Well, I tested plaid last night. https://plaid.com/pricing
It worked without a hitch with my bank (Patelco). It works like this:
- You create an account with plaid and get API keys.
- Do this once:
Using python (in my case, but there are other options) you run a local
web server on your machine (code provided by plaid) which you can then
go to using a browser. Using this server you log into your bank and get
an *access token *for that bank. In my case that required two factor
authentication (password then an email or text to my phone). I believe
getting the access_token is a one-time thing, but I'm not sure how long
that access_token remains valid.
- Back into python, you can make a one line call to the plaid api
*client.Transactions.get() *passing the access token, start and end
date, and you get a python dictionary that includes all your accounts at
that bank, and all the transactions for all accounts between these two
dates.
In my case, the response was lightning fast and the data seemed right.
The output returned is a dictionary, so in order to send that to GC,
you'd need to save that as an OFX or some other format that can be
imported, which will require a tiny bit of python code.
Apparently, according to plaid's web site, the free API keys allow you
to have 100 "items", where an item is a "set of credentials at a
financial institution". The way I read this is you can have up to 100
simultaneous banks associated with your API keys. That should be more
than enough!
The way it works, if I'm not mistaken, plaid downloads the data from the
bank on a regular basis (even if you don't do anything) and when you
call the API, you don't connect to your bank, but rather you get the
data that plaid holds. The data includes account numbers, etc, so this
means that this data is now on plaid's servers, and some of you guys may
not like that one bit.
Also, one thing I don't know is how long the access_token is valid for.
I reused the one I got last night this morning, and it worked. I have to
guess that the access token remains valid for a while.
So it seems to me that this would be a viable solution for me.
Jean
On 6/16/2020 8:08 PM, John Ralls wrote:
On Jun 16, 2020, at 2:23 PM, Jean Laroche <rip...@gmail.com> wrote:
People,
In the past week, my credit union (Patelco) retired their OFX server which
means it's no longer possible to download transactions using OFX. You can still
do it manually by logging into your account etc, but it's no longer possible to
use tools like ofxclient, ofxget and probably aqbank as they all rely on the
same data.
I've contacted them and asked them to reconsider but I'm not holding my breath.
So my question is: What alternative is there?
Are there 3rd party tools, aggregation services that can gather the
transactions, from which it's possible to download into GC?
At the moment, I'm using selenium (a tool to automate your browser) to do the
various clicks required to download my transactions, but that's very fragile...
Of course, I can also switch bank.
Jean,
From
https://www.patelco.org/-/media/patelco/pdfs/member-support/digital-banking-services/express-web-connect_windows.pdf
it looks like they switched to OFX Web Connect. Unfortunately that's been the
trend for the last 10 years, and I imagine that it's an easy sell to the banks
considering the weak security offered by OFX Direct Connect. That also means
that switching banks is at best a short-term solution because of that trend:
The new bank is likely to do the same thing sooner or later.
I think the only really feasible workaround is to reverse-engineer the Web
Connect authentication. That would mean installing Quicken and setting up and
using OFX Web Connect while monitoring the traffic with wireshark.
https://redflagsecurity.net/2019/03/10/decrypting-tls-wireshark/ might be
helpful for decrypting the authentication traffic with the browser. No doubt
the quicken connection will also be encrypted so you'll need to find the keys
for that too to be able to interpret the traffic--and working out the key
exchange between Quicken and the bank will also be necessary. Frankly I would
expect a low probability of success without help from a crypto expert.
Regards,
John Ralls
_______________________________________________
gnucash-devel mailing list
gnucash-devel@gnucash.org
https://lists.gnucash.org/mailman/listinfo/gnucash-devel
