Guide to secure your SmartAPI Account with two factor authentication

msg2biswajit

@msg2biswajit :

Dear All,

I able to solve PHP API TOTP Login issue and it's working fine for me. Please find the solution as follows for PHP API :

1. Download "GoogleAuthenticator.php" file from https://github.com/PHPGangsta/GoogleAuthenticator

2. Include the file in your login generation PHP file to create the TOTP automatically as follows 

	require_once("GoogleAuthenticator.php");

3. Now generate the TOTP Automatically as follows :

	$authenticator = new PHPGangsta_GoogleAuthenticator();
	$secret = "YOUR SECRET CODE, WHICH SHOWS DURING ENABLE TOTP UNDER GOOGLE BAR CODE";
	$totp = $authenticator->getCode($secret);

4. Update the PHP API function in "SmartApi.php" file as follows :

	public static function GenerateSession($clientcode, $password, $totp)

5. Update the API Parameter in "SmartApi.php" file as follows :

	$api_parameter = ['clientcode'=>$clientcode,'password'=>$password,'totp'=>$totp];

Enjoy PHP API and login. Thanks.

Sukhwant280

@ravindra-e Thanks for the code.. Its working for me but it fails when I pass this token to next steps i.e.
smartApi.getProfile(refreshToken)
smartApi.generateToken(refreshToken)
Error is: Invalid json response.

My understanding is that he refresh token is valid until 5 AM next day, hence I can use the same refresh Token whenever I want to make API calls.

Please correct me if my understanding is wrong here. Thanks in advance

@admin , @Ashok - Please help.

smrtsaravanan

@smrtsaravanan it is working fine now. Ignore it.

I have made a couple of changes. 1st I have declared it like below

obj=SmartConnect(api_key=apikey)
totp = pyotp.TOTP(s='yourkey')
print("pyotp",totp.now())
attempts = 5
while attempts > 0:
attempts = attempts-1
data = obj.generateSession(username, pwd, totp.now())
print(data)
if data['status']:
break
tt.sleep(2)

and entered my new API key.

Hope it helps!

webseos

@aj_Brk I have used similar code as given below , but got the following exception
Exception : Object of type TOTP is not JSON serializable

but then I solved the problem

But then I added last two lines and problem solved the last two lines given at the end of the following code- qrOtp is the code generated here : https://smartapi.angelbroking.com/enable-totp below the QR Code. So you have to generate your own qrOtp code here in this site. Then Install pyotp using command line "pip install pyotp"

My Code Below ( Last line totp = totp.now() is very important)

from smartapi import SmartConnect #or from smartapi.smartConnect import SmartConnect
import config
import pyotp

client_code = "aaaaaa"
client_pass = "bbbbbb"

apiKey="yyyyyyy"
qrOtp = "xxxxxxxx"
totp = pyotp.TOTP(qrOtp)
totp = totp.now()

smartapiObj =SmartConnect(apiKey)

data = smartapiObj.generateSession(client_code,client_pass,totp)
print(data)

A Former User

@admin What about golang library it is updated for totp changes.

admin

Hi @patisupa , we have modified the goLang. Please refer here - https://github.com/angel-one/smartapigo

A Former User

@admin thanks for update

ravindra.e

@smrtsaravanan Can you please paste your code here?

ravindra.e

@Sukhwant280 said in Guide to secure your SmartAPI Account with two factor authentication:

smartApi.generateToken(refreshToken)

Why would you need smartApi.generateToken(refreshToken)?

patanjali196

@admin I am unable to login to smartapi.angelbroking.com/enable-totp URL , But I am able to login to https://smartapi.angelbroking.com/apps with my credentials. But to ToTP i am not able to login, Its saying invalid userid or password. Please help me to resolve this issue.
Thanks.

ganesh

@aj_Brk not working for me

ganesh

@gokul i am also getting same error

ravindra.e

@ganesh
update using pip install smartapi-python --upgrade

Mr Depp

Hello team.

What about the c#.net sdk update ? did you updated to the library or setting some another way to use it ?

Nichil72

@Mr-Depp said in Guide to secure your SmartAPI Account with two factor authentication:

Hello team.

What about the c#.net sdk update ? did you updated to the library or setting some another way to use it ?

Hello Team,
Please update on C#.Net sdk ASAP.

cthomas

@webseos Thanks for your simple and effective answer. This works really well.

nikaashpuri

I have suddenly started getting the following error when logging in using username, password, and otp using the API:

File "abc.py", line 327, in test_login_access
    data = angel_obj.generateSession(user_id, password, totp.now())
  File "/home/ubuntu/py37-venv/lib/python3.7/site-packages/smartapi/smartConnect.py", line 239, in generateSession
    id=user['data']['clientcode']
TypeError: 'NoneType' object is not subscriptable

What is going on here?

clb

@clb Nice

saurabh121

@webseos thank you so much for info its working smooth.

sudha80

@nikaashpuri
I also faced similar issue. After upgrading pyotp the issue is resolved for me

$pip install --upgrade pyotp