Callbacks - Emerge API

After a user completes (or exits) the consent flow, they’re redirected to your redirect_uri with query parameters indicating the result.

Callback parameters

Parameter	Always Present	Description
`status`	Yes	`success`, `reauthorized`, or `failure`
`state`	Yes	The state value you provided in the link
`uid`	Yes	The user identifier returned by Emerge. If you provided `uid`, you get the same value; if you omitted it, Emerge generates a pairwise `uid`.
`error_code`	Only on failure	Error code explaining the failure

Do not ask end-users for uid or collect it in the frontend. Store the callback uid server-side and map it to your internal user record. This avoids wrong-user data access and keeps identifiers private.

Status values

`success`

First-time consent granted. This user has connected their data for the first time with your application.

https://yourapp.com/callback?status=success&state=abc123&uid=psub_d4e5f6789012345678901234abcdef01

`reauthorized`

User re-linked an existing consent. This happens when:

User clicks the link again after previously consenting
User re-authenticates after token expiration

https://yourapp.com/callback?status=reauthorized&state=abc123&uid=psub_d4e5f6789012345678901234abcdef01

`failure`

User cancelled or an error occurred during the flow.

https://yourapp.com/callback?status=failure&state=abc123&uid=psub_d4e5f6789012345678901234abcdef01&error_code=user_failed

Error codes

Error Code	Description	Suggested Action
`user_failed`	User cancelled or denied consent	Show retry option
`data_invalid`	Insufficient data in user’s account	Explain data requirements
`access_denied`	User denied OAuth permissions	Explain why permissions are needed
`invalid_scope`	Required scopes not available	Contact support
`admin_policy_enforced`	Organization policy blocks access	User needs admin approval
`uid_conflict`	Different user already linked with this uid	Use a unique uid per user

Handling callbacks

import express from 'express';

const app = express();

app.get('/emerge/callback', async (req, res) => {
  const { status, state, uid, error_code } = req.query;

  // 1. Verify state matches (CSRF protection)
  const expectedState = req.session.emergeState;
  if (state !== expectedState) {
    console.error('State mismatch - possible CSRF attack');
    return res.status(400).redirect('/error?reason=invalid_state');
  }

  // Clear stored state
  delete req.session.emergeState;

  // 2. Handle based on status
  switch (status) {
    case 'success':
      // First-time consent - data export will start automatically
      await saveUserConsent(uid as string, {
        consentedAt: new Date()
      });

      // Redirect to success page
      return res.redirect('/dashboard?connected=true');

    case 'reauthorized':
      // Existing consent refreshed
      await updateUserConsent(uid as string, {
        reauthorizedAt: new Date()
      });

      return res.redirect('/dashboard?reconnected=true');

    case 'failure':
      // Handle specific error codes
      const errorMessage = getErrorMessage(error_code as string);

      return res.redirect(`/connect?error=${encodeURIComponent(errorMessage)}`);

    default:
      return res.status(400).redirect('/error');
  }
});

function getErrorMessage(errorCode: string): string {
  const messages: Record<string, string> = {
    'user_failed': 'You cancelled the connection. Click below to try again.',
    'data_invalid': 'Your account doesn\'t have enough data history yet.',
    'access_denied': 'Permission was denied. We need access to provide this feature.',
    'admin_policy_enforced': 'Your organization\'s policy prevents this connection.'
  };

  return messages[errorCode] || 'Something went wrong. Please try again.';
}

State verification

Always verify the state parameter matches what you stored before the redirect. This prevents CSRF attacks where an attacker tricks a user into linking their account to the attacker’s data.

Recommended state storage

Storage	Pros	Cons
Session	Simple, automatic cleanup	Requires session middleware
Redis	Distributed, TTL support	Additional infrastructure
Database	Persistent, auditable	More complex queries
Signed cookie	Stateless	Size limitations

What happens after success

When you receive success or reauthorized:

Data export starts automatically - Emerge begins exporting the user’s data from their provider
Export takes 1-15 minutes - Depending on data volume
Webhook updates (optional) - You may receive consent events plus data.ready/data.failed for provider-level export updates
Poll export readiness (recommended fallback) - Check GET /export/status/{uid} and query only when the provider in sources[] has data_ready: true

Use provider-level readiness from sources[] instead of assuming all providers are ready at once.

Completed session handling

If a user clicks a consent link after they’ve already completed consent:

They see a brief “already connected” message
They’re redirected to the Data Wallet (not back to your redirect_uri)
No new callback is triggered

This prevents confusion from re-processing completed flows.

Documentation Index

​Callback parameters

​Status values

​success

​reauthorized

​failure

​Error codes

​Handling callbacks

​State verification

​Recommended state storage

​What happens after success

​Completed session handling

Callback parameters

Status values

`success`

`reauthorized`

`failure`

Error codes

Handling callbacks

State verification

Recommended state storage

What happens after success

Completed session handling