Welcome to Pinwheel, the fastest way to securely update direct deposits.
Pinwheel provides a set of SDKs and APIs that allow end-users to authorize 3rd party applications to update their direct deposits on payroll platforms such as ADP, Paychex, Gusto, and many more.
An end to end integration with Pinwheel involves both server-side and client-side configurations. On the server-side, the application can interface with Pinwheel through a REST API service.
On the client-side, end-users interact with Link. Link provides a modal view that allows the end-user to select their payroll provider, authenticate with their login credentials, and consent to updating their direct deposit.
Developers should first create a workspace at https://developer.getpinwheel.com to obtain their API secrets.
There are two types of jobs supported on the platform:
There are three Pinwheel modes:
Use sandbox mode to build and test your integration. In this mode, you use test credentials to authenticate with payroll platforms, but no actual updates are made to any payroll platform. The sandbox API server is available at https://sandbox.getpinwheel.com.
Development mode can be used to test your integration before going live to production. In this mode, you use real credentials to authenticate and direct deposits are actually updated on the payroll platform. The development API server is available at https://development.getpinwheel.com.
Use production mode to go live with your integration. Your end users will use their login credentials to authenticate and update direct deposits on payroll platforms. Note, in this environment, all successful direct deposit updates are billed. The production API server is available at https://api.getpinwheel.com.
To initialize Pinwheel, a short-lived link token will need to be generated first. Your server can generate the link token by sending a POST request to the /v1/link/tokens endpoint. DO NOT ever send this request from the client side and publicly expose your api_secret.
The link token returned is valid for 15 minutes, after which it expires and can no longer be used to initialize Link. The expiration time is returned as a unix timestamp.
Pinwheel Link opens up as a modal in your application. Through the modal, end-users can select their payroll platform, authenticate with their login credentials, and authorize the direct deposit change.
Pinwheel Link is initialized with a recently generated link token. Additionally, you can pass in completion handler functions that are called after the Link flow is complete.
In sandbox mode, you can use the following credentials to test Link:
For providers that support optional multifactor authentication, use the following credentials to test the mfa flow:
To test error handling, use the following credentials to trigger an exception:
Link comes with the ability to programmatically close itself through the developer console
The Pinwheel instance is an event emitter. You can listen to events that are triggered from user interactions. The event emitter used is EventEmitter2 which allows wildcards.
Link's onFailure callback handler can return the following error codes and messages.
All requests to Pinwheel’s API are required to include a custom HTTP header with the correct API secret for your application and environment.