Guide to secure your SmartAPI Account with two factor authentication

Ashok

@mudit236 AB's release management is a joke which we all know

Ashok

@aj_Brk Secret is time based one generated by local app or code using the secret key or QR code. It will be authenticated against the masterkey with AB servers. So it is possible

Ashok

@anil_patel You can generate using code locally . for example for Python, use pyotp package

Ashok

@ravitandur It is same API, so should be working. only extra totp need to be sent.

aj_Brk

@Ashok what i meant is you can't get this secret by just username and password as Anil is asking. One has to go to enable otp page to get this code one time.

Ashok

@aj_Brk correct

aj_Brk

@babitakundu i guess you have to manually download the repo and run python setup.py install. I dont see the code yet updated on pip

Ashok

@aj_Brk Admins are adding in pip. If you want to try meanwhile, edit directly in local or download from github.

Meenavenkit

@babitakundu just replace the generatesession def with new one. it worked for me. You have to manually edit in source file

milind017

@aj_Brk code generated from "pyotp" not working for me, getting below output with your code. Any suggestion. If I am using the code from DUO app I am able to login successfully
data = obj.generateSession(clientCode, password, totp.now())
print(data)

Shell output:
pyotp: 586380
{'status': False, 'message': 'Invalid totp', 'errorcode': 'AB1050', 'data': None}

Ashok

@milind017 this need to do like this.

totp = pyotp.TOTP(s='secret key in qr uri after qr generation'

And then the generate session.

milind017

@Ashok Yes did the same. Still getting the same
obj = SmartConnect(api_key=historyApiKey)

totp = pyotp.TOTP(s='secret key in qr uri after qr generation')
print("pyotp",totp.now())

attempts = 5
while attempts > 0:
attempts = attempts-1
data = obj.generateSession(clientCode, password, totp.now())
print(data)
if data['status']:
break
time.sleep(2)

SSumit

@gautamnaik1994 https://smartapi.angelbroking.com/topic/2383/automate-totp-login-using-python-module-pyotp

milind017

@SSumit
I have tried with shared link code, still getting the same

Shell Output:
with TOTP: 932310
With parse_uri: 932310
{'status': False, 'message': 'Invalid totp', 'errorcode': 'AB1050', 'data': None}

aj_Brk

@milind017 I see that you have put condition in if data['status'] , is it going in retry at all ?

aj_Brk

@milind017 try with this condition

if not data['message'].contains('Invalid totp'):
break

Ashok

@milind017 @aj_Brk why retry, it passed almost always on first time. Anyway. Not sure why parse_uri is needed.. also just pass totp as a string

gokul

TypeError: SmartConnect.generateSession() takes 3 positional arguments but 4 were given

aj_Brk

@Ashok Actually you are right it works most of the time , but for those rare instances where by the time your request went and it expired on server side , i had added retry. It happened to me once perhaps due to slow code execution or internet.

aj_Brk

@gokul try the latest library - pip install smartapi-python --upgrade . It appears the new version is live now