I've made it a long way on my own, but I just can't get past this response from my API request.
This request requires HTTP authentication (message=Exception authenticating OAuth; errorCode=003200; statusCode=401).
I can get the institution login info from getInstitutionDetails without any problem. So I don't believe it is an issue with signing the oauth saml.
Here's my request body which I sent via CURLOPT_POSTFIELDS
<InstitutionLogin xmlns="http://schema.intuit.com/platform/fdatafeed/institutionlogin/v1">
<credentials>
<credential>
<name>Banking Password</name>
<value>anyvalue</value>
</credential>
<credential>
<name>Banking Userid</name>
<value>direct</value>
</credential>
</credentials>
</InstitutionLogin>
Here are my request headers (wordwrapped from curl_getinfo).
[request_header] => POST /v1/institutions/100000/logins?
Host=financialdatafeed.platform.intuit.com&
oauth_consumer_key=qyprdQUbzhOiNg0S35hfY3xzlgP7Zl&
oauth_nonce=ZBa3v&
oauth_signature=%2FsLxYpLoO9CtmboCFPSi35t6Yj8%3D&
oauth_signature_method=HMAC-SHA1&
oauth_timestamp=1377217387&
oauth_token=qyprdLxfhfigkfOHMz4yyYwzgf2JyGF3Sk8TOlq8nO0akC23&
oauth_version=1.0 HTTP/1.1
Host: financialdatafeed.platform.intuit.com
Accept: */*
Content-Type: application/xml
Content-length: 308
Accept-Encoding: gzip,deflate
Authorization: OAuth oauth_version="1.0",
oauth_nonce="ZBa3v",
oauth_signature_method="HMAC-SHA1",
oauth_consumer_key="qyprdQUbzhOiNg0S35hfY3xzlgP7Zl",
oauth_token="qyprdLxfhfigkfOHMz4yyYwzgf2JyGF3Sk8TOlq8nO0akC23",
oauth_timestamp="1377217387",
oauth_signature="/sLxYpLoO9CtmboCFPSi35t6Yj8="
User-Agent: Jakarta Commons-HttpClient/3.1