[GNC-dev] Patelco stopped supporting OFX... other options
Jean Laroche
ripngo at gmail.com
Thu Jun 18 13:05:28 EDT 2020
The server code clearly mentions OAUTH. Let me know what you can
determined from the server code if you find something interesting...
J.
On 6/18/20 9:51 AM, Derek Atkins wrote:
>> This is interesting. It sounds like OAUTH, where the mini-webserver
>> redirects to the bank's website for authentication and gets a token back,
>> but OAUTH tokens are supposed to be single-use and expire. The fact that
>> neither seems to be the case is a bit worrying. Does plaid provide the
>> source code for this web server?
>
> That's not always the case. OAuth has long-lived tokens that can be
> refreshed and reused, they are not (always) single-use tokens. You're
> right that it DOES sound like OAuth, but it also sounds like you're
> obtaining a client token that can be re-used.
>
>> Regards,
>> John Ralls
>
> -derek
>
More information about the gnucash-devel
mailing list