TOTP Invalid (AB1050) even with correct code in Python & Google Authenticator

S565246

Hello SmartAPI Team,

I am facing a TOTP login issue with the SmartAPI Python SDK.
Details of my setup:

Client ID: S565246

API Key: (provided in .env, verified correct)

TOTP Secret: From SmartAPI, stored in .env exactly as given (Base32 format, no spaces)

MPIN: Correct and working in mobile app

Python Library: pyotp

System Time: Synced with NTP, matches phone time

What’s happening:

The TOTP code generated in Python matches exactly with the one shown in Google Authenticator.

Despite that, every login attempt returns:

"status": false,
"message": "Invalid totp",
"errorcode": "AB1050",
"data": null

Tried 3 attempts with fresh codes; same result every time.

This happens even immediately after generating the TOTP, well within the 30-second validity window.

Steps already tried:

Verified .env secret matches the one provided on SmartAPI portal.

Removed spaces and ensured all uppercase letters.

Synced PC time with internet time servers.

Confirmed Python-generated TOTP = Google Authenticator TOTP.

Retried after waiting a few minutes in case of rate limits.

Sample log:

=== Attempt 1/3 ===
[INFO] Using fresh TOTP: 085893
[RESULT] {'status': False, 'message': 'Invalid totp', 'errorcode': 'AB1050', 'data': None}

Could you please:

Check on your server logs for my Client ID (S565246) for recent login attempts.

Confirm if there is any new format, encoding, or configuration for the ANGEL_TOTP_SECRET.

Let me know if there are any recent changes to the TOTP verification logic.

Thank you,
Swapnil Mahajan!