Guide to secure your SmartAPI Account with two factor authentication
-
@admin not open link
-
@labeebta what should be the Secret Key to Generate TOTP?
-
@admin It already 13:00 and the link still does not work. How can I access the API ?
-
The link http://smartapi.angelbroking.com/enable-totp is not working @admin @administrators . Please help. already last 2 days your APIs never worked with all changes you did without proper testing.
Resolve this please.
-
-
@admin The site is working but OTP is not working or sent to the email.
-
Hi folks
If anyone looking for automating totp part , you can use the following python sample for the same. The secret here comes after validating on enable-totp url .
from smartapi import SmartConnect # or from smartapi.smartConnect import SmartConnect
import pyotpimport smartapi.smartExceptions(for smartExceptions)
create object of call
obj = SmartConnect(api_key="your api key here ")
login api call
totp = pyotp.TOTP(s='secret key in qr uri after qr generation')
attempts = 5
while attempts > 0:
attempts = attempts-1
data = obj.generateSession("Your client id ", "your password ", totp.now())
if not data['message'].contains('Invalid totp'):
break
time.sleep(2) ###rate limiting might block if we try immediatelyrefreshToken = data['data']['refreshToken']
-
@gautamnaik1994 I have provided a sample code below. You can give it a shot. Worked for me .
-
-
@anil_patel I generated it here - http://smartapi.angelbroking.com/enable-totp . It is printed below QR code
-
-
@ivar
You are not required to pass the TOTP with every order. It needs to be passed only with LoginbyPassword API call to generate the session and fetch the jwtToken, refreshToken and feedToken. These tokens are valid till 5 am of the subsequent day. -
@admin said in Guide to secure your SmartAPI Account with two factor authentication:
https://apiconnect.angelbroking.com/rest/auth/angelbroking/user/v1/loginByPassword
Is this API is working?
When I am trying to use POST method with the above URL and sending the data, getting 415 error. -
@aj_Brk How can I automate this through node js. How can i generate the secret required to generate totp
-
@aj_Brk obj.generateSession() is throwing an error.
TypeError: generateSession() takes 3 positional arguments but 4 were given.
Are you getting the same?
-
@labeebta How to do it in python automatically? can you please brief , sorry im new to python
-
@aj_Brk after generating this at code scan it with Google authenticator app. Then in authenticator app there will be OTP changing every minutes. While login put this current OTP . And it's done.
-
@babitakundu are you providing 4 fields. It only needs 3. I didnt face this exception.
-
@imakr shared the code in the forum. Uses pyotp library
-
@anil_patel i don't think that is possible as the secret is generated by angel servers, logic of which is not shared. We can't do this without secret shared by them.
