Some clients struggle to implement and/or understand how or when to update their tokens.
The diagram and explanation below should provide a clear picture of how tokens should be saved and mapped in the client’s database.
Each end-user connection to a provider should have a unique
credentials_id. For example:
- If an end-user“A” connects to Natwest, they will have TrueLayer
- If the same user“A” connects to a different bank, Barclays, for instance, they will have different
In other words, one pair of
credentials_idshould be mapped to only one pair of
refresh_token. The user A from the example above would have 2 pairs of
refresh_token- because they’re connected to 2 providers.
This relationship is 1-to-1: 1
credentials_idhas only 1
Check the diagram below for more:
Note: Please keep in mind that TrueLayer does not have the concept of "end-user" in our logic. Developers using our API can map an end-user to multiple
credentials_id, but we do not see this mapping (only separate
Still having problems?
- Make sure you are replacing the TrueLayer
refresh_tokenafter every new token refresh.
- Save tokens in one place/table and link them to other places where necessary. This avoids duplicates and errors with tokens not updated, as well as improved performance.
If you need more information...
Check how to renew access_tokens in our .