Belvo supports the connection to institutions where a 2FA or OTP (One Time Password) is needed.
When you are trying to retrieve information from the institution through a POST call to Belvo, you can add the 2FA inside the call by adding a "token" field inside the body request.
However, if you don't add the 2FA and it is needed to perform the call you are trying to make, you will receive a 428 error asking you to submit the token. The content of the error will be similar to this:
"detail": "Token Required",
Once you have the token value, you can use the
link and the
session from the response above to send a new
PATCH request to the
curl -X PATCH \
-H 'Content-Type: application/json' \
-H 'Host: api.belvo.co' \
-H 'cache-control: no-cache' \
-u [Secret Key ID]:[Secret Key PASSWORD]
For more details, you can access our MFA-handling page in our getting started guide.