Steps to connect Mojito to your active Mint session
In May, 2016, Mint changed it's login process in a way that blocks Mojito from directly logging in to your Mint account. However, if you log in to Mint yourself, you can still connect Mojito to that active Mint session. It just requires you to "go behind the curtains" and copy Mint's HTTP headers into Mojito's Mint Authentication window.
The steps are below. NOTE: These steps are for Google's Chrome browser.
Step 1:
Open the Mojito spreadsheet in a browser window and select Connect Mojito to your active Mint session from the Mojito menu. The Mint Authentication dialog window will open.
Step 2:
This should take you to the Overview page. If it doesn't, click the Overview link at the top of the page.
NOTE: It is helpful to have mint.com open in a separate window, rather than a tab, and to have the Mint window slightly visible as you are working in Mojito. This allows you to see when the Mint session is about to time out and log you off. All you have to do is click in the Mint window to keep the session alive for another 10 minutes. This saves you from having to log back in to Mint, copy the HTTP headers again, etc.
NOTE: It is helpful to have mint.com open in a separate window, rather than a tab, and to have the Mint window slightly visible as you are working in Mojito. This allows you to see when the Mint session is about to time out and log you off. All you have to do is click in the Mint window to keep the session alive for another 10 minutes. This saves you from having to log back in to Mint, copy the HTTP headers again, etc.
Step 3:
In the Mint Overview window, open the Chrome Developer Tools* and click the Network link.
* If you use a different browser, you will need to figure how to view the HTTP network requests when a web page is loaded.
Step 4:
Make sure you are viewing the Overview page on Mint, then refresh the webpage (keyboard shortcut key is F5 on Windows). The Developer Tools window will fill with the HTTP requests.(NOTE: the screenshot below needs to be updated. Search for track.xevent not oauth2.)
Step 5:
Copy the HTTP headers for the Mint authentication request:
a. You should see one or two requests on the left of the Developer Tools window that starts with "track.xevent?token=...". Select one of these requests to see the HTTP headers on the right.
b. Click the mouse in the HTTP headers area on the right to give it focus, then select all of the headers by pressing Ctrl+A on the keyboard. (NOTE: If pressing Ctrl+A does not work, then use the mouse to select all of the headers.)
c. Copy the headers to the clipboard by pressing Ctrl+C on the keyboard.
Step 6:
Switch back to the Mojito window and paste the HTTP headers into the corresponding text field by pressing Ctrl+V on the keyboard.
Be sure to enter your Mint account email address also.
Click OK to complete the authentication. If the authentication fails, paste in the headers and click OK again. Sometimes it takes a couple of tries.
Thanks so much! This worked perfectly for me!
ReplyDeleteWorked fine...after a few tries. Good job! Thanks
ReplyDeleteThank you! Works great!!
ReplyDeleteThis was working on my desktop w/ Chrome. However on my chromebook no matter what I put in the headers field I get "TypeError: headers.findIndex is not a function" error. Thoughts?
ReplyDeleteApparently the version of Chrome running on your Chromebook is old. The 'findIndex' function is a new addition to the javascript language, but Chrome has supported it for quite a while now. Is there anyway to update the version of Chrome on your Chromebook? Or, is there an option in your settings to support the ES6 version of javascript?
Delete-b3
Thanks! That worked! Can't believe how outdated my chrome was. Now I can just leave a mint tab open with the developer tools open to oauth2 filter. Just click auto-filled in sign in and copy over the headers. Takes all of 5s!
DeleteYep, that's exactly what I do. It ain't pretty, but in the end it's surprisingly easy. And having Mint.com open in a separate window let's me see when the session is about to expire, so I can just click in the window to extend it for another 10 minutes. Personally, I actually prefer that over the previous direct-login implementation.
DeleteBACK TO LIFE,
ReplyDeleteTHANKS thanks THANKS thanks!!!!!!!
appreciate the hardwork you have put into this bud--very impressive and useful tool--well done
ReplyDeleteI am so happy that you have found a work around b/c I am very much missing using Mojito. Unfortunately, I am still stuck on Step 1 b/c I don't see "Connect Mojito to your active Mint session" as an option in the Mojito drop down menu or as a button. Is is somewhere else that I am missing? Under another tab? Could someone direct me to where it is located? Thanks
ReplyDeleteIf you download a new copy of Mojito, do you see the menu option? Assuming yes, did you upgrade you current version of Mojito? The upgrade steps are here: http://b3devs.blogspot.com/p/faq-10x.html#how_to_do_minor_upgrade
DeleteFeel free to email me directly if you are still having problems. b3devs@gmail.com
Hello - downloading a new copy of Mojito did the trick. However, there are no categories or tags imported into mojito so I can't edit anything. I am so happy that you've found a work around for the changes with mint but one of the things I especially loved was how it allowed me to edit in mojito and then upload those changes back into Mint. Is that still possible?
