Below is what I've received from Yodlee on how to remedy immediate 523 errors during a refresh:
First call getMfaQuestionsAndAnswersForItem API to get the Q&A for the account that are stored in Yodlee.
Then call updateMfaAnswersForItem API to update answers for the questions returned in getMfaQuestionsAndAnswersForItem API.
The above call will update the user's Q&A at Yodlee end. Once updated, Your technical team need to initiate the refresh the same way you are doing currently i.e. first call getMfaQuestionsAndAnswersForItem
API and then putMFARequest.
However after the first two steps it becomes a little unclear. After calling updateMfaAnswersForItem do we then perform a refresh (RefreshService.startRefresh5 call) and then jump into the MFA flow (getMfaQuestionsAndAnswersForItem then putMFARequest) or do we have to immediately jump into the MFA flow of getMfaQuestionsAndAnswersForItem and then putMFARequest?
There are two ways to handle 523 -
After the above mentioned 2 API calls. Trigger a refresh using startRefresh API and then go to MFA flow.
OR
Directly trigger a refresh using API and then go to MFA flow. This will provide you with the MFA questions , which answered correctly will result in a successful refresh.
Related
Here is the scenario:
User logins to the bank successfully (via Fastlink)
Right after user logs in, I get user's provider_accounts (via /providerAccounts API)
Then when I call to get the accounts, (via /accounts) I sometimes get empty response (zero accounts found?)
When I try later (seconds or minutes after) I get some accounts information back.
Is this because Yodlee is still trying to gather account information when I'm making /accounts api call?
This is because the accounts are still being added/linked.
Using the requestId and providerAccountId provided by FastLink callback, you need to poll continuously to know the refresh status of the account linking process and once it's done, you can call the get accounts.
Read more about the refresh status in the "Add/Update Account Process Status" section.
Yodlee makes things easier now with webhooks. Read more here:
Using Webhooks with the Yodlee Core API
TL/DR: You need to wait for the add/link completion before retrieving the accounts.
I have been reading Yodlee Docs at https://developer.yodlee.com/Yodlee_API/Webhooks for implementing webhooks
What i did is, first registered a webhook for one of my users using following end point
POST /{cobrandName}/v1/cobrand/config/notifications/events/{eventName}
Then i triggered a refresh for one of the account using following endpoint POST /{cobrandName}/v1/refresh
But seems that Yodlee doesnt hit my URL when refresh is completed or there is an error in refresh.
I also tried to add an account using FastLink to see if Yodlee hits my URL when an account is added. But it doesn't. I am not sure what exactly is the problem. Can you please help?
Although i have a dobt - Does the webhook hit only if add/edit/refresh account was done using the API and not FastLInk provided by yodlee?
I am using Account Agreegation API and Developer account for testing.
Webhook event notifications will work only when you try to add the account using YSL APIs (manually).It doesn't work with FastLink. I have been informed by Yodlee Support. They also informed me that till date they don't have any client using webhook service, which was bit scary to know.
Please find a simple example to use webhooks-
1)Subscribe event using this URL- http://webhook.info/post/FLQLMZMFJI
2)Initiate add account process
3)Open the following URL and find the refresh notifications -
http://webhook.info/#/watch/FLQLMZMFJI
Please note: As you have subscribed for webhook event now. Please unsubscribe first using
DELETE /{cobrandName}/v1/cobrand/config/notifications/events/{eventName}
Delete Subscription
Apologies if this question has already been asked.
I have followed this guide to create a script that will bulk delete members from a specified Yammer group and I have this working perfectly.
The process used at the minute is obtaining a token for a user, then using that token to remove the user from the group, which takes two API calls.
My question is about "sleeping" to avoid tripping the rate limiter. On the documentation for the Yammer API rate limits (link) it states that "rate limits are per user per app".
In another stackoverflow question (link) it's mentioned that in this context, the user refers to the user token.
Since in my script, I'm only using a single API call per user token (to remove the user from the group), is it necessary implement a sleep to avoid tripping the limit?
I'm also wondering whether the API call to retrieve the token for a user may possibly trip the limiter since it's called using the admin token?
I've run a few tests removing 52 users from a group using a script without any "sleeps" and it completed successfully in around 27 seconds, just trying to understand why this didn't break the limiter.
Thanks in advance!
is it necessary implement a sleep to avoid tripping the limit?
Yes, the admin user (or token if you like) could trip the limit in this case. To be on the safe side, that is, to avoid your app from being (manually or automatically) blocked, you shouldn't make more than request per second to Yammer endpoints that are categorised under "Other Resources". That's the Official guideline.
According to the documentation the paypal payment method should be able to do Authorization & Capture just fine. The following excerpt under the PayPal authorizations excerpt specifically states how to go about it:
First get payment approval and execute the payment as you normally would do for a PayPal payment. Once you successfully execute on the payment authorization, PayPal responds with a new set of HATEOAS links, including a capture link that you use to capture the payment.
So if im following correctly the flow for doing Authorize & Capture is as follows:
Create a Payment
Redirect User to HATEOAS link approval_url to get them to sign into paypal.
Be returned to success (or cancel, but not in this example) link.
Get the Payment to see what's changed, get the shipping address / etc....
Let the customer review the details
Execute The Payment to commit to the hold on funds.
At this point an AuthorizationID / HATEOAS Link should hold information about the authorization.
Some time later use the authorization ID to Capture, and voila, we're done.
Now this is all fine and dandy, but in my tests on the sandbox environment I'm having trouble retrieving the authorization ID anywhere.
Here's my HATEOAS Links I receive from my Execute Step:
As you can see, only the self reference is returned, according to the documentation there should be one capture link at the least that should have the authorizationID in it.
Also, nowhere in the response body is any authorization ID. However, If I look at the payment in my sandbox paypal dashboard:
And once I drill down into it:
Sure enough if I call the Authorization.Capture API call against 8B633793L37511009 it captures as you would expect. However I can't find a programmatic way to determine this number.
How am I supposed to store the authorization number so my tooling can capture later when our business conditions have been met?
In the beggining, when you create the payment with intent authorize you should be getting an authorization object within the response. This object has the id you need for the capture later.
Check this blog post to see if you're missing something fundamental in the picture.
I followed the tutorial and executed the sample requests via curl. As you can see, I got the authorization id under transactions->related resources->authorization->id
Then I used the id in the URL and successfully captured the payment.
Hope this helps, if it doesn't, please elaborate and maybe I will be able to help you further. Good luck!
I'm creating a tool for a person to login into their google+ account and to lists all communities they were created or joined. I had googling around for a day and read google+ api references, but I couldn't find any information on:
Url of the API for accessing user's created or joined comminities,
Request parameters to perform such query
My tool has already succeed to perform oauth login and get access_token and ready to make any API call, But now I'm stuck trying to find the right Url and requirements to perform the API call as I wanted.
Please help
There currently is no API method to do this. If you would like to see such a feature added, you can star this feature request.