Incorrect `api_key` or `access_token`

xameeramir edited March 21 in API clients
Following the below steps:
  • created a new app at
  • obtained the `API key` from the app details page
  • obtained the `API secret` from the app details page
  • calling the holdings API using curl like this:
curl -X GET -H 'Authorization: token <API key>:<API secret>' -H 'X-Kite-Version: 3'
All the steps look correct to me however I'm getting the following error:
"status": "error",
"message": "Incorrect `api_key` or `access_token`.",
"data": null,
"error_type": "TokenException"
I regenerated the `API secret` 3 times from the app details console.
  • rishiswethan
    It's probably because you didn't generate the request token
  • xameeramir
    @rishiswethan The APIs are not fully automated? I was assuming that Kite APIs are stateless APIs so only the API key and secret should have done the trick. I'm going through the webinar now to get a better understanding
  • rishiswethan
    I've read that full automation is not allowed due to regulations. The request token becomes invalid at 7.30AM. I recommend you store this token locally to use for the full day
  • xameeramir
    @rishiswethan I'm not understanding why the documentation only talks about API key and secret only. The request/access token is not mentioned in the API calling flow. Are you sure I really need request/access token?
  • rishiswethan

    Use the above link to log into your account, after which you should be getting a request as part of the link it's redirected to. Use that token to generate a session. Using the equivalent of this call in your language of choice

    kite.generate_session(request_token=request_token, api_secret=secret_api_key)

    This should give you the access token
  • rishiswethan
    You need to manually log in for getting the access key
  • xameeramir
    @rishiswethan This is getting crazy now! I got the request_token from Login API in the redirect url query param. I'm concatenating api_key, request_token and api_secret at Online hash generator. All the required info is being passed to Token API but now it gives a new error TokenException - Invalid `checksum`.
  • rishiswethan
    I'm not sure about this particular error, maybe the developers can help
  • xameeramir
    xameeramir edited March 31
    @rishiswethan thanks for the help here! I'm able to get the entire flow going. Thanks a lot! The original issue was that I was passing API secret instead of access_token in the Holdings API. You can close this thread and thanks a lot for being so helpful! :)
Sign In or Register to comment.