It looks like you're new here. If you want to get involved, click one of these buttons!
Hello Team,
I am trying to integrate with the Kite Connect API using a Node.js backend. I am consistently encountering contradictory length validation errors from the /session/token endpoint during the access token exchange process, despite verifying that my API key and checksum meet the specified length requirements on my end.
I have followed all the setup steps diligently, including:
.env file in my project root with KITE_API_KEY and KITE_API_SECRET.http://127.0.0.1:3000/callback, which matches my Node.js application.My Node.js application's debug logs confirm that the API key and checksum values being sent in the POST request are of the correct type and length. However, Kite's API is returning errors stating they are too short.
Here are the relevant details:
Kite Connect API Version: v3 (as per login URL)
Kite Connect Client: Custom Node.js implementation (using Axios and crypto for checksum)
Node.js Version: (Please fill in your exact Node.js version here, e.g., v20.x.x. You can find this by running node -v in your terminal.)
Steps to Reproduce:
node server.js).http://127.0.0.1:3000/login in a browser.http://127.0.0.1:3000/callback, the error occurs.Current API Key (from my Kite Console and used in .env):
[YOUR_ACTUAL_API_KEY_HERE - DO NOT PASTE IN PUBLIC FORUM]Current API Secret (from my Kite Console and used in .env):
[YOUR_ACTUAL_API_SECRET_HERE - DO NOT PASTE IN PUBLIC FORUM]Complete Stack Trace/Debug Logs from my Terminal (in debug mode):
*(IMPORTANT: When you paste your terminal output below, **manually find and replace your API key** (`qq6u13gyilhil8uj`) and **API secret** (`e9y6seezyuspyornmzuorcixucrcwa8a`) with a placeholder like `[REDACTED_API_KEY]` or `[REDACTED_API_SECRET]` wherever they appear in the logs. This includes lines like "Initial Load Debug: API_KEY" and "Using API_KEY (in callback scope)", and within the "Axios POST Payload".)*
(base) mvbhopal@mvbhopal-mac DynamicStockPortfolio % node server.js &
[1] 30673
(base) mvbhopal@mvbhopal-mac DynamicStockPortfolio % Initial Load Debug: API_KEY = '[REDACTED_API_KEY]' (Length: 16, Type: string)
Initial Load Debug: API_SECRET = '[REDACTED_API_SECRET]' (Length: 32, Type: string)
Server running at http://localhost:3000
Redirecting to Kite login: https://kite.zerodha.com/connect/login?api_key=[REDACTED_API_KEY]&v=3&redirect_uri=http://127.0.0.1:3000/callback
--- Inside /callback route ---
Received request_token: dsiPYqoSsJhMiv4SW9LvJdYEsYGOELkg
Using API_KEY (in callback scope): [REDACTED_API_KEY]
Using API_SECRET (in callback scope): [REDACTED_API_SECRET_FIRST_5_CHARS]...
Calculated Checksum: 5a9c15a9295abc456f317848e5a9101f8473e93633f4e95fd2e48f2a072b0961
--- Axios POST Payload (what we send) ---
{
api_key: '[REDACTED_API_KEY]',
request_token: 'dsiPYqoSsJhMiv4SW9LvJdYEsYGOELkg',
checksum: '5a9c15a9295abc456f317848e5a9101f8473e93633f4e95fd2e48f2a072b0961'
}
--- End Axios POST Payload ---
--- ERROR during token exchange ---
Failed to get access token. Error details:
Status: 400
Data: {
status: 'error',
message: '`api_key` should be minimum 6 characters in length.',
data: null,
error_type: 'InputException'
}
Headers: Object [AxiosHeaders] {
date: 'Fri, 23 May 2025 13:19:59 GMT',
'content-type': 'application/json',
'content-length': '124',
connection: 'keep-alive',
'cf-cache-status': 'DYNAMIC',
'strict-transport-security': 'max-age=15552000; includeSubDomains',
'set-cookie': [
'_cfuvid=ifwe9iFthYaMe3vRMA7njGQFsQavC8a3odTfQb66JfI-1748006399196-0.0.1.1-604800000; path=/; domain=.kite.trade; HttpOnly; Secure; SameSite=None'
],
server: 'cloudflare',
'cf-ray': '9444d91acd7f17a8-MAA',
'alt-svc': 'h3=":443"; ma=86400'
}
Redirecting to Kite login: https://kite.zerodha.com/connect/login?api_key=[REDACTED_API_KEY]&v=3&redirect_uri=http://127.0.0.1:3000/callback
--- Inside /callback route ---
Received request_token: Ntgppq21oAh6UOXzUtI0L18O03xK7190
Using API_KEY (in callback scope): [REDACTED_API_KEY]
Using API_SECRET (in callback scope): [REDACTED_API_SECRET_FIRST_5_CHARS]...
Calculated Checksum: 92411aa797dac5bd30999eb1ad6142cc1d9fb32fd31e0b1c252e843a3132b739
--- Axios POST Payload (what we send) ---
{
api_key: '[REDACTED_API_KEY]',
request_token: 'Ntgppq21oAh6UOXzUtI0L18O03xK7190',
checksum: '92411aa797dac5bd30999eb1ad6142cc1d9fb32fd31e0b1c252e843a3132b739'
}
--- End Axios POST Payload ---
--- ERROR during token exchange ---
Failed to get access token. Error details:
Status: 400
Data: {
status: 'error',
message: '`checksum` should be minimum 10 characters in length.',
data: null,
error_type: 'InputException'
}
Headers: Object [AxiosHeaders] {
date: 'Fri, 23 May 2025 13:20:21 GMT',
'content-type': 'application/json',
'content-length': '126',
connection: 'keep-alive',
'cf-cache-status': 'DYNAMIC',
'strict-transport-security': 'max-age=15552000; includeSubDomains',
'set-cookie': [
'_cfuvid=.3EVw_M3SsNPrtw4.E1bWQNXgp.AfW712FwDIwi1F1E-1748006421043-0.0.1.1-604800000; path=/; domain=.kite.trade; HttpOnly; Secure; SameSite=None'
],
server: 'cloudflare',
'cf-ray': '9444d9a36aa847be-BOM',
'alt-svc': 'h3=":443"; ma=86400'
}
I believe all my client-side configurations are correct as per your documentation and my debug logs. It seems there might be an issue on the API's end with validating these specific values for my account. Any assistance would be greatly appreciated.
Thank you.
