Topic: Unable to access Bank of America account

I am trying to access my Bank of America account, and getting incorrect credentials message in SignOn. However I am successfully able to access the bank account via bank website using the same user name and password I am passing.

OFX URL i am using is: https://eftx.bankofamerica.com/eftxweb/access.ofx

Request Data:
==============
OFXHEADER:100
DATA:OFXSGML
VERSION:102
SECURITY:NONE
ENCODING:USASCII
CHARSET:1252
COMPRESSION:NONE
OLDFILEUID:NONE
NEWFILEUID:NONE

<OFX>
<SIGNONMSGSRQV1>
<SONRQ>
<DTCLIENT>20170622145128</DTCLIENT>
<USERID>*******</USERID>
<USERPASS>*******</USERPASS>
<LANGUAGE>ENG</LANGUAGE>
<APPID>QWIN</APPID>
<APPVER>2000</APPVER>
</SONRQ>
</SIGNONMSGSRQV1>
</OFX>


Response Data:
==============
OFXHEADER:100
DATA:OFXSGML
VERSION:102
SECURITY:NONE
ENCODING:USASCII
CHARSET:1252
COMPRESSION:NONE
OLDFILEUID:NONE
NEWFILEUID:NONE

<OFX><SIGNONMSGSRSV1><SONRS><STATUS><CODE>15500<SEVERITY>ERROR<MESSAGE>An incorrect username/password combination has been entered. Please try again.</STATUS><DTSERVER>20170622092130<LANGUAGE>ENG</SONRS></SIGNONMSGSRSV1></OFX>

Re: Unable to access Bank of America account

Hi
I'm running into the same problem connecting to BoA.
Here's my connect values:
FI Id: 5959
FI Org: HAN
FI Url: https://eftx.bankofamerica.com/eftxweb/access.ofx
OFX Version: 102
Application ID: QWIN
Application Ver: 2400
HTTP Header Ver: 1.1
Error Msg: 17:10:33 Status for signon request: Signon invalid (Code 15500, severity "ERROR")
The user cannot signon because he or she entered an invalid user ID or password.

I have verified that my ID/PW for BoA website is correct and I can download my transactions with Quicken using them.
After talking to BoA today they indicated that Direct Connect is no longer available (but is grandfathered for some) and that Web Connect is the replacement.
Can anyone tell us whether or not BoA WebConnect uses OFX?
Similarly is the URL above ONLY DirectConnect?
Thanks,

Re: Unable to access Bank of America account

It seems (in June) they discontinued direct connect, and then started it working again.  it seems like they may have again discontinued it.  Web connect is completely different from direct connect.  With direct connect, your software talks directly to the bank.  With web connect, you log into the banks web site, request download of the transactions, you download the data as a file, and then have your software import that file.  Much less convenient.  It's not clear if this is due to any pressure from Intuit, or the bank's (are there any others?) response to fed pressure to increase security with things like MFA.

4 (edited by vfdhgt 2017-09-29 17:06:05)

Re: Unable to access Bank of America account

That's what we were told after going through several layers of customer support. They changed their sign-on method and it now requires confirmation on the website as the connection is initiated.

However, when I used Quickbooks to test and checked the logs, I see it's still using the access.ofx link. I did some tweaking and got our custom app to work by changing the ofxVer to 103 (QBW, 2300). I saw this tip off the Chase Bank thread.

Most of our accounts are downloading now but a few aren't. Hope this holds up.

If anyone at BOA can suggest a better fix, it would be extremely helpful.

Re: Unable to access Bank of America account

Per your last sentence - if anyone at BOA has ANYTHING useful to say, I'll be very surprised.  They seem to go out of their way to not be helpful.

For me, just changing the version header from 102 to 103 worked.  From lots of searching yesterday, I think there may be differences between Quicken and Quickbooks, and between consumer and commercial accounts.

Also, if there is something that requires confirmation on the website, they may have done or plan to do what Chase did a few months ago, which is to require use of the CLIENTUID field.  The first time you make a request with that field set, you then have to log into the web site to confirm it was really you.  After that, as long as you include the CLIENTUID in any request, it should work fine.  The problem is that not all software is set up to handle that field.  It was only relatively recently added to libofx, about the time Chase started requiring it.

6 (edited by vfdhgt 2017-10-02 10:09:14)

Re: Unable to access Bank of America account

Good point on the consumer and commercial accounts. I'll try setting it to QWIN2300. We're using euforic/banking.js but I also tested on GnuCash and captin411/ofxclient and both had similar problems.

You mentioned in your other post that they were suggesting to upgrade to Quicken 2015. Would you happen to know how to find the appVer of that?

