nodejs robinhood api login

Question

I'm trying to use the Robinhood API, and I've disabled 2FA and SMS in the app, but I'm still getting an error. Does this look correct, or is Robinhood simply slow at updating when 2FA is disabled?

var credentials = {
        username: '*****',
        password: '*****'
    };
    var Robinhood = require('robinhood')(credentials, function(){
        console.log(Robinhood.auth_token());
            //      <authenticated alphanumeric token>
    })

the error

Error: token not found {"statusCode":400,"body":{"detail":"Request blocked, challenge type required.","accept_challenge_types":{"sms":"SMS"}},"headers":{"date":"Mon, 24 May 2021 22:44:07 GMT","content-type":"application/json","content-length":"93","connection":"close","server":"openresty","allow":"POST, OPTIONS","x-robinhood-api-version":"0.0.0","content-security-policy":"default-src 'none'","x-frame-options":"SAMEORIGIN","x-content-type-options":"nosniff","x-xss-protection":"1; mode=block","access-control-allow-origin":"https://robinhood.com","vary":"Origin","trace-uuid":"56ccb9cc-8bca-4dbd-be6f-4a6d86171354"},"request":{"uri":{"protocol":"https:","slashes":true,"auth":null,"host":"api.robinhood.com","port":443,"hostname":"api.robinhood.com","hash":null,"search":null,"query":null,"pathname":"/oauth2/token/","path":"/oauth2/token/","href":"https://api.robinhood.com/oauth2/token/"},"method":"POST","headers":{"Host":"api.robinhood.com","Accept":"*/*","Accept-Encoding":"gzip, deflate","Referer":"https://robinhood.com/","Origin":"https://robinhood.com","content-type":"application/x-www-form-urlencoded","content-length":214}}}

Neha · Answer 1 · Jun 17, 2022

If you're utilising the Robinhood API, you'll need to enable 2FA. It's mentioned in the request body's detail.

"detail":"Request blocked, challenge type required.","accept_challenge_types":{"sms":"SMS"}}

Go ahead and turn it on and then you can access the api with this snippet

let Robinhood = require('robinhood')(credentials, function(data) {
    if (data && data.mfa_required) {
        var mfa_code = ""; //Notice this is blank. 
        Robinhood.set_mfa_code(mfa_code, () => {
            console.log(Robinhood.auth_token());
            Robinhood.positions((error, response, body) => {
                console.log(body);
            })
        })
    }
})

After you submit a request, you'll receive an error message, but the 2FA challenge will be delivered to the account you specified. Set the mfa code and re-run the snippet once you've got the 2FA code. You've successfully signed in after running the snippet again with a valid 2fa code. You can copy the authorization token and use it for the next 24 hours without having to go through 2FA.