TrueLayer lets you control the permissions the client ( app ) requests. Here’s a list of the available permissions.
Of course, I’m not saying anything untoward is happening here. I’m just highlighting that it would have been a decision to request those permissions. What I gathered from the OP is they want an alternative method to link an account or to understand why the permissions are needed. It also seems like they asked in support first.
I mentioned it further up in the thread, but to repeat it, I wonder what the drop off is when a new user is presented with this. Everyone doesn’t query this type of thing, they just drop off.
Perhaps it’s worth asking the question on permissions in Community Meetup - 8 PM Wed 12th May 2021, live on Zoom and maybe it will be addressed in the call.