I've noticed some institutions have a multi-step MFA, for example the first MFA question will be a "token style" request for a phone number, which after submitting, the user gets a text and needs to respond with a token. How does one detect this situation and submit the final step to Yodlee?
Ok this is what Yodlee calls a "Multi level" MFA. You can use DagMultilevel to test this. When checking for an MFA request, this must be in a loop, such that you keep checking after each MFA response to see if "isMessageAvailable" is true.