Skip to main content

Integration and Configuration

Configuration Scenarios for the Connect Widget

Below we list several scenarios which partners may wish to present to end users, along with the correct configuration settings for each situation.

ScenarioSettings
Answer MFA for a specific memberSet the current_member_guid to a member whose connection_status is CHALLENGED. Connect will load the MFA view so the end user can respond to the MFA challenge.
Disable search when loading a specific institutionSet disable_institution_search option to true and set the current_institution_code or current_member_guid option. Connect will load the login view for the specified institution, but will not allow the end user to navigate to the search view.
Resolve a member's error(s)Set the current_member_guid option to a member in an error state. Connect will load in the error view so the end user can resolve the error.
Run aggregation but exclude transactionsSet the include_transactions option to false when creating or updating a member. Connect will not automatically aggregate transaction data. Future manual or background aggregations will not be affected.
Run aggregation with a specific institutionSet the current_institution_code option to the desired institution's code, but do not set the mode option. Connect will load the login view for that institution.
Run verification with a specific institutionSet the current_institution_code option to the desired institution's code, and set the mode option to verification. Connect will load the login view for that institution.
Update a member's credentialsSet the current_member_guid to the desired member's GUID, and set the update_credentials option to true. Connect will load the update credentials view for the member. This option should be used sparingly. It is best practice to only use current_member_guid and let the widget take care of things.

Example Integration

EpicBank wants to use a SAML login process to load widgets within their online banking. Their client_id has been set to epic and they send the following configuration information to MX.

Once MX has received and confirmed this configuration, Epic Bank changes their online banking to embed an iFrame on their landing page like the Identity Provider Certificate example that follows.

When this iFrame loads in the user's browser it sends a GET request to Epic Bank's identity provider service asking to send the user to MX. The identity service verifies that the user has an active session and then renders a page which sends a POST request to https://int-app.moneydesktop.com/login/epic.

When MX receives the POST request, the widgets service decrypts the SAMLResponse and uses the nameid attribute to start a session for the user and load the widget in the iFrame.

Identify Provider Certificate


_20
-----BEGIN CERTIFICATE-----
_20
MIIDQzCCAiugAwIBAgIJAMyA9rp3uBkZMA0GCSqGSIb3DQEBCwUAMDgxCzAJBgNV
_20
BAYTAlVTMQ0wCwYDVQQIDARVdGFoMQ0wCwYDVQQHDARMZWhpMQswCQYDVQQKDAJN
_20
WDAeFw0xNjA1MzEyMDEzMTBaFw0yNjA1MzEyMDEzMTBaMDgxCzAJBgNVBAYTAlVT
_20
MQ0wCwYDVQQIDARVdGFoMQ0wCwYDVQQHDARMZWhpMQswCQYDVQQKDAJNWDCCASIw
_20
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMORkxP+3Qqu2cwm6OQ1sLoaprPW
_20
hTS+1lNYxBn99ITcA81HjYD6jZOjGyKQpnugillyLm0Av183rxTn4vfO9fCiqhc+
_20
m6wWp437ufIhh9ZmiAQ1wm1/lFbWoEqAC7wLTu1V35HQfM/WyhxDASxkI/hUZKwd
_20
O7xykc8SxzG853eqt84FeL1s2vcWVJeDJLqf20SRvEAV0Ou+wIuD2a+TCQ3xGour
_20
5fpPLb6VEnHVo7CCXfywOBk2mntBBl5KJja+v66a7TnRjZ+8BFIHQIa6OONnprTd
_20
G5sP9Oryp8DamT6jbyYewEvGKcYRR5bIS0l/TXePyE4OLmUI/hAH9/Us0LkCAwEA
_20
AaNQME4wHQYDVR0OBBYEFGo4rumtn+rgiLETYkL1JZRHmbNPMB8GA1UdIwQYMBaA
_20
FGo4rumtn+rgiLETYkL1JZRHmbNPMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEL
_20
BQADggEBAHXrgh3mF1QovLRZF73k1ipIb44lG2SzmLMHon5yoJyBzTRo5c1Ns1jq
_20
QeoeVkYj7bRoiKt7t+k2vIlQl1JmiuSpSXsbor5cexPmjHaSyZAI62eHPL/X9qcz
_20
mFuEwzDUL36cWXh/AZ8zbJPTxQbRdp8y1koB4cahAtnPMVfuSJiaRVMlrm+Wbjff
_20
0MovwQJH29IGuKrS98xyCSsDpYTqlIkkNgZWPBges5tv8gdCkVp3eXxvlEpIhxZk
_20
fC5oKw7znHUNgGjI26X8qYOPrfkUgjmvD2TQ4DOOOS9ZHBslZbKn3VVDNiiNHNHQ
_20
tyLZfyHpy9n1DGGVZGcQYW2/eY7YAdg=
_20
-----END CERTIFICATE-----

Certificate fingerprint


_10
603c36feb6a512ec64418fbe776edc2aee7ec3e9a2fcd07d04192ac1d277bb06

Digest algorithm


_10
http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
_10
<iframe width="850" height="550" border="0" frame="0" frameborder="0" allowtransparency="true" src="https://www.epicbank.com/idp?sp=mx" marginheight="0" marginwidth="0"></iframe>

On this page