Incorrect `api_key` or `access_token`

xameeramir

Following the below steps:

• created a new app at https://developers.kite.trade/apps
  
• obtained the `API key` from the app details page
  
• obtained the `API secret` from the app details page
  
• calling the holdings API using curl like this:
  

curl -X GET https://api.kite.trade/portfolio/holdings -H 'Authorization: token <API key>:<API secret>' -H 'X-Kite-Version: 3'

All the steps look correct to me however I'm getting the following error:

{
    "status": "error",
    "message": "Incorrect `api_key` or `access_token`.",
    "data": null,
    "error_type": "TokenException"
}

I regenerated the `API secret` 3 times from the app details console.

rishiswethan

It's probably because you didn't generate the request token

xameeramir

@rishiswethan The APIs are not fully automated? I was assuming that Kite APIs are stateless APIs so only the API key and secret should have done the trick. I'm going through the webinar now to get a better understanding

rishiswethan

I've read that full automation is not allowed due to regulations. The request token becomes invalid at 7.30AM. I recommend you store this token locally to use for the full day

xameeramir

@rishiswethan I'm not understanding why the documentation https://kite.trade/docs/connect/v3/portfolio/#holdings only talks about API key and secret only. The request/access token is not mentioned in the API calling flow. Are you sure I really need request/access token?

rishiswethan

https://kite.trade/connect/login?api_key=

Use the above link to log into your account, after which you should be getting a request as part of the link it's redirected to. Use that token to generate a session. Using the equivalent of this call in your language of choice

kite.generate_session(request_token=request_token, api_secret=secret_api_key)

This should give you the access token

rishiswethan

You need to manually log in for getting the access key

xameeramir

@rishiswethan This is getting crazy now! I got the request_token from Login API in the redirect url query param. I'm concatenating api_key, request_token and api_secret at Online hash generator. All the required info is being passed to Token API but now it gives a new error TokenException - Invalid `checksum`.

rishiswethan

I'm not sure about this particular error, maybe the developers can help

xameeramir

@rishiswethan thanks for the help here! I'm able to get the entire flow going. Thanks a lot! The original issue was that I was passing API secret instead of access_token in the Holdings API. You can close this thread and thanks a lot for being so helpful!

rishiswethan

Sure!