Demo Provider
"Demo" is a dummy institution that can be used to test the API and simulate various scenarios by using different combinations of username/password:
- username:
wealthica, password:wealthica. Simulates a successful connection, without 2FA. Sync will succeed. - username:
wealthica, password: anything. Simulates 2FA with multiple-choice question. ReturnsSecurityQuestionError.- answer:
javascript. Simulates multi-step 2FA. Returns anotherSecurityQuestionError(whose answer isruby). - answer:
ruby. Simulates a successful answer. Sync will succeed. - answer:
UserActionRequiredError. Simulates theUserActionRequiredErrorerror. - answer: anything else. Returns
LoginFailedError.
- answer:
- username:
wealthica, password:crash. Simulates a crash during sync. - username:
wealthica, password:error. Simulates an unknown error. - username:
UserActionRequiredError, password: anything. Simulates theUserActionRequiredErrorerror. - username: anything, password: anything. Simulates invalid credentials. Returns
LoginFailedError. - username:
TemporaryFailureError, password: anything. Simulates theTemporaryFailureError. - username:
wealthica, password:wait-{step}-{timeout value in MS}. Simulates thesyncingstatus for that particular step and the overall sync.- the valid steps that can be used are
login,2fa,investments,positions,transactions,documents. - password example:
wait-login-120000.
- the valid steps that can be used are
Investment types
For the "Demo" institution we currently support these investment types:
| Type | Description |
|---|---|
| cash | Cash Account |
| tfsa | Tax Free Savings Account |
| rrsp | Registered Retirement Savings Plan |
| resp | Registered Education Savings Plan |
| margin | Margin Account |
| lira | Locked-in Retirement Account |
| lrsp | Locked-in Retirement Savings Plan |
| rrif | Registered Retirement Income Fund |
| lif | Life Income Fund |
| lrif | Locked-in Retirement Income Fund |
| fhsa | First Home Savings Account |
| gic | Guaranteed Investment Certificate |
| savings | Savings account |
Reproducing the Verify MFA flow
The Verify MFA (also known as "Verify Now") flow allows users to answer a security question without re-entering their credentials. This is used when an institution is stuck in a SecurityQuestionError state.
To reproduce this flow using the demo provider:
Connect the demo institution with 2FA:
- Connect the
demoprovider with usernamewealthicaand any password other thanwealthica(e.g.trigger-2fa) - A security question will appear (e.g., "What's Anton and Cody's favorite programming language?")
- Connect the
Answer the security question to complete the initial connection:
- Answer
rubyto succeed, or answer the multi-step flow (javascriptthenruby)
- Answer
Trigger a new sync that produces a security question:
- Sync the institution again — since the stored credentials still have the non-
wealthicapassword, the sync will hit aSecurityQuestionError
- Sync the institution again — since the stored credentials still have the non-
Leave the security question unanswered:
- Close the modal or navigate away while the security question is showing
- The institution is now stuck in
sync_status: "error"withsync_error.name: "SecurityQuestionError"
Use the Verify Now / Verify MFA flow:
- In wealthica-app-v2: The dashboard shows a "Verify Now" link on the institution. Clicking it opens the security question screen directly (skipping the credentials step)
- In wealthica-connect: Navigate to
/verify-mfa/<institution_id>?token=<auth_token>. The security question form will appear with a countdown timer
What the institution looks like in this state
{
"sync_status": "error",
"sync_error": {
"name": "SecurityQuestionError",
"message": "What's Anton and Cody's favorite programming language?",
"options": ["C++", "JavaScript", "Ruby", "Enter a security code"]
},
"sync_status_details": {
"investments": "error",
"positions": "error",
"date": "2026-04-03T09:18:58.019Z"
}
}
Countdown timer
Both wealthica-app-v2 and wealthica-connect implement a 2-minute cooldown before allowing a new verification request:
- Before 2 minutes: Shows "Please wait for Xm Xs before you can request a new verification."
- After 2 minutes: Shows "It's been Xm since the verification request was sent. Click here to request a new verification right away"
The timer is based on institution.sync_status_details.date and updates every second.