ReplyDeleteThe settings page is showing the demo@mint.com as the email account - and on the transactions page. When authorizing, I am definitely changing the demo email to my personal mint email but it's not showing that in the mojito file. did anyone else have this issue and figure out how to resolve it? Thanks!
Hi Beth, there is a bug with the email address not getting saved. Sorry about that. You can just update the email on the Settings sheet (and wait several minutes for the old email to be 'forgotten').
DeleteIf you do a "Sync All", you should get the Categories and Tags sheets populated. However, doing Sync All with a new copy of Mojito will download all of your account data for the entire year ... which could take too long and cause the script to "timeout". If that happens, then the Categories and Tags probably won't get downloaded. As a workaround, try importing only a couple of months worth of account data first, THEN do a Sync All. Hope that made sense.
-b3
Both of those suggestions did the trick. Now I am back on track. Thank you!!!
ReplyDeleteIt appears that Mint.com has now moved to mint.intuit.com which breaks with a bunch of 301 errors in the script. :-/ I tried to change the script to use mint.intuit.com instead of wwws.mint.com but it is still breaking. I must have missed something.
ReplyDeleteThere's also another endpoint they changed, 'acccounts.mint.com' changed to 'accounts.intuit.com'.
DeleteAll these changes are giving me a headache too =(
I'm not finding anything in the script with that address. Also, still not working :(
DeleteHi All,
ReplyDeleteI've updated the mint URL in the code. The new version is 1.1.6.1. Download a new copy of Mojito, or update your current copy following these steps: http://b3devs.blogspot.com/p/faq-10x.html#how_to_do_minor_upgrade
Cheers,
-b3
Hi, I'm trying to get this to work, when i click network and refresh nothing named oauth2 shows up. Just overview.event and ns.html?id=GTM-KHMQQ4 I'm not sure what I'm doing wrong...
ReplyDeleteTry doing a "hard" refresh (Shift+F5), or open the Network dev tools window *before* you log in to Mint.
DeleteNeither fixed the problem. Using Chrome Version 54.0.2840.71 m. Not too big of a problem, but if in the next release you could search for "cookie" as well as "Cookie" that would be awesome.
DeleteYup. That's exactly what I do in version 1.1.6.2 (released yesterday).
DeleteI was able to get things working again but only by creating a new copy with your updated version. I was unable to update on my existing copy. The problem for me when this happens is that I have to then recreate all the budget items with their categories and reorganize them so that my budget is usable as I need it. Is there any way to copy my set up from my version to the new copy and still keep all your formulas? When I've tried in the past, I obviously did not do it correctly so I've had to use the "insert new budget item" one by one, adding in each budget item and then moving each line up into the area I need it to be to keep like items together. Is there a solution for this? Thank you!!
DeleteHi Beth, you should be able to copy the budget items from your old copy of Mojito to the new copy. Here is how to do it.
Delete1. Make sure your new copy of Mojito has the same number of budget item rows as your old copy. The budget items start at row 7 (under the black line) and end just before the blue line (line 28 in a fresh copy of Mojito). To delete a line, just delete the row from the spreadsheet. To insert a line, click the 'Insert new budget item' button.
2. Select the budget items in your old Mojito that you want to copy, but only the cells with a WHITE (or colored) background (these are the cells you can edit). Do not select cells that have a light gray background (those cells are computed by formulas or by the Mojito script). I'll be more explicit; you should select the cells from column A to F, and only between the black line and blue line.
3. Copy the budget item cells you selected in step 2 (Ctrl+C). Go to your new copy of Mojito, select the exact same cells that you selected in your old Mojito and paste in the copied cells (Ctrl+V).
4. Your old budgets should now work in your new Mojito. Select a date range (cell A3) or click the Recalc button to verify that your budgets are being calculated correctly.
HTH,
-b3
ha! awesome! Works now.
ReplyDeleteTried remedy on 2 computers..getting error [ Unable to find "cookie:" entry in HTTP headers ] in the Mint Authentication window.. any tips?? Using Chrome Version 54.0.2840.99 m
ReplyDeleteHi Hedge, are you certain you are using Mojito version 1.1.6.2? If so, try downloading a new copy of Mojito and see if that works.
DeletePositive.1.1.6.2.. Downloaded it again, copied the headers. Exactly the same error message. When I log into Mint in the top left corner it says Mojito 1.56 fyi
ReplyDeleteSolved. After filtering for oauth2, you have to click on the Headers view in that window. The default for me was Preview. Once I did that, the authorization stuck.
