Comments (30)
Hi, thanks im glad you enjoy the package. I will work on reenabling the non MFA login. I wanted to get something working quickly and make sure there were no other breaks. I have addressed all of the known api issues so ill turn my attention to this one.
from robinhood.
im planning to push a new branch tonight attached to this issue that will prevent the function from failing if you dont provide an mfa code. Im not going to change any of the other structure yet so the API call will still try to push an MFA, it will just be null (or i can hardcode an arbitrary value). If someone can install the separate branch version and give me some feedback that would be appreciated.
I sent an email to RH customer service on downgrading from MFA, but i have not received a response. Im guessing they are really pushing towards this and are planning on making it mandatory at some point.
from robinhood.
from robinhood.
I forked the auth piece and you can see how I am doing it here:
https://github.com/exploringfinance/RobinHood/blob/main/R/RobinHood.R
from robinhood.
After looking at my account settings, i dont see an option to disable MFA, only edit my existing MFA. Unless I am missing something obvious. Can you point me to it?
from robinhood.
Looking at it I don't think you can. I have access to two accounts, one with MFA one without. In the MFA enabled one I don't see a way to turn it off...
I was able to test the solution I had above, saving the RH object after using the MFA Code once seems to work. But I'm not sure if that's a reliable solution going forward.
RH <- RobinHood(username = "my_username", password = "my_password, mfa_code = "my_mfa_code")
save(RH, file = "RH_account.Rdata")
rm("RH")
load("RH.Rdata")
from robinhood.
okay, they must be pushing that... so something that people might not know is that the access token you get lasts for quite a while. Ive added the expiration (which i think is in seconds) to the RH object. Ive used one token for multiple days so its not like you have to login every time you do an action.
Looking at the api im wondering if the command would basically be the same. Ill change the function to not fail if you dont supply a mfa token. Then maybe you can test it and see if that works?
from robinhood.
That sounds good, so you're saying that the mfa_code argument would be NULL by default, which is how it was previously right?
Let me know when I should give it a try!
from robinhood.
I have not signed up for MFA but I was using an older version of the package and it suddenly stopped working two weeks ago. I am happy to test as well, but something tells me that MFA might be required. I played with some of the source code and it was giving me 404 anytime I didn’t provide mfa
from robinhood.
Sounds good!
Using the current git version (1.6.8), I tried supplying a random number (as a character) for the MFA code on a non-MFA enabled account and I get a Bad Request error. Supplying NULL results in an error from the api_login function. The body dataframe cannot be built in the api_login function.
This is what I tried on the non-MFA enabled account:
mfa_token <- paste0(sample(0:9, size = 6, replace = T), collapse = "")
RH <- RobinHood(username = "my_user_name", password = "my_password", mfa_code = mfa_token)
And it resulted in the HTTP 400 Error
from robinhood.
I am happy to try it but not sure it will work. I passed ‘’ and random strings. 404 error for all of them. It wouldn’t let me pass a NULL value. If they require mfa there won’t be a way to fully automate. I wrote packages for etrade and TD. They both allow for refreshing tokens allowing you to go indefinitely. TD uses oauth 2. Maybe Robinhood can allow something similar?
from robinhood.
If someone could try this out I would appreciate it.
from robinhood.
400 Bad request
I used this code:
RobinHood <- function(username, password, mfa_code = NULL) {
# If MFA is null, set to 0 and remove later
if (is.null(mfa_code) == TRUE) mfa_code <- "000000"
RH <- RobinHood::api_login(username, password, mfa_code)
accounts <- RobinHood::api_accounts(RH)
url_account_id <- accounts$url
RH <- c(RH, url = list(account_id = url_account_id))
if (is.null(RH$api_response.access_token)) {
cat("Login not successful, check username and password.")
}
class(RH) <- "RobinHood"
return(RH)
}
And the response was this:
Error in RobinHood::api_login(username, password, mfa_code) :
Bad Request (HTTP 400).
from robinhood.
I got the same thing, pulled down the latest commit of the pkg using:
devtools::install_github("jestonblu/RobinHood@062641f36a779b40cea884c49fd8857613fe9811")
When I tried to run it on my non-MFA account I get a the same Bad Request HTTP 400 error.
Not sure how helpful this is, but I took a closer look inside the api_login function and noticed when you run this line:
dta <- dta %>% content(type = "json") %>% rawToChar() %>% jsonlite::fromJSON() %>% as.list()
The dta list has an element named "detail" which returns: "Request blocked, challenge type required."
I am able to run the api_login function from the inside and it returns a list, but when I try to run:
accounts <- RobinHood::api_accounts(RH)
I get an Unauthorized (HTTP 401) error
Given that you're trying to pass an MFA code to an account that doesn't have MFA enabled the error makes sense, but at the same time it seems that Robinhood is making it impossible to use the API without a MFA enrollment. Did you ever hear back from RH support?
from robinhood.
