To get started, sign up for a sandbox account here. After registration, you will have access to a sandbox application client_id and client_secret to build and test how Finch works using simulated data. This guide will help you send your first request to Finch’s API while the following guides dive deeper into the concepts and help you integrate Finch into your production application.

Open Finch Connect in sandbox mode

Finch Connect provides a secure and elegant authorization flow for your users to grant your application access to their systems.
Note: this quickstart guide is a simplified, but manual way of generating an authorization code and exchanging it for an access_token, which can be used to subsequently call our APIs. In a true production environment, you will want to automate this process completely inside your application’s code.
Since this quickstart assumes you have not built an application yet, we must make sure that a proper redirect_uri is set up before continuing or our authorization code generation will fail. In your Finch Dashboard, go to the “Redirect URIs” section and select + Add Redirect URI. We are going to use https://example.com for testing purposes. In production, you will want to use your own application’s urls for the Redirect Uris (and remove all mentions of https://example.com or http://localhost). Redirect URIs are only needed if you are redirecting to Finch Connect. If you decide to use our embedded Finch Connect flow, you do not need to specify a redirect_uri; the SDK does this for you. We will launch Finch Connect - our secure authorization flow for your users to grant your application access to their systems - by making an API call to the endpoint below. Make sure to replace <your_client_id> with the client id found in your Finch Dashboard. Remove the angle brackets when replacing <your_client_id>. customer_id and customer_name can be any identifiers you have internally for your end users. After the API call succeeds, navigate to the URL found in the response body on your browser. 
curl https://api.tryfinch.com/connect/sessions \
-X POST \
-H "Content-Type: application/json" \
-u "<your_client_id>:<your_client_secret>" \
--data-raw '{
		"customer_id": "<your_client_id>",
		"customer_name": "<your_customers_name>",
    "products": ["directory", "individual", "employment"],
		"redirect_uri": "https://example.com",
    "sandbox": "finch"
}'

{
	"session_id": "f47ac10b-58cc-4372-a567-0e02b2c3d479",
	"connect_url": "https://connect.tryfinch.com/authorize?session=f47ac10b-58cc-4372-a567-0e02b2c3d479"
}
Note that we have set sandbox=finch. This is required only when testing in our sandbox environment

Log in to the Finch sandbox account

Select any provider on the selector page and log in with valid mock credentials. For example, you can choose ADP Workforce Now and log in with the credentials good_user and good_pass.

Exchange the authorization code for an access token

After successfully logging in via Finch Connect, your browser will be redirected to https://example.com with the query parameter code in the browser URL. Copy the code from the url and save it in your text editor. In a production system, however, the browser will redirect to your url and your application will automatically copy the code and perform the remaining steps programmatically. To exchange the code for a token, we use the curl command below. Copy the code below, paste into your text editor, replace the <your_authorization_code> in the command with the one you saved above (making sure to not include the angle brackets). 
curl https://api.tryfinch.com/auth/token \
-X POST \
-H "Content-Type: application/json" \
--data-raw '{
    "client_id": "<your_client_id>",
    "client_secret": "<your_client_secret>",
    "code": "<your_authorization_code>",
    "redirect_uri": "https://example.com"
}'
Congratulations!You have sent your first request to Finch’s API. The next step is to embed Finch Connect into your application.