Language

Authentication

The way in which you interact with Dwolla’s authorization server will remain unchanged. OAuth user account access tokens that are currently issued to applications leveraging v1 can be used to call various Access API endpoints.

Scopes used in the Access API: Send, Transactions, Funding, AccountInfoFull, and ManageCustomers.

In v1, some API endpoints only require your application key and secret (for instance, creating a checkout or looking up a user), but most require an OAuth access token. In the Access API, all API endpoints require either an OAuth user account access_token or an application access_token in order to authenticate. Application access tokens are new and only used to access protected resources that belong to the application itself including: webhooks, webhook-subscriptions, and events.

For endpoints that require an OAuth access token, it should be included in the Authorization HTTP header like so: Authorization: Bearer <TOKEN_HERE>.


Financial institutions play an important role in the Dwolla network.

Dwolla, Inc. is an agent of Veridian Credit Union and Compass Bank and all funds associated with your account in the Dwolla network are held in pooled accounts at Veridian Credit Union and Compass Bank. These funds are not eligible for individual insurance, including FDIC insurance and may not be eligible for share insurance by the National Credit Union Share Insurance Fund. Dwolla, Inc. is the operator of a software platform that communicates user instructions for funds transfers to Veridian Credit Union and Compass Bank.