@kmohammadi6 could you clarify how you are obtaining the mfa_code for the MFA-enabled and non-enabled accounts? We have two Robinhood accounts - one which we've turned on standard SMS MFA (and now can't see any way to disable it), one which we have MFA disabled.
Here are the $detail text from the HTTP 400 error:
For the account with no MFA (and we enter a empty string in mfa_code):
$detail
[1] "Request blocked, challenge type required."
For the account with SMS MFA, and we enter the 6-digit SMS code as a string:
$detail
[1] "Unable to log in with provided credentials."
For the mfa-enabled account, do you log in on your Robinhood phone app first to get the SMS code? then plug that code into R's api_login before you complete the log in on your phone?
from robinhood.
For the MFA enabled account I get the code from the Duo mobile app and pass it as a character to the Robinhood function. This has worked for me on the MFA enabled account. As JestonBlu mentioned, the token seems to be good for a number of days so I saved the RH object as an RDS and can reuse it.
RH <- RobinHood(username = "my_username", password = "my_password, mfa_code = "my_mfa_code")
For the MFA disabled there is obviously no MFA code to pass, I've tried passing:
NULL, "000000", or another random 6 digit number string: mfa_token <- paste0(sample(0:9, size = 6, replace = T), collapse = "")
None of these approaches have worked, and I've hit the same issue you have.
from robinhood.
For the MFA enabled account I get the code from the Duo mobile app and pass it as a character to the Robinhood function. This has worked for me on the MFA enabled account. As JestonBlu mentioned, the token seems to be good for a number of days so I saved the RH object as an RDS and can reuse it.
RH <- RobinHood(username = "my_username", password = "my_password, mfa_code = "my_mfa_code")
For the MFA disabled there is obviously no MFA code to pass, I've tried passing: NULL, "000000", or another random 6 digit number string:
mfa_token <- paste0(sample(0:9, size = 6, replace = T), collapse = "")
None of these approaches have worked, and I've hit the same issue you have.
Thanks for the info. For some reason my mfa-enabled account still isn't working. Is it the 6-digit code from DUO (that expires every 30 secs) what you plug into argument mfa_code? Or is it a alphanumeric code?
from robinhood.
I'm using the 6 digit code from the DUO App, passing it as a character
Not sure if this is the issue, but in the the app it might look like it's showing a space between the 3rd and 4th digit, but you just need to pass it as a 6 digit code with no space.
from robinhood.
I'm using the 6 digit code from the DUO App, passing it as a character
Not sure if this is the issue, but in the the app it might look like it's showing a space between the 3rd and 4th digit, but you just need to pass it as a 6 digit code with no space.
Hmm interesting.. that is what I'm doing. Under the Two-Factor Authentication settings page - I have "Authenticator app" and "Backup code" under "Manage your Methods". Then I try to run the api_login/RobinHood functions during that 30 seconds when the Duo code is still live.
from robinhood.
I'm doing a couple different things it sounds like. Firstly, I'm just using the top level Robinhood function but that shouldn't be an issue.
It sounds like you're going through the RH app to get the code? I'm just going to the duo mobile app directly, you can add accounts and store them in the DUO app. I never open up the RH app to get the code.
from robinhood.
Iam still having this issue, any resolutions.
Error in RobinHood::api_login(username, password, mfa_code) :
Bad Request (HTTP 400).
from robinhood.
from robinhood.
Can you please provide the syntax that was working.
from robinhood.
Its the standard connection command. Are you sure you are using the github version? Should say 1.6.9
RH <- RobinHood(username, password, mfa_code = '123456')
from robinhood.
from robinhood.
Yes, that is the easiest way. You will need the devtools package to install it from github.
install.packages("devtools")
devtools::install_github("jestonblu/RobinHood")
from robinhood.
from robinhood.
I'm getting the Bad Request (HTTP 404) error on the api_login as well.
I'm using the Google Authenticator app on my mobile phone for the MFA code. Is that the correct method to get the code?
from robinhood.
I forked the auth piece and you can see how I am doing it here: https://github.com/exploringfinance/RobinHood/blob/main/R/RobinHood.R
does your fork require the otp package?
from robinhood.
from robinhood.
Related Issues (20)
- fractional shares and "sell all" HOT 2
- get_positions_options: Column `updated_at` doesn't exist HOT 4
- get_positions_options: Column `state` doesn't exist HOT 1
- Buy in dollars rather than shares? HOT 2
- feature request: trailing stop for stocks
- HTTP 400 error for get_tcierks(RH, add_fundamentals = T)
- Getting Bad Request (HTTP 400) Error HOT 14
- argument "mfa_code" is missing, with no default HOT 3
- Cannot place order HOT 3
- HTTP 400 Bad Request on api_login
- Error in get_historicals_options HOT 4
- 404 on vignette getting started HOT 1
- logout() function is returning Internal server error 500 HOT 2
- Placing an order in extended hours
- Current Bugs
- Retirement Accounts
- Have you considered using MFA HOT 1
- Can't place orders HOT 2
- Error when I run get_positions() HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from robinhood.