Credit Sesame API integration & OpenFinance bureau data

OpenData · OpenFinance · Bureau data · Protocol analysis

Connect Credit Sesame credit profiles, scores and alerts to your stack

Credit Sesame holds one of the richest consumer credit graphs in North America: daily TransUnion VantageScore refreshes, weekly Sesame Grade letter ratings, Premium 3-bureau pulls covering Experian, Equifax and TransUnion, real-time credit monitoring alerts, and a personalised credit-offer marketplace. Our team analyses the mobile protocol and delivers production-ready endpoints that mirror these surfaces, so your platform can read score history, dispute status, rent-reporting state and offer eligibility through a single OpenFinance-style API.

3-bureau credit score API — Pull current and historical VantageScore values from TransUnion (free tier) or all three bureaus on Premium plans, with score-change deltas and the five-factor breakdown that Credit Sesame surfaces in the dashboard.

Sesame Grade & report summary — Weekly letter grade plus the underlying credit utilisation, payment history, age of credit, credit mix and inquiries weights, normalised to a JSON envelope ready for risk and BI pipelines.

Credit alerts & monitoring webhook — Real-time push of report events: new accounts, balance jumps, hard inquiries, address changes and suspected identity events, fanned out as signed webhooks with idempotency keys.

Offers, simulator & rent reporting — Pre-qualified credit offers with approval-odds metadata, the Credit Score Simulator endpoint for what-if scoring, and rent-reporting submission status for tradeline building.

What we deliver

Deliverables checklist

OpenAPI 3.1 specification covering login, scores, alerts, offers, simulator and rent-reporting
Protocol & auth flow report (OAuth bearer + device-bound session refresh)
Runnable Python (FastAPI) and Node.js (Express) reference clients
Postman / Insomnia collection with seeded fixtures and a sandbox account walkthrough
Test harness covering happy path, expired-token retry, and step-up authentication
Compliance pack: FCRA, GLBA and CFPB §1033 mapping, plus consent-logging schema

Subscription tier coverage

Credit Sesame currently offers a free tier plus paid plans Extra ($9.99/mo), Plus 1-bureau ($12.99/mo), Plus 3-bureau ($24.99/mo) and Platinum ($19.99/mo). Our integration toolkit detects the active tier from the user session and gracefully degrades responses (single-bureau vs. tri-bureau, simulator vs. no simulator) so your downstream services do not break when a member changes plan.

Data available for integration

The table below maps each Credit Sesame surface to its underlying data source, granularity and a typical downstream use. We model every row as a normalised JSON document with a stable bureau and refreshed_at field so analytics, risk and CRM teams can join Credit Sesame data with internal records without bespoke parsers.

Data type	Source / screen	Granularity	Typical use
VantageScore credit score	Home / Score tab	Daily, per bureau	Risk dashboards, lender pricing, lifecycle triggers
Sesame Grade letter rating	Weekly summary	Weekly, A–F with sub-factor weights	Customer segmentation, credit-coaching journeys
Tradeline list	Credit Report Summary	Per account: balance, limit, status, opened-on	DTI calculation, account-level reconciliation
Hard / soft inquiries	Inquiries tab	Per inquiry, with date and creditor	Fraud signals, marketing-suppression lists
Credit alerts	Notifications / push	Event stream: new account, balance jump, address change	Real-time identity-protection workflows
Pre-qualified offers	Offers marketplace	Per offer: APR range, approval odds, partner	Affiliate revenue, embedded finance journeys
Rent reporting state	Premium / Rent	Monthly submission + bureau acknowledgement	Thin-file underwriting, rent-to-own products
Score Simulator output	Premium / Simulator	What-if scenarios with delta estimates	Coaching tools, debt-consolidation modelling

Typical integration scenarios

1. Lender pre-qualification widget

A digital lender embeds a "Check rate" widget. The widget calls our /scores/latest and /offers/prequalified endpoints with the consumer's authorised Credit Sesame token, scores the file against internal underwriting policy, and returns indicative pricing without firing a hard pull. This mirrors the Credit Offers API approach Capital One implemented with Credit Sesame in roughly six weeks of build time, and maps cleanly onto OpenBanking-style consent grants.

2. Personal-finance dashboard sync

A PFM app pulls daily score history and the tradeline list, joins them with bank transactions from a separate aggregator, and renders a single net-worth + credit-health view. The data flow is: POST /auth/login → GET /reports/tradelines?bureau=tu → GET /scores/history?from=2026-01-01, all paginated and idempotent.

3. Identity-protection SOC alerting

A security operations team subscribes to the credit_alerts webhook so that any new tradeline or address change is correlated with internal SIEM events. Each alert payload includes event_type, bureau, severity and a deep-link back to the Credit Sesame dispute flow, enabling one-click consumer-driven freezes.

4. Rent-to-credit thin-file underwriting

A property-tech platform queries /premium/rent-reporting/status to confirm that a renter is actively reporting rent payments to the bureaus. Combined with the simulator endpoint, the platform shows tenants a projected score uplift after twelve months of on-time rent — a powerful retention message that also feeds the landlord's risk model.

