Reporting
Reporting APIs are exposed as a transparent passthrough to the MX Reporting APIs via the Candescent APIs Gateway. After OAuth V2 token validation and routing, the gateway forwards request headers, paths, and query parameters to MX and returns responses unchanged.
The MX Reporting APIs enable institutions to track changes to user data stored on the MX platform without querying each user individually. Daily change files can be requested by date, resource, and action, and are delivered as Avro files with embedded schema metadata for self-describing serialization.
For complete schemas and the full set of supported operations, see the MX Reporting APIs documentation.
End-user benefits
- Track platform-wide data changes (transactions, accounts, and related resources) without querying individual users.
- Enable operational reporting, reconciliation, and downstream analytics with daily MX change feeds.
- Process structured Avro files with embedded schema metadata for reliable batch ingestion.
Integration capabilities
- Transparent passthrough ensures that Reporting headers, paths, and query parameters are forwarded to MX, and that HTTP status codes and Avro (or empty) responses are returned unchanged.
- Gateway controls are applied by Candescent, including OAuth V2
Bearertoken validation, spike arrest, and quota enforcement, before requests are forwarded to MX. - MX routing is configured by setting
ext_hostto the MX Reporting host such aslogs.moneydesktop.com(production) orint-logs.moneydesktop.com(sandbox). - Content negotiation is supported through MX vendor-specific
Acceptheaders, such asapplication/vnd.mx.logs.v1+avroand include institution-scoped path segments as documented for each endpoint.
Required headers
| Header | Description |
|---|---|
Authorization | Bearer {token} (OAuth V2) |
correlationId | UUID used to trace and correlate requests across services for debugging and logging. |
ext_host | MX Reporting upstream host (for example, logs.moneydesktop.com (production) or int-logs.moneydesktop.com (sandbox)). Required for gateway routing; stripped before forwarding to MX. |
Accept | MX vendor media type (for example, application/vnd.mx.logs.v1+avro). Required by MX; forwarded unchanged. |
Error codes
Candescent API Gateway
| Code | Message | HTTP Status Code |
|---|---|---|
| CMN_90000 | Internal server error | 500 |
| CMN_90001 | Client not authorized to access this resource | 401 |
| CMN_90001 | Quota limit violation | 500 |
| CMN_90002 | Spike limit violation | 500 |
| CMN_90008 | Header correlationId is invalid | 400 |
| CMN_90010 | Header correlationId is required | 400 |
| CMN_90010 | Header ext_host is required | 400 |
| CMN_90011 | Invalid or unsupported ext_host | 400 |
| CMN_90018 | Invalid token | 400 |
MX Reporting APIs
For detailed descriptions and error semantics, refer to the MX Reporting APIs documentation.