Robinhood

From UVOO Tech Wiki
Revision as of 03:47, 18 March 2020 by Busk (talk | contribs) (Created page with " - https://stackoverflow.com/questions/55902967/is-there-any-way-to-get-a-bearer-token-now-since-robinhood-has-changed-the-api/56841942 - https://github.com/robinhood-unoffici...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

A more complete solution (not need browser): Use requests.session.

Obtain the login page by making a GET request to "https://robinhood.com/login". At this point the session's cookies will contain 'device_id'. Obtain this device_id and use it in making the oauth2 token request to "https://api.robinhood.com/oauth2/token/" also add in the data request "challenge_type" (either "sms" or "email"). This request will fail with a 400 error code. Robinhood will send an SMS message or Email with a temporary (5 minute) code. Also at this point use the 400 response's body to get "id" from "challenge" inside of the JSON object. Confirm the challenge by making a POST request to "https://api.robinhood.com/challenge/CHALLENGEID/respond/" where CHALLENGEID is the same id mentioned in the first failed /oauth2/token/ POST request. Make the same POST request to "https://api.robinhood.com/oauth2/token/" and include in the header "X-ROBINHOOD-CHALLENGE-RESPONSE-ID" with the value CHALLENGEID. You can reuse a device_id with user/pass after this even after logging out. Be cautious with storing device_id as it is the result of user/pass login and successful SMS/email 2FA.

Retrieved from "https://tech.uvoo.io/index.php?title=Robinhood&oldid=455"