Skip to main content

Nexus Guide

This guide reflects the current best practices for new partners. An older version of this guide describes a workflow that relies on deprecated endpoints. With a Nexus integration, a partner is capable of leveraging MX's powerful platform to create their own interactive personal financial management experience, on either a desktop or mobile environment. This allows MX partners to create custom applications that use financial data in new and innovative ways. This ensures the user builds a powerful connection with our partner's brand.

A Nexus integration will use these three MX APIs:

  • MDX Real Time API: The MDX Real Time API is used to create a user on the MX Platform.
  • SSO API: The SSO API is used to authenticate a user previously created by the MDX Real Time API. An API token is requested for the user. This API token is used to create a Nexus session. If the request for the API token returns a 404 (Not Found) error, the user does not exist on the MX platform and needs to be created with the Real Time API.
  • Nexus API: The Nexus API is used to access and manipulate core data objects in the MX platform. This is done by opening a Nexus session. The partner will request an API token (using the SSO API), then pass that token to the create session endpoint. That request returns a session token which can be used to make Nexus requests for that user. A Nexus session is always opened for an individual user.

Caching the Institution List and Credentials

Partners have the option to pull a list of institutions using the list institutions endpoint. This returns a CSV file containing the full list of available institutions.

Partners may wish to cache such a list rather than making requests to the search institutions endpoint each time an end user searches for an institution. Institution-required credentials are still required for creating a new member, however. This list should not be cached for more than one day.

Partners may also choose to cache the institution-required credential list to avoid repeated requests to that endpoint, but they should not be cached for more than one day. Partners may prefer to make a request to the institution-required credentials endpoint each time they create a member.

The list of available institutions on the MX platform can change daily as our data providers add and remove support for various institutions. MX tries to maintain the same GUID for an institution whenever possible, but in some cases the GUID will change. The required credentials for an institution can also change, particularly if we move that institution to another data provider. Because of this volatility, partners must refresh any cached institution and credential information at least once a day.

Testing an Integration

To test an integration, partners will need several test accounts. It is best practice for partners to use their own accounts at a supported institution to verify that they have the correct balances, transactions, etc.

MX offers a test institution — called "MX Bank" — that can be used to test aggregation within the MX integration environment. MX Bank is not available in the MX production environment. See the section on test credentials in our "Getting Started" guide for credentials that can be used with MX Bank.

Suggested test scenarios

  • Valid member credentials with no MFA: Create a member of an institution with valid member credentials and no MFA.
  • Invalid member credentials with no MFA**: Create a member of an Institution with invalid member credentials and no MFA.
  • Valid member credentials and valid MFA credentials: Create a member of an institution using valid member credentials and valid MFA credentials.
  • Valid member credentials and invalid MFA credentials: Create a member of an institution using valid member credentials and invalid MFA credentials.
  • Update a member in a DENIED or PREVENTED state caused by invalid member credentials.
  • Options: Create a member of an institution which requires answering the options form of MFA.
  • Captcha: Create a member of an institution which requires answering the captcha form of MFA.
On this page