Well, days/weeks after my previous post, my BOA accounts started working again for OFX Direct Connect downloads. They had no clue what might have changed. Anyway - as of today, any attempt gets me "Could not connect to host eftx.bankofamerica.com: Connection refused." so maybe they finally shut down the servers like Chase did.
My little understanding is that with EWC+ (just like EWC) Intuit actually gets your data from the bank, and you get it from Intuit. They claim added security of the plus in that Intuit does not need your login credentials to the bank. When you set it up, you log in to the bank and authorize them to send the info to Intuit. (It sounds a bit like OAUTH2 to me.) In terms of using Quicken, I don't see much change. However, I do not use Quicken.
For me, the problem is two-fold. First, I don't want Intuit having any of my financial data, I much prefer a direct connection (as OFX Direct Connect) from an application running on my PC directly to the bank. The bank no longer supporting Direct Connect means that only large firms like Intuit will be able to support the necessary agreements wtih the banks (not just BOA) making it essentially impossible for easy data download by any FLOSS application. The bank, in the name of simplicity for them, using security as an excuse, is trying to force me to use an overpriced proprietary software instead of Free and Open Source software. I'd consider switching banks (and I might do anyway) but my suspicion is that it's a lost cause, and most or all banks will end up going the same direction.
New problem as of past few days. For both by checking and credit card account, I get
There has been an error with your session. Please call your Customer Service Representative with reference number 20130. (that for CC, for checking the number is 20114.)
BOA Customer Support could only find that OFX Direct Connect (based on best understanding of whatever exact words she was reading from her source) was going to be discontinued in October, and might already have been discontinued in some cases. She had no answer why I hadn't received any notice of this change. She did provide me an 800 number for some other group who supposedly could help, but when I called (they were not available on Sunday) it turned out to be Intuit, so I didn't bother, as I'm quite sure they will just say "unsupported software." (I'm using KMyMoney.)
I'm also now waiting for a return message from my BOA contact, but I'm not very hopeful, as that route has not been very helpful with technical issues in the past.
inzolo: you need to provide a bit more information. What makes you think they are blocking the IP address, as opposed to failing for some other reason? I won't say they are not blocking, but it doesn't strike me as likely.
Are you using a CLIENTUUID? Have you tried identifying as a different client or different year? (I wouldn't think it should matter, but little with this stuff ends up making much sense.)
The entry for Hudson Valley FCU shows the validation of teh URL has been failing for three and a half years. Some googling suggests they might have replaced "internetbanking" with just "ib" in the ofx url, but I have no good way to test. Simply changing the URL in KMyMoney for example, gives me a 'no accounts available' error - but as I don't have have any accounts there, I don't know if that is the right response, or it just reflects not finding anything i n the response (which looks like HTML to me, not OFX).
Go figure. I changed the appid from Quicken 2016 to MS-Money 2007, and it works. It makes no sense to me, but it seems reasonably par for the course.
I've been using KMyMoney and libofx to download my Merril Lynch data for years - both checking and investment accounts. Today, every account gives me an ofx 400 error. I see no errors or alerts logging into their web site. There are some other threads here about 400 errors (ofx errors, not http errors) but no real resolution for any of them, and many seem related to trying to upload data. Is anyone else have problems or success with ML?
Also, looking at the ML page in the directory, the URL is www.joineei.com and the email is firstname.lastname@example.org. I suppose Enterprise Engineering, Inc could well be providing ML with their OFX server software, but I would still expect that information to point to ML web sites and email. Is this intentional, or perphaps related to some automation involved in validating the connections?
Re: Finding a credit card company (Visa or MC) That will issue an OFX file (1 replies, posted in Institution Data)
Sorry it's a year later, but in the US, almost all credit card issuers will let you download OFX files (although some call them QFX.) I'm pretty sure that many if not most European banks also do that. You might want to check with the mailing list or forum support for some financial application (either Free/Open Source or commercial) which uses OFX, as there should probably be discussions about which banks are friendly or not towards OFX.
Well, it''s now three and a half years later, and I must have given up then, because I'm having the same problem again now. However, in the error message after logging in at the .../quicken page, I get "Insertion into EEPM failed." which produces nothing useful on Google. I also point out that the initial connection fails if you include a ClientUUID, but not if you don't. (It still fails, but with the message to go to the ..../quicken page).
Has anyone succeeded in getting ofxdirect connect to work with Ameriprise?
mohsen.vafa: I think you need to be more clear about exactly what you are trying, as your posts have only partial information. The process is that you need to send an ofx request which includes the clientuuid. You will get a rejection, but the error SHOULD say something about logging on to the web site. Then you need to use a browser to log in to your account, and it should have you confirm that you tried to set up the direct connect access. (It has been so long since I did it, I have forgotten the exact terminology they use.) Once that is complete, than you need to resubmit the original ofx request, and it should succeed.
