Topic: Bank of America - ofx problems

It seems (based on lots of not quite random testing) that ofx.bankofamerica.com is completely gone, so any of the BOA entries which use it will fail.  The only ones which will work use eftx.bankofamerica.com.  However, at least for me, that address started giving name/password errors this week, without name or password having changed, and still working for web login.  I'm wondering if they are again trying to discontinue ofx direct connect, but I can't get any useful information out of customer service.

2 (edited by vfdhgt 2017-09-29 17:00:19)

Re: Bank of America - ofx problems

Try setting the ofxVer to 103 (QBW, 2300). We only use the eftx link. That solved some problems for us, but a few accounts still aren't working.

Re: Bank of America - ofx problems

Thanks for that suggestion.  For me, changing the header version from 102 to 103 allowed successful download.  I'm still identifying as Quicken 2014 which is QWIN2300.  I did note on the BOA website that they were requiring update to Quicken 2015, but they seem not to be enforcing that yet.

Re: Bank of America - ofx problems

I'm new to ofx, trying to see if I can get it to work with Bank of America. I'm using the etfx address, and am getting back "invalid username/password."

For now, I'm trying this using the Python ofxclient command-line program. I took a look at the request it's sending, and saw that the header version was 102 so I changed that to 103 as discussed on this forum, but it still returned the same error. I checked appid/appver and those are QWIN 2500 which I believe is Quicken 2016. It seems like that should be okay... Any suggestions?

Re: Bank of America - ofx problems

Yes, they made one more change recently.  You need to use CLIENTUID.  If you look through other posts on BOA here you should find the details.  Essentially, you neeed to make one request which includes the CLIENTUID (essentially a random hex string (i have to look up the length every time - maybe 16 characters?) and then log in to the web site to confirm it was you who made the request.  After that, as long as the request includes the CLIENTUID, it should work.  The fact that they give a bad name/password error is simply misleading, but not surprising.

Re: Bank of America - ofx problems

Thanks, that worked. I see that the when you log into the web site after your first OFX request (which fails), it actually tells you that you tried to access your account using some software (OFX client) and that you should repeat your request within the next ten minutes to authorize it.

Re: Bank of America - ofx problems

How did you provide CLIENTUID?  When I try to add <CLIENTUID> tag, I get 400 error.  Without <CLIENTUID> I get invalid username/password.

OFXHEADER:100
DATA:OFXSGML
VERSION:103
SECURITY:NONE
ENCODING:USASCII
CHARSET:1252
COMPRESSION:NONE
OLDFILEUID:NONE
NEWFILEUID:NONE

<OFX>
<SIGNONMSGSRQV1>
<SONRQ>
<DTCLIENT>20171023</DTCLIENT>
<USERID>*****</USERID>
<USERPASS>*****</USERPASS>
<CLIENTUID>22576921-8E39-4A82-9E3E-EDDB121ADDEE</CLIENTUID>
<LANGUAGE>ENG</LANGUAGE>
<FI>
<ORG>HAN</ORG>
<FID>5959</FID>
</FI>
<APPID>QBW</APPID>
<APPVER>1800</APPVER>
</SONRQ>
</SIGNONMSGSRQV1>
</OFX>

Re: Bank of America - ofx problems

It looks like the only possibly relevant looking thing that's different in my request is the position of the CLIENTUID - it's right after the APPID and APPVER. Here's my request (sorry it might be a little hard to read, I notice that the library I'm using doesn't put in most end tags):

OFXHEADER:100
DATA:OFXSGML
VERSION:103
SECURITY:NONE
ENCODING:USASCII
CHARSET:1252
COMPRESSION:NONE
OLDFILEUID:NONE
NEWFILEUID:f315e6690df84339949f0188ad0e07f4

<OFX>
<SIGNONMSGSRQV1>
<SONRQ>
<DTCLIENT>20171024145515
<USERID>*****
<USERPASS>*****
<LANGUAGE>ENG
<FI>
<ORG>HAN
<FID>5959
</FI>
<APPID>QWIN
<APPVER>2500
<CLIENTUID>8ad8df41796f4798bee8fac588c0eace
</SONRQ>
</SIGNONMSGSRQV1>
</OFX>

Re: Bank of America - ofx problems

It is also possible that the clientuid must be in lower case.  It doesn't make much sense, but I found that on a gnucash wiki, although for a different bank.

Re: Bank of America - ofx problems

benjamin wrote:

It looks like the only possibly relevant looking thing that's different in my request is the position of the CLIENTUID - it's right after the APPID and APPVER. Here's my request (sorry it might be a little hard to read, I notice that the library I'm using doesn't put in most end tags):

That was it.  Once I moved CLIENTUID after APPVER, it no longer gave me an error.  Still complains about invalid username/pass though.