5. CRM journey orchestration

A neobank ingests Sesame Grade weekly snapshots into its CRM. When a member moves from "C" to "B", a templated email and an in-app card-upgrade offer are triggered. The same pipeline detects regressions (B → C) and routes the member to free credit-coaching content, increasing engagement without manual segmentation.

Technical implementation

Authentication (OAuth bearer + device session)

POST /api/v1/credit-sesame/auth/login
Content-Type: application/json

{
  "username": "user@example.com",
  "password": "<encrypted>",
  "device_id": "ios-9F3...A2",
  "consent_id": "csm-consent-2026-05-04-001"
}

200 OK
{
  "access_token": "eyJhbGciOi...",
  "refresh_token": "rft_8a91...",
  "expires_in": 1800,
  "tier": "premium_3b",
  "scopes": ["scores.read","reports.read","alerts.subscribe","offers.read"]
}

3-bureau score & Sesame Grade pull

GET /api/v1/credit-sesame/scores/latest?bureaus=tu,eq,ex
Authorization: Bearer <ACCESS_TOKEN>

200 OK
{
  "as_of": "2026-05-04T08:12:33Z",
  "scores": [
    {"bureau":"transunion","model":"VantageScore 3.0","value":712,"delta_30d":+8},
    {"bureau":"equifax",  "model":"VantageScore 3.0","value":705,"delta_30d":+5},
    {"bureau":"experian", "model":"VantageScore 3.0","value":718,"delta_30d":+11}
  ],
  "sesame_grade": {
    "letter": "B",
    "factors": {
      "payment_history":"A","credit_usage":"C",
      "credit_age":"B","account_mix":"B","inquiries":"A"
    }
  }
}

Credit alerts webhook (server-to-server)

POST https://your-app.example/webhooks/credit-alerts
X-Sesame-Signature: t=1714809600,v1=9f8c...
Content-Type: application/json

{
  "event_id": "evt_01HZRT6X...",
  "event_type": "new_tradeline",
  "bureau": "transunion",
  "severity": "info",
  "consumer_id": "csm_user_88142",
  "payload": {
    "creditor": "Chase Sapphire",
    "balance": 0,
    "limit": 12000,
    "opened_on": "2026-05-02"
  },
  "occurred_at": "2026-05-04T07:55:11Z"
}

Score Simulator (Premium)

POST /api/v1/credit-sesame/simulator/run
Authorization: Bearer <ACCESS_TOKEN>

{
  "scenarios": [
    {"action":"pay_down_card","card_id":"tl_551","amount":2500},
    {"action":"open_card","limit":8000,"utilization_pct":3}
  ]
}

200 OK
{
  "baseline": 712,
  "projected": [
    {"action":"pay_down_card","value":731,"delta":+19},
    {"action":"open_card","value":707,"delta":-5}
  ],
  "horizon_days": 60
}

Compliance & privacy

Credit data is highly regulated in the United States. We ship every Credit Sesame integration mapped to the Fair Credit Reporting Act (FCRA) and the CFPB's Section 1033 personal financial data rights rule, which formalises consumer-permissioned access to financial accounts. Our pipelines redact direct identifiers at ingest, log every consent grant with a verifiable timestamp, and honour withdrawal-of-consent within minutes. Data at rest is encrypted with KMS-backed keys, while transport uses TLS 1.3 with certificate pinning to mitigate man-in-the-middle attacks against mobile sessions.

Beyond FCRA, integrations align with the Gramm-Leach-Bliley Act (GLBA) Safeguards Rule, U.S. state privacy laws (CCPA/CPRA, VCDPA), and where the consumer is in Canada, PIPEDA. We provide a one-page compliance matrix that maps each endpoint to the legal basis for processing.

Data flow / architecture

The reference pipeline is intentionally short and auditable:

Mobile client — Credit Sesame login surface mirrored through our protocol-aware client with consent capture.
Ingestion API — OAuth bearer endpoints normalise scores, tradelines, alerts and offers into a single envelope.
Storage — Encrypted Postgres + cold S3 archive, with row-level access policies tied to consent IDs.
Output — REST + webhook fan-out; optional Kafka topic for high-volume risk consumers.

Market positioning & user profile

Credit Sesame is positioned as a free-to-start, U.S.-focused credit health platform. Membership exceeds 18 million according to the company's own marketing, with primary user segments being credit-curious millennials and Gen-Z consumers building thin files, sub-prime borrowers actively repairing their credit, and home-buyers preparing for mortgage applications. The product is delivered on Android and iOS plus a responsive web dashboard, and the company also operates the white-label "Sesame" platform that powers the TransUnion direct-to-consumer experience. For B2B integrators, that means the same data model is already battle-tested at bureau scale.

About OpenFinance Lab

We are an independent studio focused on fintech and open-data API integration, with prior shipping experience across U.S. credit bureaus, U.K. Open Banking, EU PSD2 and India UPI. Engineers on the team have built protocol-analysis pipelines for mobile credit and banking apps for the past eight years.

