Our team has developed a solution to overcome the MFA challenge when a refresh is required. The Mid-Session Reconnect feature now allows you present your end-user (through Flinks Connect) with whatever MFA challenge the bank is prompting, so they can help us overcome this authentication step on a refresh.


Please find below the steps on how to leverage this feature.


Be advised that this feature requires activation. Please reach out to your technical contact at Flinks or to help-integration@flinks.com to have it enabled.



Complete Workflow

 


1. /AuthorizeAsync call with LoginId


The first step is to make a request to our /AuthorizeAsync endpoint, informing the LoginId, and setting MostRecentCached=false and Save=true as below.



With the LoginId being valid, the endpoint will respond with a 202 and a RequestId. Make sure to grab this RequestId for the following step.


2. /AuthorizeAsync call with RequestId


As shown in the workflow above, after calling /AuthorizeAsync with a RequestId, it can return different statuses. The following snapshot shows the case on which the endpoint returns a 203, which indicates that an MFA challenge has been prompted, and that the user's engagement is needed.



3. Flinks Connect


In order to present the MFA challenge to your end-user, you should now load our iframe informing the RequestId as an URL parameter, as in https://yourinstance-iframe.private.fin.ag/v2/?requestId={requestId}


4. Redirect


Once the user answers the MFA prompt, they will be presented with the successful connection screen and the Redirect event will be triggered to inform you of the successful connection.


If your integration makes use of the redirectUrl feature, you can also add this parameter to the iframe URL to have the user redirected once the connection is completed. In this case, the iframe URL that should be loaded would be similar to: https://yourinstance-iframe.private.fin.ag/v2/?requestId={requestId}&redirectUrl={URL}.


Once you get the confirmation of a successful connection, you should then engage on the cached flow, as described in Request Flow for Cached Mode.


In case you have any questions, please don't hesitate to reach out to our team!