Open Authorization

Instructions

New Account Linking Process with Open Authorization

PortfolioAnalyst uses Open Authorization (OAuth) with other participating financial institutions. This streamlined feature allows us to transfer you directly to your financial institution login through our Fiserv OAuth connection. Fiserv is our third-party aggregator for all external account data.

By utilizing the OAuth feature, you grant IBKR access to your financial information without sharing your password credentials. This keeps your information more secure while providing you with a complete view of your financial picture.

Data Access Overview

As you may know, one of the key trends in the Aggregation industry is the adoption by many large financial organizations of a token-based API solution, using an OAuth framework for data access. This shift strengthens data protections and controls, ensuring consumer transparency to the data being shared and the recipients of that data, as well as eliminating third-party sharing of consumer-credentials for bank account access. Organizations that provide these token-based APIs typically require the execution of a Data Access Agreement for their clients to continue to receive data. However, we have eliminated the need for you to take this step, since we have an Agreement in place with Fiserv.

One of the key features of this connection method is the identification of the specific third-party application that will receive data, to provide clarity to the consumer of what their consent entails.

Which Institutions are Supported?

At present, only a few financial institutions are supported (such as Charles Schwab, US Bank and JP Morgan Chase). As Fiserv adds new connections we will continue to add financial institutions.

How Do I Get Started?

If you are linking an external account for the first time, simply search for the financial institution in the External Accounts tab within PortfolioAnalyst. Existing accounts with institutions that have been moved to this new linking process will show a prompt that the account needs to be updated. Click on the account to get started. From there you will be prompted to log in to your financial institution. This is where the process differs slightly - instead of entering your credentials into IBKR, a window will now automatically open for you to log directly in to your financial institution's website.

Important Tips

  • Make sure your Pop-Up Blocker is temporarily disabled for IBKR as the login window for your financial institution may be blocked by your browser.

  • To verify that your login credentials are correct, you need to navigate directly to your financial institution’s website (and not test credentials through PortfolioAnalyst).

  • Do not open your financial institution in a separate tab or browser window while going through this process. To successfully link your account, you will need to go through the sign in page on the window that pops up as part of the linking process.

  • When prompted to enter a security code, enter the values manually rather than copying and pasting, as this can sometimes cause the Submit button to be disabled by the Financial Institution.

Will Updating My Existing Account to Use OAuth Impact Historical Data?

No! The only thing changing with this new process is how IBKR is we are connected to your custodian accounts. All of your historical data will remain and new data will automatically update as it comes through your account.

I Received an Error Message. What Should I Do?

If you see an error message after trying to make this change, try clearing your browser cache before trying again. Additionally, make sure that you can log in to your financial institution successfully - if they are performing site maintenance, you may need to wait until the maintenance period ends before attempting to link your account. If you need assistance, please contact Client Services.

 

Additional Resources