With this feature, it's possible for you to receive and answer all non special MFA questions at once.

This flow is useful if you want to avoid having a failed background refresh due to an unanswered MFA question prompt.

To illustrate the saved information in a LoginID we have this image to represent every step into this flow:


1. Authorize

In order to extract all security questions, your first 'Authorize' call have to be made with the parameter 'WithMFAQuestions: true' and 'Save: true' Find more about it in our documentation.

OBS: Note that HSBC, CIBC, Laurentienne and Simplii do not provide the security questions in advance, so this feature is not available for these Financial Institutions.


If you get an MFA prompted during this first Authorize call, the answer for this question will be validated and stored, but the other Security Questions will still be stored without an answer.

Once validated, you will receive the OK from the Authorize call:

2. Retrieve the unanswered questions

Once you are authorize with 'WithMFAquestions:true' you'll be able to call the GetMFAQuestion endpoint to retrieve all the unanswered MFA questions for a specific LoginId. This endpoint uses the 'GET' method. Find more about this step here.

3. Answer your questions

The last step will be to answer these yet unanswered security questions by calling the endpoint AnswerMFAQuestions using the same Login Id. This call is a 'PATCH' method. Click here to learn more on this part.

ImportantThese answers will only be validated when the bank prompt us these questions during an another live call.

After these 3 steps, the questions and answers will be saved in the database and you should not face them again, if they're all valid.

If during a validation the answer is not correct, the answer is going to be erased from the LoginId and the question will be returned in a `GetMFAQuestions` endpoint call. Also, if ever you reset your questions, you'll need to go through this process again to have them save again.