Thanks Jean for this...might be a great resource for all of us. It would be nice to not have to leverage a webserver on the client side and just call the API. Is that possible? Might be a lot simpler. Then the only real task is converting to OFX or CSV.
Michael On Thu, Jun 18, 2020 at 10:46 AM jean laroche <rip...@gmail.com> wrote: > Well, I tested plaid last night. https://plaid.com/pricing > It worked without a hitch with my bank (Patelco). It works like this: > - You create an account with plaid and get API keys. > - Do this once: > Using python (in my case, but there are other options) you run a local > web server on your machine (code provided by plaid) which you can then > go to using a browser. Using this server you log into your bank and get > an *access token *for that bank. In my case that required two factor > authentication (password then an email or text to my phone). I believe > getting the access_token is a one-time thing, but I'm not sure how long > that access_token remains valid. > - Back into python, you can make a one line call to the plaid api > *client.Transactions.get() *passing the access token, start and end > date, and you get a python dictionary that includes all your accounts at > that bank, and all the transactions for all accounts between these two > dates. > > In my case, the response was lightning fast and the data seemed right. > The output returned is a dictionary, so in order to send that to GC, > you'd need to save that as an OFX or some other format that can be > imported, which will require a tiny bit of python code. > > Apparently, according to plaid's web site, the free API keys allow you > to have 100 "items", where an item is a "set of credentials at a > financial institution". The way I read this is you can have up to 100 > simultaneous banks associated with your API keys. That should be more > than enough! > > The way it works, if I'm not mistaken, plaid downloads the data from the > bank on a regular basis (even if you don't do anything) and when you > call the API, you don't connect to your bank, but rather you get the > data that plaid holds. The data includes account numbers, etc, so this > means that this data is now on plaid's servers, and some of you guys may > not like that one bit. > Also, one thing I don't know is how long the access_token is valid for. > I reused the one I got last night this morning, and it worked. I have to > guess that the access token remains valid for a while. > > So it seems to me that this would be a viable solution for me. > Jean > > > On 6/16/2020 8:08 PM, John Ralls wrote: > > > >> On Jun 16, 2020, at 2:23 PM, Jean Laroche <rip...@gmail.com> wrote: > >> > >> People, > >> In the past week, my credit union (Patelco) retired their OFX server > which means it's no longer possible to download transactions using OFX. You > can still do it manually by logging into your account etc, but it's no > longer possible to use tools like ofxclient, ofxget and probably aqbank as > they all rely on the same data. > >> I've contacted them and asked them to reconsider but I'm not holding my > breath. > >> So my question is: What alternative is there? > >> Are there 3rd party tools, aggregation services that can gather the > transactions, from which it's possible to download into GC? > >> > >> At the moment, I'm using selenium (a tool to automate your browser) to > do the various clicks required to download my transactions, but that's very > fragile... > >> Of course, I can also switch bank. > > Jean, > > > > From > https://www.patelco.org/-/media/patelco/pdfs/member-support/digital-banking-services/express-web-connect_windows.pdf > it looks like they switched to OFX Web Connect. Unfortunately that's been > the trend for the last 10 years, and I imagine that it's an easy sell to > the banks considering the weak security offered by OFX Direct Connect. That > also means that switching banks is at best a short-term solution because of > that trend: The new bank is likely to do the same thing sooner or later. > > > > I think the only really feasible workaround is to reverse-engineer the > Web Connect authentication. That would mean installing Quicken and setting > up and using OFX Web Connect while monitoring the traffic with wireshark. > https://redflagsecurity.net/2019/03/10/decrypting-tls-wireshark/ might be > helpful for decrypting the authentication traffic with the browser. No > doubt the quicken connection will also be encrypted so you'll need to find > the keys for that too to be able to interpret the traffic--and working out > the key exchange between Quicken and the bank will also be necessary. > Frankly I would expect a low probability of success without help from a > crypto expert. > > > > Regards, > > John Ralls > > > > _______________________________________________ > gnucash-devel mailing list > gnucash-devel@gnucash.org > https://lists.gnucash.org/mailman/listinfo/gnucash-devel > _______________________________________________ gnucash-devel mailing list gnucash-devel@gnucash.org https://lists.gnucash.org/mailman/listinfo/gnucash-devel