Thanks for the CLIENTUID info. From what I can tell on corporate accounts, it seems like they are trying to sell a new service called CashPro. They have a dedicated team of people that are supporting it, but it exports into different formats, e.g. ISO 20022 XML camt.052/5, BAI2, CSV, etc. Unfortunately there's no OFX, so it will require a rewrite on our end.

Re: Unable to access Bank of America account

https://microsoftmoneyoffline.wordpress … id-appver/ has a list of Quicken versions and QWIN numbers.  For the most part, QWIN seems to advance by 100 per year, except for 2011-2012 where it jumped by 200.  I am still using QWIN2300 with a consumer credit card BOA account, and it is working.

I took a quick look at the ISO 20022 XML page, and I already have a headache.  :-)  It looks like it is something to at least keep an eye on, unless you actually are forced into using it sooner rather than later.  CashPro looks like BOA's foray into that field - but it's not clear whether they will treat it as a standards based communication with anyone who follows the standard, or if they bought the software from somewhere, and will only support you if you also bought your software from the same vendor. You can probably guess what I predict.

Re: Unable to access Bank of America account

Thanks for the link! Unfortunately for us, it seems they are proceeding with additional upgrades and the 103 header change no longer works for us (I even tried QWIN2300 and multiple other combinations).

I was able to login with Quickbooks 2017, but that required me to go to their website and confirm it. I had to click a button and it gave me 10 minutes to connect. I'm not sure if this means that a CLIENTUID is now required, but unfortunately the software we use doesn't support it anyway.

We talked to a CashPro representative last week, and from what I could tell, the OFX downloading portion falls under their Quickbooks/Quicken team. So they really only support downloading via Intuit software. While their CashPro team is completely different and allows for connections with other custom software.

And from our conversation, they do offer a variety of communication methods to get the XML file, but it requires working with their "Connection Specialist" to set it up. So it looks like it might not be as easy as before, but at least hopefully this means we will have a direct window for technical support.

Re: Unable to access Bank of America account

Well, I added a CLIENTUID, and got a different error (2000?) but the website made me go through the log in again and confirm Quicken access, then reconnect with Quicken within 10 minutes.  Now it works again (credit card only, I don't have other BOA accounts.)  This pattern is the same we went through with Chase last year, so it seems that CLIENTUID is now required.  I didn't do the programming myself, but from what I remember, the changes aren't really that involved.

10 (edited by vfdhgt 2017-10-14 20:59:47)

Re: Unable to access Bank of America account

Thanks ostroffjh. We're going to give this a try.

A question, for the CLIENTUID, it's just 32 characters and no hyphens?

EDIT: I just tried it and used 36 characters (includes hyphens) and it works! We're pretty relieved for now. Just nervous if it will break again.

Re: Unable to access Bank of America account

I'm getting the same invalid username/pass combination.  I'm trying to send CLIENTUID but as soon as I'm inserting that field, I get 400 response.  The request below results in 400.

OFXHEADER:100
DATA:OFXSGML
VERSION:103
SECURITY:NONE
ENCODING:USASCII
CHARSET:1252
COMPRESSION:NONE
OLDFILEUID:NONE
NEWFILEUID:NONE

<OFX>
<SIGNONMSGSRQV1>
<SONRQ>
<DTCLIENT>20171023</DTCLIENT>
<USERID>********</USERID>
<USERPASS>******</USERPASS>
<CLIENTUID>22576921-8E39-4A82-9E3E-EDDB121ADDEE</CLIENTUID>
<LANGUAGE>ENG</LANGUAGE>
<FI>
<ORG>HAN</ORG>
<FID>5959</FID>
</FI>
<APPID>QBW</APPID>
<APPVER>2300</APPVER>
</SONRQ>
</SIGNONMSGSRQV1>
</OFX>

Re: Unable to access Bank of America account

libofx uses a non-none newfileuid, but I doubt that is the cause of the problem.  What I do find odd is that the posts I find about error 400 say it is a length limit of some field.  Even though vfdhgt had success including hyphens, try removing them from the CLIENTUID, just to see if it makes a difference.

Also - just to be sure, is that the entire message, or is there more?  From the little OFX I know, that doesn't seem to be actually requesting anything from the bank.  (I may well be wrong here.)

Re: Unable to access Bank of America account

Also - try making teh clientuid lower case.  (just found on the gnucash wiki)

Re: Unable to access Bank of America account

Making it lower case or removing dashes didn't work.  Still getting 400.

It's the entire message.  I'm just trying to get signon to respond successfully before adding commands.

Re: Unable to access Bank of America account

Are you certain that message alone is valid?  Some of the posts I have found suggeste 400 is invalid syntax (I'm confused between that the the too long values issue) but without a specific request of some sort, it might be an invalid request.  Any idea what the request is to provide a list of valid accounts to map?  That might be the simplest to implement.