I may have to download some of these tools to see if we can debug how they are changing their requests to satisfy the new chances Citi has put in place.
Edit: I see that moneywell is working for getting the transactions following the procedure above. However, I don't see a way to identifying what the software is doing to satisfy the server from an OFX point of view.
Edit2: Okay, so I was able to get this working using pure OFX. Citi now requires a CLIENTUID to be passed with your request. Which means you need to have a unique identifier that you consistently use in order to get the transactions on the backend.
So in the past you could send the following for a signon request:
<SONRQ><DTCLIENT>20190918<USERID>ExampleUser<USERPASS>*******<LANGUAGE>ENG<FI><ORG>Citigroup<FID>24909</FI><APPID>QWIN<APPVER>2500</SONRQ>
Now you need to include CLIENTUID like:
<SONRQ><DTCLIENT>20190918<USERID>ExampleUser<USERPASS>*******<CLIENTUID>22576921-8E39-4A82-9E3E-EDDB121ADDEE</CLIENTUID><LANGUAGE>ENG<FI><ORG>Citigroup<FID>24909</FI><APPID>QWIN<APPVER>2500</SONRQ>
Also, this change only worked if you use the https://mobilesoa.citi.com/CitiOFXInterface URL
So I'm able to pull transactions again. Thanks for the help.