Create a connection

curl --request POST \
  --url https://breadbox.example.com/api/v1/connections \
  --header 'Content-Type: application/json' \
  --header 'X-API-Key: <api-key>' \
  --data '
{
  "user_id": "<string>",
  "credentials": {}
}
'

{
  "id": "<string>",
  "short_id": "<string>",
  "user_id": "<string>",
  "institution_name": "<string>",
  "institution_id": "<string>",
  "paused": true,
  "sync_interval_seconds": 123,
  "last_sync_at": "2023-11-07T05:31:56Z",
  "next_sync_at": "2023-11-07T05:31:56Z",
  "created_at": "2023-11-07T05:31:56Z",
  "updated_at": "2023-11-07T05:31:56Z"
}

Connections

Create a connection

Generic, provider-discriminated create. Supersedes POST /connections/plaid/exchange, POST /connections/teller, and POST /connections/csv/import.

The credentials shape depends on provider:

plaid — {public_token, institution_id, institution_name, accounts?}
teller — {access_token, enrollment_id, institution_id?, institution_name, accounts?}
csv — {csv_base64, column_mapping, account_name?, date_format?, ...} (also accepts multipart/form-data with a file field plus the same configuration fields as form values).

Returns the same {connection_id, institution_name, status} envelope all three legacy routes produce. Requires full_access scope.

POST

api

connections

Create a connection

curl --request POST \
  --url https://breadbox.example.com/api/v1/connections \
  --header 'Content-Type: application/json' \
  --header 'X-API-Key: <api-key>' \
  --data '
{
  "user_id": "<string>",
  "credentials": {}
}
'

{
  "id": "<string>",
  "short_id": "<string>",
  "user_id": "<string>",
  "institution_name": "<string>",
  "institution_id": "<string>",
  "paused": true,
  "sync_interval_seconds": 123,
  "last_sync_at": "2023-11-07T05:31:56Z",
  "next_sync_at": "2023-11-07T05:31:56Z",
  "created_at": "2023-11-07T05:31:56Z",
  "updated_at": "2023-11-07T05:31:56Z"
}

Authorizations

X-API-Key

string

header

required

Breadbox API key with format bb_<base62>. Carries either read_only or full_access scope. Write endpoints (and a handful of sensitive reads — /api-keys, /users/{user_id}/login) require full_access; endpoints that require it are flagged in their description.

Body

provider

enum<string>

required

Available options:

plaid,

teller,

csv

user_id

string

UUID or short_id

credentials

object

Response

Created connection.

string

short_id

string

user_id

string

provider

enum<string>

Available options:

plaid,

teller,

csv

institution_name

string | null

institution_id

string | null

status

enum<string>

Available options:

active,

error,

pending_reauth,

disconnected

paused

boolean

sync_interval_seconds

integer | null

last_sync_at

string<date-time> | null

next_sync_at

string<date-time> | null

created_at

string<date-time>

updated_at

string<date-time>

List connections Get connection

Documentation Index

Authorizations

Body

Response