MFA credentials
Best practice is to use the list member challenges endpoint to list challenges that need to be answered; however, MX continues to support partners who use the mfa credentials endpoint for this purpose.
Institutions often require MFA (multi-factor authentication) in order to refresh a member. This form of authentication is typically a question/answer about the user - similar to “Where did you go to high school?” or “Where would you like an authentication token to be sent?”.
In the event that we do not have the answer to the question being asked by the institution, the aggregation job will be returned with a “CHALLENGED” status. This will require the user to answer the mfa question(s) to aggregate the member.
This endpoint will return the credentials that need to be created (questions that need to be answered) to aggregate the member.
Authorizations
MX Session Token
- Request an API token using the read API token endpoint in the MX SSO API.
- Exchange an API token for a session token.
- A session token is obtained by sending a POST request to /sessions
- The session token will be used in each request made for the user. It should be passed in an
MD-SESSION-TOKENHTTP header as shown below. - This session token is valid for 30 minutes from the time it was created. The 30 minute expiration counter is refreshed with each call.
- If you send a request with an expired session token you'll receive an error code of
4011.
curl -i https://int-data.moneydesktop.com/accounts \
-H 'MD-SESSION-TOKEN: CWforZl1Vn2vC_v6H4rnQRT1DoWpDouJAV-_5TBmiQRAtA8rsOG_BoajTiOSsL0A3bd-bmHXlA-eQzc9ywItKg' \
-H 'Content-Type: application/vnd.mx.nexus.v1+json' \
-H 'Accept: application/vnd.mx.nexus.v1+json'In documentation code examples, replace <API_KEY_VALUE> with the session token.
Path Parameters
The unique identifier for the job. Defined by MX.
Response
OK

