finance-dl configuration files are plain Python modules, which means theDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/jbms/finance-dl/llms.txt
Use this file to discover all available pages before exploring further.
credentials dict you pass to each scraper can be populated at runtime — not just from string literals. This page covers the credential shapes each scraper category expects and three practical approaches for keeping secrets out of your config file.
Credential Shapes by Scraper Type
Most Selenium-based scrapers expect exactly two keys in thecredentials dict:
| Key | Used by |
|---|---|
username | amazon, comcast, ebmud, google_purchases, healthequity, mint, paypal, pge, schwab, stockplanconnect, usbank, venmo, and others |
password | Same scrapers as username |
token | waveapps (WaveApps API token) |
api_key / api_secret | gemini (Gemini crypto exchange REST API) |
Approach 1 — Interactive Prompt
The simplest safe approach is to callinput() for the username and getpass() for the password. Python will pause and ask for each value at the terminal when the configuration function is evaluated, so the secrets live only in memory and are never written to disk.
getpass() suppresses terminal echo so the password is not visible as you type. This approach works well for occasional manual runs but is unsuitable for fully automated (unattended) execution.
Approach 2 — Environment Variables
For automated runs, populate credentials from environment variables set outside the config file:.env file loaded by a process manager, or a secrets manager that injects environment variables at runtime. The config file itself never contains a secret value.
Approach 3 — External Password Manager
Any tool that can write a secret to stdout can feed credentials into your config. Wrap the call insubprocess.check_output() and decode the result:
gpg, 1password, bitwarden, secret-tool, or any other CLI password manager. The subprocess call happens at the moment the CONFIG_ function is executed, not at import time, so credentials are fetched on demand.
Using profile_dir to Reduce MFA Prompts
Give each scraper its own subdirectory under profile_dir so their browser profiles do not interfere with one another.