Open the widget for Refresh Intents

📘

Only for multifactor authentication logins

You don't need to open the widget for Refresh Intents if the requires_mfa fields is null.

If the bank of the link you're trying to refresh requires multifactor authentication (MFA) for the login, then you will have to opent the widget on your frontend so the user can enter its second factor. For security reasons, this cannot be done purely through the API.

You can review which institutions require MFA on login at the Institutions table. For now, this functionality is only enabled for banks in Mexico.

The configuration to open the widget should look like this:

<head>
  <script src="https://js.fintoc.com/v1/"></script>
</head>

<body>
  <script>
    const widget = Fintoc.create({
      widgetToken: 'ri_XXXXXXXX_sec_YYYYYYYY',
      publicKey: 'pk_live_0000000000',
      holderType: 'individual',
      product: 'refresh_intent',
      onSuccess: () => { console.log('Refresh Intent Finished'); },
      onExit: () => { console.log('Refresh Intent Failed or Canceled'); },
    })
    </script>
</body>

Here, the widgetToken parameter corresponds to the token located inside the requires_mfa object of the Refresh Intent. You can read more about the widget and its configurations at the Widget documentation.