Authenticate user's account

curl --request POST \
  --url https://integration-api.meshconnect.com/api/v1/authenticate \
  --header 'Content-Type: application/json' \
  --header 'X-Client-Id: <api-key>' \
  --header 'X-Client-Secret: <api-key>' \
  --data '{
  "username": "username",
  "password": "password",
  "mfaCode": "000000",
  "mfaType": "phone",
  "isSensitiveFieldsEncrypted": false,
  "isTryingAnotherWay": false,
  "type": "robinhood"
}'

{
  "content": {
    "status": "succeeded",
    "expiresInSeconds": 7200,
    "accountTokens": [
      {
        "account": {
          "meshAccountId": "00000000-0000-0000-0000-000000000000",
          "frontAccountId": "00000000-0000-0000-0000-000000000000",
          "accountId": "Id of the account",
          "accountName": "Name of the account"
        },
        "accessToken": "Access token, allowing access to the integration",
        "refreshToken": "Optional refresh token, allowing to refresh the access token"
      }
    ]
  },
  "status": "ok",
  "message": "",
  "errorHash": "94041b5b3ea3701cf1f3ce6881d62a394c3e8beb",
  "errorType": ""
}

POST

api

authenticate

Authenticate user's account

curl --request POST \
  --url https://integration-api.meshconnect.com/api/v1/authenticate \
  --header 'Content-Type: application/json' \
  --header 'X-Client-Id: <api-key>' \
  --header 'X-Client-Secret: <api-key>' \
  --data '{
  "username": "username",
  "password": "password",
  "mfaCode": "000000",
  "mfaType": "phone",
  "isSensitiveFieldsEncrypted": false,
  "isTryingAnotherWay": false,
  "type": "robinhood"
}'

{
  "content": {
    "status": "succeeded",
    "expiresInSeconds": 7200,
    "accountTokens": [
      {
        "account": {
          "meshAccountId": "00000000-0000-0000-0000-000000000000",
          "frontAccountId": "00000000-0000-0000-0000-000000000000",
          "accountId": "Id of the account",
          "accountName": "Name of the account"
        },
        "accessToken": "Access token, allowing access to the integration",
        "refreshToken": "Optional refresh token, allowing to refresh the access token"
      }
    ]
  },
  "status": "ok",
  "message": "",
  "errorHash": "94041b5b3ea3701cf1f3ce6881d62a394c3e8beb",
  "errorType": ""
}

Authorizations

X-Client-Secret

string

header

required

Contact Mesh to get client Secret

X-Client-Id

string

header

required

Contact Mesh to get client Id

Query Parameters

userId

string

required

Id of the end-user

Maximum length: 50

Body

application/json

Authentication request.

type

enum<string>

required

Available options:

robinhood,

eTrade,

alpaca,

tdAmeritrade,

weBull,

stash,

interactiveBrokers,

public,

coinbase,

kraken,

coinbasePro,

cryptoCom,

openSea,

binanceUs,

gemini,

cryptocurrencyAddress,

cryptocurrencyWallet,

okCoin,

bittrex,

kuCoin,

etoro,

cexIo,

binanceInternational,

bitstamp,

gateIo,

acorns,

okx,

bitFlyer,

coinlist,

huobi,

bitfinex,

deFiWallet,

krakenDirect,

vanguard,

binanceInternationalDirect,

bitfinexDirect,

bybit,

paxos,

coinbasePrime,

btcTurkDirect,

kuCoinDirect,

okxOAuth,

paribuDirect,

robinhoodConnect,

blockchainCom,

bitsoDirect,

binanceConnect,

binanceOAuth,

revolutConnect,

binancePay,

bybitDirect,

paribuOAuth,

payPalConnect,

binanceTrDirect,

coinbaseRamp,

bybitDirectMobile,

sandbox

phone

string | null

username

string | null

password

string | null

tradePin

string | null

countryInfo

object

Show child attributes

challengeId

string | null

challengeCode

string | null

challengeType

string | null

challengeAnswer

string | null

Used to provide answers to security questions

mfaCode

string | null

mfaType

enum<string>

Available options:

phone,

email,

totp,

phoneAndEmail,

requireNextSecurityQuestion,

readEmail,

face,

tradingPin,

qrCode,

password,

roaming,

mobile,

passkey

deviceInfo

string | null

webData

string | null

authFlowStep

enum<string>

Available options:

loginPassword,

mfaFlow,

faceVerification,

createAPIKey,

loginQrCode

key

string | null

authToken

string | null

redirectLink

string | null

confirmationEmail

string | null

trueAuthAuthRequest

object

Show child attributes

isSensitiveFieldsEncrypted

boolean

Indicates whether the sensitive fields in this request are encrypted. When set to true, the following fields should be encrypted using Base64 encoding:

Username
Password
Phone
TradePin
ChallengeAnswer
MfaCode
DeviceInfo
ConfirmationEmail

Base64 encoding is used to encode these fields into a format that can be safely transmitted and stored.

isTryingAnotherWay

boolean

Flag indicating that the user is attempting to switch to the next available 2FA method (e.g., Email, Google Authenticator) after failing to complete or canceling the current verification method (e.g., Roaming 2FA).

This field is primarily used for Robinhood and BinanceInternationalDirect on the DeviceConfirmationPage when a user clicks the "Try Another Way" button. It informs the backend to move to the next MFA method instead of retrying the current one.

Response

status

enum<string>

Available options:

ok,

serverFailure,

permissionDenied,

badRequest,

notFound,

conflict,

tooManyRequest,

locked,

unavailableForLegalReasons

message

string | null

A message generated by the API

displayMessage

string | null

User-friendly display message that can be presented to the end user

errorHash

string | null

An error grouping hash from string components and caller information. Used by bugsnag on FE for correct error grouping

errorType

string | null

Strictly-typed error type that is explaining the reason of an unsuccessful status of the operation. All possible error types are available in the documentation.

errorData

any

content

object

Show child attributes

Auth token

Registered Clients

Authenticate user's account

Authorizations

Query Parameters

Body

Response