Also - in your link, the clientuuid starts with xxxx. Was that just changing it before posting? That's OK, but if that's what youactually submitted, I don't think it will work, as that field is hex.
Try without the dashes in the clientuuid.
Yes, you need to make the first OFX connection with the CLIENTUID, and then log into the web site using a normal browser, then retry the OFX connection. It's been so long since I've done it, I've forgotten whether simply logging on is enough, or if they prompt you to confirm something about having set up the direct data download, or just notify you about it. There is a time limit between each of those connections, or you have to start again. From earlier posts in this thread, that appears to be ten minutes.
It is also possible that the clientuid must be in lower case. It doesn't make much sense, but I found that on a gnucash wiki, although for a different bank.
Are you certain that message alone is valid? Some of the posts I have found suggeste 400 is invalid syntax (I'm confused between that the the too long values issue) but without a specific request of some sort, it might be an invalid request. Any idea what the request is to provide a list of valid accounts to map? That might be the simplest to implement.
Also - try making teh clientuid lower case. (just found on the gnucash wiki)
libofx uses a non-none newfileuid, but I doubt that is the cause of the problem. What I do find odd is that the posts I find about error 400 say it is a length limit of some field. Even though vfdhgt had success including hyphens, try removing them from the CLIENTUID, just to see if it makes a difference.
Also - just to be sure, is that the entire message, or is there more? From the little OFX I know, that doesn't seem to be actually requesting anything from the bank. (I may well be wrong here.)
Yes, they made one more change recently. You need to use CLIENTUID. If you look through other posts on BOA here you should find the details. Essentially, you neeed to make one request which includes the CLIENTUID (essentially a random hex string (i have to look up the length every time - maybe 16 characters?) and then log in to the web site to confirm it was you who made the request. After that, as long as the request includes the CLIENTUID, it should work. The fact that they give a bad name/password error is simply misleading, but not surprising.
Well, I added a CLIENTUID, and got a different error (2000?) but the website made me go through the log in again and confirm Quicken access, then reconnect with Quicken within 10 minutes. Now it works again (credit card only, I don't have other BOA accounts.) This pattern is the same we went through with Chase last year, so it seems that CLIENTUID is now required. I didn't do the programming myself, but from what I remember, the changes aren't really that involved.
Have you switched to ofx header version 103, per other threads on this forum?
https://microsoftmoneyoffline.wordpress … id-appver/ has a list of Quicken versions and QWIN numbers. For the most part, QWIN seems to advance by 100 per year, except for 2011-2012 where it jumped by 200. I am still using QWIN2300 with a consumer credit card BOA account, and it is working.
I took a quick look at the ISO 20022 XML page, and I already have a headache. :-) It looks like it is something to at least keep an eye on, unless you actually are forced into using it sooner rather than later. CashPro looks like BOA's foray into that field - but it's not clear whether they will treat it as a standards based communication with anyone who follows the standard, or if they bought the software from somewhere, and will only support you if you also bought your software from the same vendor. You can probably guess what I predict.
Per your last sentence - if anyone at BOA has ANYTHING useful to say, I'll be very surprised. They seem to go out of their way to not be helpful.
For me, just changing the version header from 102 to 103 worked. From lots of searching yesterday, I think there may be differences between Quicken and Quickbooks, and between consumer and commercial accounts.
Also, if there is something that requires confirmation on the website, they may have done or plan to do what Chase did a few months ago, which is to require use of the CLIENTUID field. The first time you make a request with that field set, you then have to log into the web site to confirm it was really you. After that, as long as you include the CLIENTUID in any request, it should work fine. The problem is that not all software is set up to handle that field. It was only relatively recently added to libofx, about the time Chase started requiring it.
Thanks for that suggestion. For me, changing the header version from 102 to 103 allowed successful download. I'm still identifying as Quicken 2014 which is QWIN2300. I did note on the BOA website that they were requiring update to Quicken 2015, but they seem not to be enforcing that yet.
Re: Acc was trying to setup Ulster Bank Ltd Ireland, 'allows manual' ofx (1 replies, posted in Institution Data)
When the bank talks about manual export, they mean you have to log on to the website with a browser, and then request download of transactions. There is frequently a "download" button or link above or next to the display of transactions. You then download a file with the information, and manually import that into your software. That is completely different from ofx direct connect, which is what this site is about. By telling to to manually download, they are saying they do not support direct connect.
It seems (in June) they discontinued direct connect, and then started it working again. it seems like they may have again discontinued it. Web connect is completely different from direct connect. With direct connect, your software talks directly to the bank. With web connect, you log into the banks web site, request download of the transactions, you download the data as a file, and then have your software import that file. Much less convenient. It's not clear if this is due to any pressure from Intuit, or the bank's (are there any others?) response to fed pressure to increase security with things like MFA.