Behind a ComfirstCU login sits a member's whole Community First Credit Union relationship: share and loan balances, posted and pending transactions, transfers, scheduled Bill Pay, debit-card controls and a SavvyMoney credit score — all served from the credit union's online-banking back end at onlinebanking.comfirstcu.org, per the credit union's own Digital Banking page. That authenticated portal, not the marketing site, is the surface worth integrating. The app is iPhone and Android, and the listing notes a member must already be enrolled in online banking before any of it works.
This page maps what that login exposes, the route we would take to reach it under the member's authorization, and the working code we hand back. Community First is a small Northern California institution; the data shapes are ordinary retail-banking shapes, which is good news for a connector.
What sits behind the member login
Every row below is a surface the app itself presents, named the way Community First names it. Granularity is what a consenting member can see in their own session; an integrator reads the same fields, no more.
| Data domain | Where it shows up in the app | Granularity | What an integrator does with it |
|---|---|---|---|
| Balances | Account dashboard after login | Per share and loan, current and available | Cash-position checks, low-balance alerts, treasury sync |
| Transaction history | View Balances & Transaction History | Per item: date, description, amount, running balance, category | Ledger reconciliation, categorization, bookkeeping feeds |
| Transfers | Transfer Funds | Between the member's own shares and loans | Recording and, where authorized, initiating internal moves |
| Bill Pay | Bill Pay menu | Payee list, scheduled and sent payments, status | Payment-status sync, payee reconciliation |
| Mobile deposit | Deposit a Check (sign, snap, submit) | Deposit item: amount, capture status | Deposit confirmation and clearing tracking |
| Card controls | Card Services | Debit-card status and on/off controls | Card-lifecycle automation, freeze and reactivation workflows |
| Credit score | SavvyMoney panel | Score and factors, sourced from a third party | Score monitoring — tagged as vendor data, not a CFCU balance |
| Statements | eStatements in online banking | Periodic PDF documents | Document archival and bulk history backfill |
The branch and Co-Op ATM locator is in there too, but it is static reference data, not member data, so it rarely earns a place in an integration.
Reaching it under the member's authorization
The United States has no mature, in-force open-banking mandate the way the UK or Brazil do, so the dependable footing here is consent, not a regulator's data-sharing API. Two routes carry the work, with a third as a top-up.
Authorized session integration against the portal
We study the traffic between a consenting member's app and onlinebanking.comfirstcu.org, then re-implement the calls that return balances, transactions, transfers, payees and card state. This reaches everything the member can see and does not wait on any rule that is still being rewritten. Effort is moderate; durability depends on how often the credit union changes its front end, which we plan for in maintenance.
Aggregator-mediated access
Where Community First is reachable through a data aggregator, an OAuth-style hop hands back a token instead of a stored password — MX's own primer lays out why the token route beats credential screen-scraping for stability and security. This is useful when you want a normalized multi-bank feed and Community First is one institution among many. Coverage for a credit union this size varies, so we confirm reachability before promising it.
Native export
eStatements and transaction exports give a clean, low-friction path for historical documents and periodic backfill, though they are batch, not real-time.
For ComfirstCU we would build on the consenting-member session against onlinebanking.comfirstcu.org — it touches every surface the member sees and leans on consent rather than an unsettled data-rights rule. An aggregator hop or statement export earns its place only where you specifically need a normalized multi-institution feed or bulk document history.
What lands in your repository
You get a working integration, not a report about one. Tied to ComfirstCU's actual surfaces, that means:
- An OpenAPI / Swagger specification covering the endpoints we re-implement — accounts, transactions, transfers, payees, card state.
- A protocol and auth-flow report: how the session is established, how the device-bound credential and server challenge fit together, and how tokens or cookies refresh.
- Runnable source for the key endpoints in Python or Node.js, with a sample that lists accounts and pulls a date-ranged transaction set.
- Automated tests, including fixtures for the transaction shape and the re-authentication path.