Re: Bank of America - ofx problems

Yes, I think the username/password complaint is normal the first time. After you get that, log into the Bank of America online banking web site and then within ten minutes of doing that, try your OFX request again. I think it should work every time after that as long as you keep the same CLIENTUID.

Note that you can't skip the initial attempt that fails - that's what tells it what CLIENTUID you are validating by logging into online banking.

Re: Bank of America - ofx problems

Hi,

I have tried all the suggestions in this thread, but I still get Invalid username/password combination has been entered.  Please try again or sign-in to bankofamerica.com to restore your connection from your computer.

When you say log into your Bank of America online web, do you mean login with a browser?

here is my request:
OFXHEADER:100
DATA:OFXSGML
VERSION:103
SECURITY:NONE
ENCODING:USASCII
CHARSET:1252
COMPRESSION:NONE
OLDFILEUID:NONE
NEWFILEUID:3cece6f5-e7c6-49ce-a633-321c1557e251

<OFX>
<SIGNONMSGSRQV1>
<SONRQ>
<DTCLIENT>20171023
<USERID>****
<USERPASS>****
<LANGUAGE>ENG
<FI>
<ORG>HAN
<FID>5959
</FI>
<APPID>QBW
<APPVER>1800
<CLIENTUID>adf2ffbe-c7d0-42b6-a7d8-f63941a55bce
</SONRQ>
</SIGNONMSGSRQV1>
<SIGNUPMSGSRQV1>
<ACCTINFOTRNRQ>
<TRNUID>186ea20b-e252-4b8a-894e-b7dbbd427d26
<CLTCOOKIE>1
<ACCTINFORQ>
<DTACCTUP>19700101000000
</ACCTINFORQ>
</ACCTINFOTRNRQ>
</SIGNUPMSGSRQV1>
</OFX>

Re: Bank of America - ofx problems

Yes, you need to make the first OFX connection with the CLIENTUID, and then log into the web site using a normal browser, then retry the OFX connection.  It's been so long since I've done it, I've forgotten whether simply logging on is enough, or if they prompt you to confirm something about having set up the direct data download, or just notify you about it.  There is a time limit between each of those connections, or you have to start again.  From earlier posts in this thread, that appears to be ten minutes.

Re: Bank of America - ofx problems

I tried several times but still, I am getting the same error. Not sure what I am missing. Is there any specific value I should use for CLIENTUID?

I am wondering how Mint and Quickbook connects to Banks that dosen't require you to log into your bank separately. Do you know how?

Re: Bank of America - ofx problems

Try without the dashes in the clientuuid.

Re: Bank of America - ofx problems

You don't need any specific value for CLIENTUID, in fact you want to generate it yourself so it's different from anyone else's. The important thing is just that you use the same CLIENTUID for each request. (When you log into the bank after the first try, you're authorizing that speficic CLIENTUID.)

17 (edited by mohsen.vafa 2018-09-07 16:15:23)

Re: Bank of America - ofx problems

benjamin wrote:

You don't need any specific value for CLIENTUID, in fact you want to generate it yourself so it's different from anyone else's. The important thing is just that you use the same CLIENTUID for each request. (When you log into the bank after the first try, you're authorizing that speficic CLIENTUID.)

I tried without dash, and still it is not working. I don't know what I am missing. In order to isloate my problem, I create a Postman request and send the request outside my code. In fact I could get my statement by Postman from AmericaExpress and CITI, but BOA still returns me that error. I logged in to bankofamerica.com from different browser and still no luck. When I log into the bank, do I need to send the CLIENTUID in somehow?

If you want I can send my Postman request and you try in see if it is working in your side.
Here is the Screen Shot of my post man

https://drive.google.com/file/d/1ztvdBE … sp=sharing

Re: Bank of America - ofx problems

mohsen.vafa:  I think you need to be more clear about exactly what you are trying, as your posts have only partial information.  The process is that you need to send an ofx request which includes the clientuuid.  You will get a rejection, but the error SHOULD say something about logging on to the web site.  Then you need to use a browser to log in to your account, and it should have you confirm that you tried to set up the direct connect access.  (It has been so long since I did it, I have forgotten the exact terminology they use.)  Once that is complete, than you need to resubmit the original ofx request, and it should succeed. 

Also - in your link, the clientuuid starts with xxxx.  Was that just changing it before posting?  That's OK, but if that's what youactually submitted, I don't think it will work, as that field is hex.

Re: Bank of America - ofx problems

yes that's a dummy clientuid, it will be changed before sending.

So if BOA requires login to BOA account in a browser, I am wondering how mint and quickbook works, because they never require me to login to my BOA account.

I am trying to build a web application which is similar to quickbook. I cannot force my users to login to their BOA account. Do you know anything about this?