5. Requirements for Financial Institution OAuth authorization
To enable OAuth authorization for financial institutions, configure your Cross-Origin-Opener-Policy (COOP) response header to same-origin-allow-popups. This setting ensures that the Account Linking OAuth flow functions correctly within your customer-facing framework.
Acceptable COOP settings
same-origin-allow-popups(recommended)unsafe-none(default, also compatible)
Any other COOP setting may prevent the OAuth flow from functioning properly.
How it works
During the account linking process, the Account Linking component opens a popup window that loads the financial institution's login page where users authorize access. If your COOP setting is too restrictive, financial institutions that use OAuth authorization will not load their login pages in the popup, preventing users from linking their accounts.
Updated 3 days ago