- Interface documentation a developer can follow without us in the room.
- Compliance and data-retention notes: consent capture, what to log, what to minimize, how revocation propagates.
A transaction pull, sketched
Illustrative only — field names and the exact challenge sequence are confirmed against captured traffic during the build, not asserted here as the credit union's published contract.
POST onlinebanking.comfirstcu.org/auth/session
body: { member_id, device_attestation } # Face ID / Touch ID releases a device-held credential
-> 200 { session_token, mfa_required: bool } # server still issues its own session
# if mfa_required, complete the challenge, then:
GET onlinebanking.comfirstcu.org/accounts
Authorization: Bearer <session_token>
-> [ { account_id, type: "share"|"loan", balance, available } ]
GET onlinebanking.comfirstcu.org/accounts/{account_id}/transactions?from=2026-05-01&to=2026-05-31
Authorization: Bearer <session_token>
-> [ { posted_date, description, amount, running_balance, category, pending } ]
# handle 401 by refreshing the session; back off if the fraud layer flags the cadence
The shape is deliberately boring. A retail credit union exposes the same nouns most banks do, so the connector's risk lives in session handling and the fraud layer, not in exotic data.
Consent, and where the US rules actually stand
Community First is a federally insured credit union under NCUA oversight, and member data handling falls under the Gramm-Leach-Bliley Act and its Regulation P privacy rule. None of that grants a third party a data feed; what does is the member saying yes. So consent is the legal and engineering spine of any build: the account holder authorizes the access, scopes it to the data needed, and can revoke it, and we keep records of that consent.
People expect a word on CFPB Section 1033. The Personal Financial Data Rights rule was finalized in 2024, but a federal court has enjoined the CFPB from enforcing it and the agency reopened it for reconsideration, issuing an Advance Notice in August 2025 that even reconsiders whether providers may charge for access. We do not treat its compliance dates or scope as settled obligations, because they are not. For Community First specifically, the integration rides on member authorization today and would adopt whatever Section 1033 finally requires once it lands. Data minimization, NDAs where you need them, and a logged consent trail are how we operate in the meantime.
Notes from building against a credit union like this
Two things shape a Community First connector more than the data shapes do.
First, the SavvyMoney credit score is a third-party panel rendered inside the app, not a figure from the credit union's ledger. We separate score fields from native account fields so a downstream consumer never mistakes a vendor score for a CFCU balance, and we make including the score an explicit choice rather than a silent default.
Second, Community First describes behavioral-biometrics fraud protection and links external accounts for money-management. The fraud layer means session establishment is sensitive to automation that does not look like a person, so we run inside a consenting member's authenticated session and pace requests to read like ordinary app use, with a clean re-auth path around the device-binding and MFA step. The external-linking feature means some balances in the app are aggregated from other institutions, so we split native CFCU accounts from linked external ones and return only the in-scope data. When the credit union updates its online-banking front end, our maintenance step re-captures the affected flows and patches the parser before the feed drifts. Access — a sponsor sandbox or a consenting member account — is arranged with you during onboarding; it is part of the project, not a hoop to clear first.
Freshness and what can break
Balances and posted transactions are effectively real-time in the member's session; pending items resolve on the credit union's posting cycle, so a connector that polls should treat pending and posted as distinct states. Consent itself can expire or be revoked, which we surface as an explicit feed state rather than a silent gap. The front end changing is the usual cause of breakage, and the SavvyMoney panel can update on its own schedule independent of account activity.
Cost and cadence
A working ComfirstCU connector — session handling, the balance and transaction endpoints, tests and the interface doc — typically lands in one to two weeks. Source-code delivery starts at $300: you receive runnable API source plus documentation, and you pay after delivery, once the build is in your hands and does what you asked. If you would rather not host anything, the same integration runs as a pay-per-call hosted API — you call our endpoints and pay only for the calls you make, with no upfront fee. Tell us the app and what you want out of its data on the contact page and we will scope it.
