Sharing Api keys

I have zero knowledge about api/coding etc that is why i have hired an online programmer to make me an alert based on certain conditions in stocks.They are asking for Api key.If i share that is it safe?Can my brokerage account be compromised in anyways if i do?How do i go about sharing the keys in a safe manner?
  • vaibhavsharma13
    they can trade with your account if you tell them your keys and app code. App code is like otp which comes in kite app. If you only share keys they cant do anything
  • rakeshr
    Along with the API key, they will need an access token, which requires your account credentials such as user ID, passwords, TOTP, etc., in order to have full access to your account. So, it is always advisable to exercise caution when sharing API keys or any kite-related credential with third-party developers, as they can potentially access sensitive information and make transactions on your behalf.
  • OnlyGains
    Ok so i am totally new to this..How do i go about this? Once i sign up for an account at developers.kite with my client code and then he accesses the same account and goes about creating the app etc is that ok..As he is an abroad programmer and does not have his own kite/zerodha account.
  • suprxd
    I think as of now Kite doesn't have role based api keys. What I mean by that is using the same api key you can't control what access the programmer has. If you have balance, so through code, the order can be placed. What you can do is meanwhile the developer is working on the app, don't add any balance. Once the development is over, regenerate the API keys again from developers.kite dashboard and update just the keys yourself. You have to tell your developer that he should develop in a way that you can change the keys later on easily without going into code like through Environment Variables.
  • vaibhavsharma13
    better get a developer with zerodha account
  • tahseen
    1. If notification is basis some PnL of your trade then you cannot ask developer to have his own account to notify you because he won't know the PnL. There is a solution to this also but not very straight forward

    2. If notifications are not based on your PnL then either you can ask the developer to service you notifications using his own account as it is not related to PnL
  • OnlyGains
    Ok i am trying to do this on my own.Is it possible to add all the symbols in api/webhook at one time.How do i add a csv file or txt file in postman .I require all nse cash symbol(1800 in total).

Sign In or Register to comment.