The way in which you interact with Dwolla’s authorization server will remain unchanged. OAuth user account access tokens that are currently issued to applications leveraging v1 can be used to call various Dwolla v2 API endpoints.

Scopes used in the Dwolla v2 API: Send, Transactions, Funding, AccountInfoFull, and ManageCustomers.

In v1, some API endpoints only require your application key and secret (for instance, creating a checkout or looking up a user), but most require an OAuth access token. In the Dwolla v2 API, all API endpoints require either an OAuth user account access_token or an application access_token in order to authenticate. Application access tokens are new and only used to access protected resources that belong to the application itself including: webhooks, webhook-subscriptions, and events.

For endpoints that require an OAuth access token, it should be included in the Authorization HTTP header like so: Authorization: Bearer <TOKEN_HERE>.

Production: Operational

Financial institutions play an important role in the Dwolla network.

Dwolla, Inc. is an agent of Veridian Credit Union and all funds associated with your account in our network are held in one or more pooled accounts at Veridian Credit Union. These funds may not be eligible for share insurance by the National Credit Union Share Insurance Fund. Dwolla, Inc. is the operator of a software platform that communicates user instructions for funds transfers to Veridian Credit Union.