Interface evidence
Public Play Store screenshots of ComfirstCU, for reference to the surfaces described above. Select any to enlarge.
Other credit-union apps in the same picture
If ComfirstCU is one institution in a wider Northern California or US credit-union footprint you want to integrate, these neighbors hold comparable member data and normalize into the same schema. Listed for context, not ranked.
- Redwood Credit Union — the other large Santa Rosa institution; balances, transactions, transfers and card data behind a member login.
- Patelco Credit Union — statewide California membership with a heavily used app covering deposits, payments and cards.
- Golden 1 Credit Union — broad California reach; standard retail balances, transactions and bill payment.
- SchoolsFirst Federal Credit Union — accounts, history, mobile deposit, transfers and bill pay for education-sector members.
- Navy Federal Credit Union — national membership; deep account, card and loan data behind authentication.
- PenFed Credit Union — nationwide accounts, transactions and card servicing.
- Alliant Credit Union — digital-first credit union with the same balance, transaction and transfer surfaces.
- BECU — large Pacific Northwest credit union holding equivalent member-banking records.
Questions integrators ask about ComfirstCU
There are several credit unions called Community First — which one is this app for?
This ComfirstCU app (package com.communityfirstcu.communityfirstcu, per its Play Store listing) belongs to Community First Credit Union headquartered in Santa Rosa, California, with members around Santa Rosa, Clearlake, Lakeport, Ukiah and Fort Bragg. Its online-banking host is onlinebanking.comfirstcu.org. We pin down the exact institution at the start so the connector targets the right back end rather than a same-named credit union in another state.
Does a build pull the SavvyMoney credit score, or only core account data?
The score and its factors come from SavvyMoney, a third party surfaced inside the app, not from the credit union's own ledger. We can include it, but we tag it separately from native account data so your downstream systems never treat a vendor score as a CFCU balance. Most integrators want the account, transaction and card surfaces first and treat the score as optional.
With CFPB Section 1033 not in force, what is the legal basis for accessing a member's data?
The dependable basis is the member's own authorization: the account holder consents to the access and can revoke it. Section 1033, the CFPB Personal Financial Data Rights rule, was finalized in 2024 but is currently enjoined and back in agency reconsideration, so we treat it as where the rules may go rather than as today's requirement. We keep consent records, read only what the project needs, and work under NDA where you want one.
How does the connector handle Face ID and the behavioral-biometrics login?
Device biometrics like Face ID release a credential on the member's own device; the server still issues a session after its own challenge. We build the connector to run inside a consenting member's authenticated session and to re-authenticate cleanly when that session expires, pacing requests so they read like ordinary app activity rather than tripping the fraud layer. Access is arranged with you during onboarding.
What I checked
For this write-up I read Community First Credit Union's own Digital Banking page for the feature set and the online-banking host, the app's Play Store listing for the package id and feature list, MX's primer on OAuth versus screen-scraping for the access mechanics, and the CFPB's reconsideration docket plus the August 2025 Advance Notice for the Section 1033 status. The regulatory picture is the part most likely to move, so it is dated rather than stated as fixed.
Citations: Community First CU — Digital Banking · MX — APIs, OAuth and screen scraping · CFPB — Personal Financial Data Rights Reconsideration · Federal Register — Reconsideration ANPRM (Aug 2025)
Mapped by the OpenBanking Studio integration desk · reviewed June 2026.
ComfirstCU — app profile
ComfirstCU is the mobile banking app for Community First Credit Union of Santa Rosa, California, on iOS and Android (package com.communityfirstcu.communityfirstcu per its Play Store listing). Per the listing and the credit union's site, it offers mobile check deposit, Bill Pay, balance and transaction viewing, fund transfers, card services, Touch ID / Face ID sign-in, a SavvyMoney credit score, behavioral-biometrics fraud protection, money-management tools with external-account linking, and a branch and Co-Op ATM locator. Members must be enrolled in online banking; further detail is at comfirstcu.org. This profile is a neutral recap for integration context.