DeleteOMG I wanted to shoot my self. The "cookie;" issue can be solved by manually changing "cookie" to "Cookie:". Yup, it was a issue of capitalization. :-(
ReplyDelete*Sorry folks, my screen name is "Admin" because of an old Blogger account. The name is Daitona C. and I'm not affiliated with "bthree devs."
ReplyDeleteI copied the headers from Mint overview by following the steps listed, but, where do I paste the headers in Mojito?
ReplyDeletenever mind, I got it. I am able to successfully connect to Mint. Thanks
Deletei am sorry, but "oauth2" is showing nothing
ReplyDeleteIt used to work but not anymore
I'm in the same boat.. can't find oauth2... Did Mint change things?
ReplyDeleteSean/Eddy looks like mint changed things. I used "track.xevent" and authentication succeeded.
ReplyDeleteBK, excellent find! You're right, "track.xevent" does include the "token". I tried several alternative request headers a couple of days ago and could have sworn I tried that one too, but obviously I didn't. Anyway, thanks for posting this. I have updated this Authentication Steps page (even though the screenshot is still wrong). I will also post a new blog entry with the new request to use. Thanks!
Delete-b3
THANKS BK!!
DeleteProtips:
ReplyDeleteMost xevent requests should work.
Just look for token: in the Request Headers part and if you see it, copy that over.
Hello - I have another question. When I create a new Mojito spreadsheet, Google gives me this message -
ReplyDeleteThis app hasn't been verified by Google yet. Only proceed if you know and trust the developer.
Do you plan to become verified with Google? Thank you for all the great work you've done on this product.
Hi Beth, this is an unfortunate nuisance. Google added this "verification" step to address a Google docs "spoof" hack a few months ago. This presents a problem for Mojito because, when you make your own copy of the Mojito spreadsheet, you become the "owner" of the scripts that Mojito uses. So even if I, the original creator, verify the underlying MojitoLib script, you will still get this warning. :-(
DeleteSee this related posting from a developer with a similar issue. https://stackoverflow.com/questions/45576357/google-app-verification-lost-from-google-apps-script-project-when-sheet-is-copie
If you click the "Advanced" link and get past the warning, you should then be presented with the permissions that Mojito requires (and you have the opportunity to cancel at that time, as well).
-b3
Yes I was able to get past - just wasn't sure why this was appearing when it had not before. Thank you for explanation.
DeleteSame. I gave up last week.
ReplyDeleteI'm not having this issue. Was it working before?
ReplyDeleteThe key header Mojito needs is the "token" header. Here is another ".xevent" request that includes this header:
ReplyDeletebundledServiceController.xevent
Where is the: select Connect Mojito to your active Mint session from the Mojito menu - I don't see this anywhere.
ReplyDeleteTried to follow your instructions - On Step 4, there is no "oauth2.xevent?token=..."
ReplyDeleteI got it working 2 seconds ago. It’s called “track.xevent” now.
Delete-Daitona
How were you able to get it to work?
ReplyDeleteOther errors and questions:
ReplyDeleteAddress url error -
https://mint.intuit.com/trendData.xevent
This is the working link in the browser.
https://mint.intuit.com/trend.event
TypeError: Cannot read property "length" from undefined.
I have 73 active accounts. Is this why I’m getting the error? If so, how do I fix?
- Daitona
Hi Daitona,
DeleteI assume you're getting that url error when downloading account balances? the trendData.xevent url is a Mint web API and requires additional parameters. Pasting it into the web browser won't work.
Yes, it's possible that the sheer number of accounts is causing the problem. You could try enabling debug logging to see if that provides any insight. (Refer to the More Q&A page for enabling debug logging: http://b3devs.blogspot.com/p/more-qna-10x.html)
Is it just me or did “track.xevent” stop working?
ReplyDeleteStill works for me!
Deletehi I tried track.xevent, not working anymore...
ReplyDeleteStill works for me!
DeleteStill works for me too. The header entry that Mojito needs is the "token:" header. Here is another ".xevent" request that sometimes includes this header (there are probably several of these requests):
DeletebundledServiceController.xevent
If you don't see a line starting with "token:" in any of those requests, then just search for ".xevent" and look at each one until you find the "token:" line. Also, make sure you expand every section of the http request headers so everything is displayed. Sorry this part is so annoying. The requests that the Mint web page makes are not exactly the same from user to user.
The bundledServiceController.xevent did it ! thanks, will go to the next steps.
DeleteAre we required to follow these steps everytime we want to sync or is it supposed to be a one time authentication?
ReplyDeleteEvery time. You are essentially piggybacking on to the Mint session you started when you logged in to Mint. That session times out after 10 minutes or so unless you keep the Mint login session alive (by clicking links periodically in mint.com).
DeleteThis comment has been removed by the author.
ReplyDeleteThis comment has been removed by the author.
ReplyDeleteCan't find anything that looks remotely like a token header in the Network requests - also it appears that Mint has switched to mint.intuit.com.