Credit, lending, identity, and PFM API integrations
Enterprise API gateways with SOC 2 alignment
Custom Python / Node.js / Go SDKs and test harnesses
Source code delivery from $300 — runnable API source plus full documentation; pay after delivery upon satisfaction
Pay-per-call hosted API — usage-based pricing with no upfront cost

Screenshots

Click any thumbnail to view a larger version. These previews show the surfaces our integration mirrors: the score dashboard, Sesame Grade summary, alerts and offer screens.

Similar apps & integration landscape

Most teams that integrate Credit Sesame also work with one or more of the apps below. We list them here purely as part of the broader U.S. credit-data ecosystem — each one holds different angles on the same underlying consumer credit graph, and unifying them is a common ask.

Credit Karma — TransUnion and Equifax scores plus tax and banking surfaces; integrators often need a unified score-history feed across both Karma and Sesame.
Experian — Direct-from-bureau Experian FICO 8 score, full report and Boost data; pairs well with Sesame for reconciling discrepancies between bureaus.
myFICO — Industry-standard FICO scores across all three bureaus on the Advanced and Premier plans; useful as a "ground truth" alongside Sesame's VantageScore.
NerdWallet — TransUnion VantageScore plus product-recommendation surfaces; common in PFM and aggregator stacks.
Aura — Identity protection with three-bureau monitoring and credit fraud alerts; complements Sesame alert webhooks for SOC and IDP workflows.
Identity Guard — Identity-theft protection with credit monitoring, often integrated alongside Sesame for benefits-platform bundles.
Dovly AI — Automated credit-repair and dispute flows; teams pair Dovly's dispute output with Sesame's tradeline state for end-to-end repair journeys.
WalletHub — Daily TransUnion credit reports and detailed factor analysis, sometimes used for redundant score pulls in risk pipelines.
Credit.com — Free Credit Report Card and ExtraCredit; commonly aggregated for marketing-attribution analytics.
TransUnion (direct) — Bureau-direct subscription powered by Credit Sesame's white-label "Sesame" platform; the Sesame data model is therefore already aligned to TransUnion's surface.

Engagement workflow

Scope confirmation: which surfaces (scores, tradelines, alerts, offers, simulator, rent reporting).
Protocol analysis & API design — 2–5 business days.
Build and internal validation against a sandbox account — 3–8 business days.
Docs, sample apps and FCRA/CFPB §1033 compliance pack — 1–2 business days.
First delivery typically 5–15 business days; bureau or lender approvals can extend timelines.

FAQ

What credit data can I extract from Credit Sesame?

Daily TransUnion VantageScore, Sesame Grade letter rating, account-level tradelines from Premium 3-bureau pulls (Experian, Equifax, TransUnion), credit alert events, instant credit offers and rent reporting status. Each is delivered as a normalized JSON object with timestamp and bureau source.

Is Credit Sesame integration FCRA compliant?

Yes. We only ingest data the end user has explicitly authorized through the standard Credit Sesame login flow, log every consent grant, redact PII at rest, and align with the Fair Credit Reporting Act (FCRA), GLBA safeguards and CFPB section 1033 personal financial data rights.

How long does delivery take?

A single-bureau score and Sesame Grade endpoint typically ships in 5–8 business days. A full Premium 3-bureau, alerts and offers stack with simulator hooks usually takes 10–15 business days, depending on sandbox approval.

Do you support webhooks for credit alerts?

Yes. We expose a /webhooks/credit-alerts endpoint that fans out alert events (new tradeline, balance change, hard inquiry, address change, suspected identity event) over signed HTTPS callbacks within seconds of detection.

Contact

For quotes or to submit your target app and requirements, open our contact page:

Contact page

📱 Original app overview (appendix)

Credit Sesame is an all-in-one credit score management app designed to improve credit scores and overall financial health. It analyses each member's credit profile to surface relevant credit cards and lending products, refreshes the TransUnion VantageScore daily, issues a weekly Sesame Grade letter rating, and provides real-time credit monitoring with alerts on report changes.

The Premium subscription unlocks 3-bureau scores from Experian, Equifax and TransUnion, the Credit Score Simulator, dispute support, rent payment reporting to credit bureaus, and instant pre-qualified credit offers with high approval odds. The disclosures section notes that personal-loan offers come from third-party advertisers, with APRs ranging from 1.99% to 35.99% on terms of one to ten years; for example a $15,000 loan over 48 months would carry monthly payments between $338 and $594 across that APR range, making the total repayment between roughly $16,212 and $28,492.

Free daily TransUnion credit score and weekly Sesame Grade summary
Real-time alerts and continuous credit monitoring on report changes
Premium 3-bureau scores plus the Credit Score Simulator and dispute support
Rent Reporting to build credit history and Instant Credit Offers marketplace
Customer service: help@creditsesame.com — policies at https://www.creditsesame.com/legal/policies/
Membership: 18M+ users globally, primarily across the United States