I'm still trying to figure out how different this is from their "parameter store" offering in AWS Systems Manager. The main thing I guess is you get more control over key rotation.
This is really unfortunate. I've used the IRC gateway feature over the years to lurk in multiple Slack groups and looks like this will be the end of using (social) Slack groups for me.
Their web interface has just.. not cut it for me. Too resource intensive and not enough control over how/when I am interrupted. This was why I gravitated to the IRC gateway in the first place. Oh well.
The console dump was super useful, thank you for that!
I think it might be because you have third-party cookies disabled [1], and the Google Auth client uses an iframe with cookies to do its thing. I replicated it myself by disabling third-party cookies and the results were similar to what you described.
I'll look into what I can do about this on my end tomorrow. Thank you again for your time!
Interesting. I log into a handful of other sites using Google OAuth and have never had a problem. Let me know if you get it figured out, I would still like to check out your service.
You are right. Twilio Connect has sadly not been a great user experience and this is something we're reconsidering. We used it initially because it was a low-risk approach to see if people would use a product like this. Thank you for your feedback :)
Two-way messaging and call proxying is likely the next big features we'll be rolling out.
We went with the Twilio Connect route initially as a low-risk approach to see if there's an appetite for a something like this. Sadly it has not been a great user experience and we're definitely going to reconsider it (Twilio Connect).
As you might have guessed, we haven't actually decided on pricing yet but I wanted to put something on that page so that people can get a feel for how much it would cost them.
And yeah, the system we were using for auth (Cognito) did not at that time have an adequate 2FA solution, which was why we went with Google. Now that they do, we'll likely use that which would allow people to also signup with a username/password (in addition to Google, etc).
Related to this, I wrote a CLI tool called Ledger Reconciler[0] to automate the process of logging into all my financial accounts and inputting those transactions into Ledger. It uses headless Chrome underneath (via the puppeteer API[1]) so it could theoretically work with any system without needing to rely on public/private banking APIs.
I also tried to make the plugin system as friendly as I could so people for people to add their own financial instutions. I'm optimistic someone will contribute a plugin one day :)
What do you think of Weboob, http://weboob.org for French and other banks?
"Weboob is a collection of applications able to interact with websites, without requiring the user to open them in a browser. It also provides well-defined APIs to talk to websites lacking one."
It would theoretically use whatever meachnism you would use to interactively log into your bank. For Canadian banks this is user, password, and security question/answers. The "plugin" system was designed to account for each banking system being unique so how it logs in really depends on the bank.
This runs locally and it has the ability to read gpg-encrypted credentials (using gpg-agent).
This of course gets complicated with TOTP tokens but I'll cross that bridge when needed :)
I think we all know the answer to that question :)
I would note that professional bank feed apis (e.g. yoodle) also use username password pairs and not only break when you change password but can result in a locked bank account due to too many retries.
That said, there is no universal solution in the US.
> I think we all know the answer to that question :)
May I ask-- for those not in the know --that what is it? :) From your comment I'd infer that username/password, but that hasn't been the case for many years, at least at the banks I use (in Europe).
If he's using headless Chrome then it's likely form filling. I.e. just automatically typing in the answers to the authentication prompts on the pages as you'd normally do when you log in. Most banks, even those with TOTP or alternate MFA methods, allow you to login with standard authentication details to get access to statements and not make any changes.
I would recommend using Headless Chrome along with a library like puppeteer[0]. You get the advantage of using a real browser with which you run pages' javascript, load custom extensions, etc.
