Invalid token

singhji
singhji edited July 28 in Python client
Hi,

Below is my code:
api_public = xxxxxxx
api_private = yyyyyyy

kite = KiteConnect(api_public)
request_token = kite.login_url()
print(request_token)
access_token = kite.generate_session(kite.login_url(), api_secret = api_private)
kite.set_access_token(data[access_token])

I do get the following as my request token: https://kite.trade/connect/login?api_key=xxxxxxx&v=3

I am getting the following errors with access_token. I checked the hexdigest module and everything is fine there too. Can anyone direct me to solving this error?
DEBUG:urllib3.connectionpool:https://api.kite.trade:443 "POST /session/token HTTP/1.1" 403 None
Traceback (most recent call last):

File "<ipython-input-1-ea6aa0483439>", line 1, in <module>
runfile('/Users/mgz1985/OneDrive/Zerodha/zerodha_mcx.py', wdir='/Users/mgz1985/OneDrive/Zerodha')

File "/opt/anaconda3/lib/python3.7/site-packages/spyder_kernels/customize/spydercustomize.py", line 827, in runfile
execfile(filename, namespace)

File "/opt/anaconda3/lib/python3.7/site-packages/spyder_kernels/customize/spydercustomize.py", line 110, in execfile
exec(compile(f.read(), filename, 'exec'), namespace)

File "/Users/mgz1985/OneDrive/Zerodha/zerodha_mcx.py", line 25, in <module>
access_token = kite.generate_session(kite.login_url(), api_secret = api_private)

File "/Users/mgz1985/OneDrive/Zerodha/kiteconnect/connect.py", line 255, in generate_session
"checksum": checksum

File "/Users/mgz1985/OneDrive/Zerodha/kiteconnect/connect.py", line 824, in _post
return self._request(route, "POST", params)

File "/Users/mgz1985/OneDrive/Zerodha/kiteconnect/connect.py", line 889, in _request
raise exp(data["message"], code=r.status_code)

TokenException: Token is invalid or has expired.
PS: I have already watched the webinar from 2017 (https://kite.trade/forum/discussion/2005/invalid-checksum), but the method is not valid in v3.

PSS: Btw, there is no video for v3 usage or support?
  • singhji
    Below is the original method - generate_session - in the code:
    h = hashlib.sha256(self.api_key.encode("utf-8") + request_token.encode("utf-8") + api_secret.encode("utf-8"))
    checksum = h.hexdigest()

    resp = self._post("api.token", {
    "api_key": self.api_key,
    "request_token": request_token,
    "checksum": checksum
    })


    if "access_token" in resp:
    self.set_access_token(resp["access_token"])


    My doubt is how is 'access_token' been created in the dictionary 'resp'
  • sujith
    You can refer to this thread.
  • singhji
    not working. Getting the same error again. Those threads are not related to Python. Also, I copied the request_token, and pasted it in my browser, it gives me the following:
    {"status":"error","message":"Invalid `api_key`","data":null,"error_type":"InputException"}

    My API Key is correct. Does someone know how to get this resolved or not?
  • rakeshr
    Can you paste complete access_token generation code with the flow you do?
    Above pasted code seems to be incomplete. As we don't see data variable used for access_token being assigned anywhere.
    kite.set_access_token(data[access_token])
  • singhji
    kite = KiteConnect(api_public) # this the api_key
    # Redirect the user to the login url obtained
    # from kite.login_url(), and receive the request_token
    # from the registered redirect url after the login flow.
    # Once you have the request_token, obtain the access_token
    # as follows.
    request_token = kite.login_url() # This value must be stored in database in the dataframe for daily
    print(request_token)
    data = kite.generate_session(request_token, api_secret = api_private) # api_private is the secret api
    kite.set_access_token(data[access_token])
  • rakeshr
    The above flow is correct. Unless you copy the wrong request_token or API secret key(available in connect app dev page). Can you once re-check on both of these fields?
  • singhji
    done that Rakesh.. is it possible that this is happening because I am running it on anaconda?
  • singhji
    tried it from the terminal and same error persists. Btw, something popped up in my mind. In all my trading bots, I have to give permissions to API, but in Zerodha/Kite, no such prompt has been asked by me so far. Is it because of this lack of permissions, that I am not getting the access_token? If Yes, then how do I get this prompt?
  • rakeshr
    is it possible that this is happening because I am running it on anaconda?
    Though there are few permission related issues on Anaconda env, you can refer pyclient FAQs to know. But, above one doesn't seem to be related to Conda env.
    Zerodha/Kite, no such prompt has been asked by me so far.
    If you are not authorized/first login on your connect app, either you will get a prompt to give permission or an error of user is not authorised on App. Even you can check for all permitted app on Kite web under App section.
    that I am not getting the access_token?
    Are you not getting an access_token or you are getting access_token but set_access_token is generating error? kite.set_access_token(data[access_token])
  • singhji
    I saw in the kite connect app, and the necessary permissions are correctly set.

    In regards to the access_token, when I run print(data), this. is what I get:
    DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): api.kite.trade:443
    DEBUG:urllib3.connectionpool:https://api.kite.trade:443 "POST /session/token HTTP/1.1" 403 None

    I think at my end everything is good now. Do you have any further suggestions?
  • rakeshr
    In regards to the access_token, when I run print(data), this. is what I get:
    DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): api.kite.trade:443
    No, print(data) should return this user_detail response, which will have "access_token" field. From that's what you are extracting access_token here data['access_token']
  • singhji
    So the issue of checksum remains from the beginning. Does your team know how to resolve this?

    If you see the details in the error posted, the throwback is related to checksum.
Sign In or Register to comment.