ReplyDeleteAny new insights on how to scrape the headers?
Anyone else getting this error: Exception: UiApp has been deprecated. Please use HtmlService instead.
ReplyDeleteYep. I just fixed it. https://b3devs.blogspot.com/2019/02/mojito-version-121-is-available-fixes.html
DeleteHi all - I recently started using Mojito and love it but I hav ea couple qusetions:
ReplyDelete- Everytime I log in, I have to re-enter the HTTP headers? Is the correct?
- If I made a change (for example, a date in Mint, Mojito picks up the raw data and not the updated date from Mint?)
- If I make a change on the txn sheet (again, change date) and save. I then sync all with Mint, it goes back to the original date?
It sounds like my version isn't picking up any changes and is always syncing with the raw data from Mint.
I searched the FAQ page but couldn't find any answers. Appreciate your support.
Hi Stat, some answers for you.
Delete1. Yes, you have to supply the http headers every time you want to connect Mojito with you Mint account. The reason is that Mojito uses your active Mint login session to access your Mint account. The Mint session times out after 60 seconds (?) of activity, and when this happens the http headers you pasted into Mojito are no longer valid. (Mojito use to be able to log in to Mint directly, but Mint made some authentication changes that put an end to that.)
2. For the txn date, Mint provides two date fields: 'odate' (original txn date) and 'date' (Mint's [editable] date). Mojito alway uses the 'odate' field if it exists, then falls back to the 'date' field if it doesn't. Mojito used to only use the 'date' field, but I had a user request the 'odate' field (and I noticed it often had the correct date of the txn and not a day later), so I made the change to use 'odate' first. I suppose I could add an option to the Settings sheet allowing you to choose which date field to use, but I've never had anyone bring it up as a problem until now...
3. You can change the txn date in Mojito and it will get updated in Mint, you just won't see it when you sync Mojito with Mint (because Mojito uses the 'odate' field, see #2 above). You can change other fields, too. I often change the category, add tags, and create split items after I've downloaded my latest transactions.
Hope this helps.
Cheers,
-b3
Typo correction: The Mint session times out after 60 seconds of INactivity, ...
DeleteAlso note that if you keep going back to the Mint page and clicking something to keep the session alive, the Mojito session will remain valid also.
I'm not getting any track.xevent entries, or oauth entries. Using Chrome Version 75.0.3770.100 (Official Build) (64-bit).
ReplyDeleteLooks amazing, hope i can get it working.
I have the same version of Chrome and it's working for me. Be sure you are viewing the OVERVIEW page in Mint (top left link). As that page loads, the "track.xevent" is what you want to filter for on the Network pane of the DevTools window. Also, make sure all of the sections of the HTTP headers are expanded before copying them to the clipboard (Response Headers, Request Headers, Form Data).
DeleteNot working for me either. No: track.xevent
ReplyDeleteNvrmind you need to filter for: bundledServiceController.xevent
ReplyDeleteSuper helpful, thanks!
DeleteThis worked!!!
DeletebundledServiceController.xevent
Please update the instructions.
I made a new copy of 1.2.1 and am following these instructions.
ReplyDeleteI DO find the "track.xevent" entry, but I don't see the Form Data section, and I'm getting this error:
Unable to find "cookie:" entry in HTTP headers
Here's a sample of what I DO see - note "Cookie":
DeleteRequest URL:https://mint.intuit.com/app/track.xevent
Request Method:POST
Remote Address:54.201.237.152:443
Status Code:
200
Version:HTTP/2
Referrer Policy:no-referrer-when-downgrade
Response Headers (426 B)
Raw Headers
cache-control
no-cache, no-store, must-revalidate,
content-language
en-US
content-type
application/json;charset=UTF-8
date
Sat, 08 Feb 2020 00:05:07 GMT
expires
0
pragma
no-cache
server
Mint App
strict-transport-security
max-age=16000000; includeSubDomains; preload;
X-Firefox-Spdy
h2
x-frame-options
SAMEORIGIN
x-is-fdp-user
true
x-mint-end
15xxxxxxx89
x-mint-start
1581120307472
Request Headers (2.226 KB)
Raw Headers
Accept
*/*
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US,en;q=0.5
ADRUM
isAjax:true
Connection
keep-alive
Content-Length
104
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Cookie
ius_session=A1xxxxxxxxxxxxxxxxx82
DNT
1
Host
mint.intuit.com
Origin
https://mint.intuit.com
Referer
https://mint.intuit.com/overview.event
TE
Trailers
User-Agent
Mozilla/5.0 (Windows NT 10.0; …) Gecko/20100101 Firefox/72.0
X-Requested-With
XMLHttpRequest
I'm not sure if it matters, but I'm using Firefox.
Delete