I am working with a financial company. We recently did a test of integrating Yodlee's API and allowing connections to the mid tier SQL servers. We noticed their API had 1700 connections for 200 users. Is that normal to have an 8.5 connections for each user? Has anyone else seen this type of behavior?
Yodlee is a SAAS provider, so I am assuming you are referring to the calls made to Yodlee APIs and not DB connections.
It depends on how you integrate Yodlee APIs. The total number of calls made to Yodlee APIs may be 1700 for 200 users depending on the data set you are retrieving from Yodlee.
Related
I am connecting to Xero through their API with OAuth2. In the past I used to create Demo companies on Xero to test the application I was developing.
Every time the Demo company expired I created a new one and reconnected to Xero through the API. This worked for over 6 months of development.
Now Xero is telling me I have hit the 25 connections limit, but as far as I understood, Demo companies are not included in the connection count for the app limit. Where am I going wrong ?
I cannot delete any stored connections as they are live customers and I am not trying to add new customers. I am just trying to connect demo companies to Xero to continue development.
There is only one Xero demo company per Xero login record (which does not expire) and then there are trials which do expire.
The demo company does not count towards the limit.
While trials are active they will count towards the limit.
https://central.xero.com/s/article/Use-the-demo-company
My team is building an app that will require users to connect their financial institution accounts and we've been investigating Yodlee's Developer Platform to help us do so. Seems like a great service, but I've read some dodgy articles in the press about how Yodlee also aggregates and sells that information for a variety of purposes.
Is it possible to opt out of allowing Yodlee to do this? Or does Yodlee require you to share that info in order to use their API services? Do other services like Plaid also do this?
Thanks!
Can't speak for Yodlee, but Plaid (where I work!) offers bank account connections and data services, and we don't sell our data to third parties.
I am using the standard paypal developer API (NVP) to get current inventory levels:
https://api-3t.paypal.com/nvp?METHOD=BMGetInventory&VERSION=95.0&USER=____&PWD=____&SIGNATURE=____&HOSTEDBUTTONID=_____
But, I have a concern... If the api is enabled and the key is compromised somehow, what is the worst case scenario? For example: it looks like it is possible to send payments using the API. Is there a second tier of verification of payments that happens outside the API?
I have spent around 30 minutes researching the topic without any clarity in terms of what kind of financial damage could be done if an api information is compromised.
If your PayPal API credentials are compromised then someone can make API calls on your behalf. This includes sending and/or withdrawing money from your account.
There are some ways to limit the permissions of a PayPal API credential on the pages where you set the credential up, so you might be able to create a key that is somewhat less dangerous. It has changed over time so I can't offer details; google and/or log in to your account and look.
And yes, PayPal has lots of fraud detection that it runs internally on payments, but they have no legal responsibility to figure out that your API has has been stolen and I would strongly recommend not relying on them to save your bacon in such a case.
Protect your keys, especially ones with access to your money.
We built a system where we can access all our clients google analytics. I use Google service accounts to do server calls to google Analytics API and grant access to that service account as a user. Some how there is a limitation where each service account reaches a limit to be added in user accounts. (we have more than 2000 clients).
As of now, I am creating multiple service accounts when ever the previous reaches its limit. What is the solution for this?
Thank You,
The Core Reporting API has a quota limit of of 10,000 requests per view (profile) per day.
I suspect what you are doing is trying to display your Google Analytics data to all of your customers. Which isnt really going to work because of the quoat limit. I recomend that you use your service account to download your data into your own system and then display the stored data to your users.
There is no way to increase this quota limit.
I am developing an application that needs to complete money transfers to users. I understand that Yodlee has APIs that can collect data on transfers and various transactions for financial accounts.
However, can the Yodlee API actually perform the money transfers, or is the API only designed for information aggregation?
Looking at their documentation, there's no mention about money transfers, only obtaining data from accounts, so you can't make money transfers using their API.
As of now, Yodlee doesn't provide APIs for money transfer. While you can use Yodlee APIs to gather the account information or to perform IAV i.e. Instant Account Verification. Check this link.
Money movement is part of the Yodlee platform but is not offered in the standard API services as it requires special licensing to leverage. Please use the contact form to discuss this with Yodlee:
Yodlee has an API for funds transfer, they call it "Money Movement API".
However, the money movement api is not available in the sandbox and is only available to large corporations as there are legalities involved.
This is the email I got from their Sales Development Team:
The Money Movement API is for larger global financial institutions as
they hold all of the licensing and liability. No, it's not available
in the sandbox.
This doesn't mean you can't get it. You will have to talk to them about this.