Guides
For Advertisers
Start typing to search…
  1. implementation
  2. Cardlytics-Built Hosted Experience

Check Account Link Status

Learn the process for initiating and authenticating a session with the Cardlytics Publisher Rewards API

Abstract

This document outlines the process for retrieving a customer’s account link status using the Cardlytics Publisher Rewards API via the /v2/data/accountLink endpoint. It describes authentication requirements, request headers, request method, response behaviors, and security requirements for client integrations.

Summary

To retrieve account link status, clients must send a GET request to /v2/data/accountLink with a valid bearer token and an anonymized customer identifier provided in the x-source-customer-id header.

This endpoint is typically used after session initialization to determine whether a user has linked an account and to decide whether to prompt the user to link or route them directly into the Cardlytics Rewards experience.

How To Get Account Link Status

Get Account Link Status

GET /v2/data/accountLink

Hostname:
https://publisher-rewards-api.cardlytics.com

This endpoint checks whether the customer associated with the provided x-source-customer-id has any linked accounts.

Request Headers

  • Content-Type: application/json
  • Authorization: Bearer <session_token>
  • x-source-customer-id: string
  • x-mock-data: boolean (optional, defaults to false)

Notes:

  • The Authorization header must contain a valid bearer token obtained from POST /v2/session/startSession.
  • The same x-source-customer-id used during session creation must be reused for this request.
  • See the Security Requirements section for guidance on securing the customer identifier.

Request Payload

This endpoint does not require a request body.

Sample cURL Request

curl --location 'https://publisher-rewards-api.cardlytics.com/v2/data/accountLink' \
--header 'Content-Type: application/json' \
--header 'x-source-customer-id: 4c1a31fd8709e39c5226a61a45d29754b4076ff868acf4f7cafdd275b8ab2789' \
--header 'x-mock-data: false' \
--header 'Authorization: Bearer <session_token>'

Response Handling

204 No Content

Returned when no account link is found for the provided customer.

Meaning:

  • The customer does not have any linked accounts.
  • The client should prompt the user to initiate the account linking flow.

Response Body:
Empty

200 OK

Returned when the customer has one or more linked accounts.

Sample Response

{
  "accountLinks": [],
  "accounts": [
    {
      "accountId": "71400000000153",
      "status": "OPEN",
      "last4": "9416",
      "cardType": "checking",
      "name": "DEMO PERSONAL CHECKING",
      "linkedDate": "2026-01-31T01:33:51.547Z",
      "expirationDate": "1769824981000",
      "fiName": "Demo Bank",
      "fiLogo": null
    }
  ]
}

Field Descriptions

  • accounts: List of linked financial accounts
  • accountId: Cardlytics internal account identifier
  • status: Current account status
  • last4: Last 4 digits of the account
  • cardType: Account type
  • name: Account display name
  • linkedDate: Timestamp when the account was linked
  • expirationDate: Unix timestamp in milliseconds representing expiration
  • fiName: Financial institution name
  • fiLogo: Financial institution logo, if available

Authorization Errors

If the bearer token is missing, expired, or invalid, the API returns a 401 Unauthorized response. In this case, a new session token must be generated using POST /v2/session/startSession.

Updated 5 days ago