Skip to main content

For updates and guidance related to COVID-19 / Coronavirus, click here.

Technical Notice

fileX transition from Basic Auth to OAuth 2.0 Deadline Extension

January 13, 2022

The deadline for transitioning from Basic Auth to OAuth 2.0 for fileX APIs has now been extended to Feb 28, 2022. The transition from Basic Auth to OAuth 2.0 method for authentication is necessary because Basic Auth is a less secure authentication mechanism, which could potentially expose long-lasting credentials. OAuth 2.0 replaces these long-lasting credentials with limited life span tokens, resulting in an improved security and control of FINRA applications.

What do I need to change?

Before invoking fileX APIs, send an API request to FINRA Identity Platform(FIP) service to obtain OAUTH token and use the token received to make further fileX API calls.

How to generate OAUTH token?

For detailed instructions on how to generate an OAUTH token see section 5 in fileX v1.3.0 user guide (new version). The old user guide v1.2.4 that contained Basic Auth information will be available until 2/14/2022 and replaced with the new guide after that.

Key Milestone Dates

No. Steps Date
1 fileX started supporting OAUTH 2.0 in QA & CT Sept 30, 2021
2 fileX started supporting OAUTH 2.0 in PROD Nov 05, 2021
3 fileX turns off Basic Auth in QA and CT Feb 1, 2022
4 A follow up reminder will be sent 5 days before the PROD turn off date Feb 23, 2022
5 fileX turns off Basic Auth in PROD Feb 28, 2022

This change only impacts HTTPS and S3 Direct Customers. It does not impact the SFTP method in fileX which still requires userid and password to connect and perform file transfers.