Stitch SSO

4.2. Access Tokens

The Stitch API allows access through two types of access tokens, User tokens and Client tokens. All API calls to Stitch need to include one of these access tokens. The different use cases are outlined below.

Client Tokens

This token is needed to perform actions not linked to a user (e.g. business lookup, business account verification, creating payment requests). For more detail see Client tokens.

User Tokens

This token is needed for any data retrieval from a user's bank account. User tokens represent authorization to perform certain actions on a user's bank account e.g. accounts, transactions, balances etc. For more detail see User Token SSO flow.