MX Bank test credentials

MX provides a specialized institution called mxbank that can be used to test different aggregation scenarios with totally safe credentials. Connecting to this institution generates test data for accounts and transactions as well.

Depending on the credentials outlined below, an aggregation will complete successfully or prompt a multi-factor authentication challenge. You can even make the aggregation fail completely to test various invalid responses. Each test credential below describes the error that would be seen by the MX system and what connection status would be returned as a result. Use the update member endpoint to set the appropriate password for your particular test case.

There are no aggregation limits on the mxbank institution, meaning that you can aggregate without worrying about the throttle window applied to other institutions.

mxbank is only available in our integration environment.

Username Password (case sensitive) Connection status Description
mxuser Any value not described below. CONNECTED Successful aggregation with no MFA.
mxuser challenge CHALLENGED Issues an MFA challenge. Answer with correct to simulate a correct MFA response, or use one of the passwords below that simulate a server error. Use anything else to simulate an incorrect answer.
mxuser options CHALLENGED Issues an MFA challenge of the type OPTIONS. Answer with correct to simulate a correct MFA response, or use one of the passwords below that simulate a server error. Use anything else to simulate an incorrect answer.
mxuser image CHALLENGED Issues an MFA challenge of type IMAGE. Issues an MFA challenge. Answer with correct to simulate a correct MFA response, or use one of the passwords below that simulate a server error. Use anything else to simulate an incorrect answer.
mxuser BAD_REQUEST FAILED External server returns a 400 error with the message, “You must fill out the username and password fields.”
mxuser UNAUTHORIZED DENIED External server returns a 401 error with the message, “Invalid credentials.”
mxuser INVALID DENIED External server returns a 401 error with the message, “The login and/or password are invalid.”
mxuser LOCKED LOCKED External server returns a 401 error with the message, “The credentials are valid, but the user is locked.”
mxuser DISABLED DENIED External server returns a 401 error with the message, “The credentials are valid, but the user is locked.” This password may also be used as an MFA answer.
mxuser SERVER_ERROR FAILED External server returns a 500 error with the message, “Internal server error.” This password may also be used as an MFA answer.
mxuser UNAVAILABLE FAILED External server returns a 503 error with the message, “Service is Unavailable.” This password may also be used as an MFA answer.

MX Bank and OAuth

You will only be able to test OAuth flows in the integration environment with MX Bank (OAuth) (institution code: mx_bank_oauth).

When you select MX Bank (OAuth) from search, or load the Connect with it via current_institution_code. You should see the following screen before going to the OAuth provider:

Then you should end up on this page:

From here you can simply click “Authorize” to simulate authorizing and success paths, and “Deny” to simulate an error path.