Guide to secure your SmartAPI Account with two factor authentication
-
@aj_Brk i passed obj.generateSession(usrname,pwd,totp)
-
I am using the .NET SDK and Now I am getting the Invalid Token error!!
What we can do as I am using the .NET SDK?
-
@babitakundu @admin facing the same error, has the smartapi-python library been updated for totp changes?
-
@mudit236 Yes, the files are updated in github, need to checkout the changes are make them manually.
-
@Ashok Okay thanks, not sure why these changes wouldnt be committed to main from angel one's side as it is a pretty major procedural change
-
@Ashok yes I saw the changes but then also I am getting the same error.
-
@ivar i don't think you need to paas totp everytime. I tested get profile and other apis. It is working like before. Only login has changes.
-
@admin i too had to build the new code manually. Can you get the code merged to main?
-
@mudit236 AB's release management is a joke which we all know
-
@aj_Brk Secret is time based one generated by local app or code using the secret key or QR code. It will be authenticated against the masterkey with AB servers. So it is possible
-
@anil_patel You can generate using code locally . for example for Python, use pyotp package
-
@ravitandur It is same API, so should be working. only extra totp need to be sent.
-
@Ashok what i meant is you can't get this secret by just username and password as Anil is asking. One has to go to enable otp page to get this code one time.
-
@aj_Brk correct
-
@babitakundu i guess you have to manually download the repo and run python setup.py install. I dont see the code yet updated on pip
-
@aj_Brk Admins are adding in pip. If you want to try meanwhile, edit directly in local or download from github.
-
@babitakundu just replace the generatesession def with new one. it worked for me. You have to manually edit in source file
-
@aj_Brk code generated from "pyotp" not working for me, getting below output with your code. Any suggestion. If I am using the code from DUO app I am able to login successfully
data = obj.generateSession(clientCode, password, totp.now())
print(data)Shell output:
pyotp: 586380
{'status': False, 'message': 'Invalid totp', 'errorcode': 'AB1050', 'data': None} -
@milind017 this need to do like this.
totp = pyotp.TOTP(s='secret key in qr uri after qr generation'
And then the generate session.
-
@Ashok Yes did the same. Still getting the same
obj = SmartConnect(api_key=historyApiKey)totp = pyotp.TOTP(s='secret key in qr uri after qr generation')
print("pyotp",totp.now())attempts = 5
while attempts > 0:
attempts = attempts-1
data = obj.generateSession(clientCode, password, totp.now())
print(data)
if data['status']:
break
time.sleep(2)
