jwt.io) Look for the "sub" parameter, which is also known as "credential_id". Related articles How do I make my first API call? What banks/cards are you integrating next? Which UK banks are you integrated with? What to send on an incident ticket? Can I whitelist the IP's used by TrueLayer? Comments 0 comments Article is closed for comments.