I log out of the kite trade webapp when I login into the API. After that if I login into kite trade webapp, I get token exception in API call. Does logging into one session logs out from the other ? I was not like this earlier, has something changed ?
@RASCAL005, The request token is only valid for a couple of minutes and can be used only once. Once you get access token store it in preference or database and re-use it.
@Ajax, @RASCAL005, We are investigating the issue. Is this consistent or intermittent? Can you let us know the steps to reproduce this and also please mention which are the API calls that throws 403?
@sujith This was consistent during the morning. I tried with /quote and /quote/ohlc, both were giving token exception if I login into kite3.trade app on web ui. However, right now, it seems that I can simultaneously login in API and UI, but I am not placing any orders right now so I am not sure. Also If I logout from UI, it API throws Token Exception. It seems logout from UI is some how invalidates the API access token.
@sujith This is not intermittent. Calls start failing consistently .
To Reproduce, follow the steps:
1. Login to client connect API and generate access token using request token. 2. Open python command line (or any other supported language command line). 3. Instantiate a kite connect client object and assign the access token. 4. Open kite3.zerodah.com or kite android app & Login. 5. Try to place an order from using the kite connect client created earlier. You should get a TokenMismatch.
----- Further, if you login again using the connect API, you will be logged out of the andorid app or kite3.
1. Login on kite3.zerodah.com. 2. login to API. This will log you out from kite3.zerodah.com 3. If I login again to kite3.zerodah.com, I will be logged out from API.
The only way it works right now is 1. Login into API first. 2. Then login to kite3.zerodah.com. I saw some intermittent errors with this as well but its not happening consistently. It looks like the order matters right now. This was not something that I saw before yesterday.
@sujith I directly opened https://kite3.zerodha.com/positions and landed on the login page. From the mobile app, I opened the app - It went to the last screen I was on (market-watch). Then it went to the login page.
Whenever 403 is thrown by any of the API calls, Kite web will call logout which will log the user out from everywhere. We are thinking of coming up with a feasible solution for this.
@sujith but you are missing the point here. Why was 403 even thrown in the first place.
I had successfully authenticated the API, then I authenticated using web. After this, token that was saved from API auth started throwing 403.
On 403, logging out from everywhere can still work out. But with the issue that I am facing, you cannot login into web app or android app after you generate the token or your token gets invalidated.
@Ajax, This is because if you log in using Kite Connect login URL, your session is also created in kite.zerodha.com and not kite3.zerodha.com. As of now, kite3.zerodha.com is a separate setup. When you open kite3.zerodha.com, it will still have previous day's session which is no more valid. Hence 403 is thrown.
I just tried logging in to Kite Connect 1 and Kite Android app. My Kite Connect's login was not revoked and I placed an order successfully. I think, for now, a feasible solution in your case is to use kite.zerodha.com since you are using Kite Connect 1.
@Ajax, Even if you move to Kite Connect 3, this issue will be there because log out is called on kite3.zerodha.com We will update once the solution is deployed.
I have the same concern. Multiple sessions used to work perfectly fine before today.
@sujith Can you please comment.
Are you using kite.zerodha.com or kite3.zerodha.com?
Are you using kite Connect 1 or Kite Connect 3?
The request token is only valid for a couple of minutes and can be used only once. Once you get access token store it in preference or database and re-use it.
@vickin, @Ajax,
We are investigating this.
We are investigating the issue. Is this consistent or intermittent? Can you let us know the steps to reproduce this and also please mention which are the API calls that throws 403?
However, right now, it seems that I can simultaneously login in API and UI, but I am not placing any orders right now so I am not sure.
Also If I logout from UI, it API throws Token Exception. It seems logout from UI is some how invalidates the API access token.
If you log out of any platform then you will be logged out everywhere.
This is not intermittent. Calls start failing consistently .
To Reproduce, follow the steps:
1. Login to client connect API and generate access token using request token.
2. Open python command line (or any other supported language command line).
3. Instantiate a kite connect client object and assign the access token.
4. Open kite3.zerodah.com or kite android app & Login.
5. Try to place an order from using the kite connect client created earlier. You should get a TokenMismatch.
-----
Further, if you login again using the connect API, you will be logged out of the andorid app or kite3.
1. Login on kite3.zerodah.com.
2. login to API. This will log you out from kite3.zerodah.com
3. If I login again to kite3.zerodah.com, I will be logged out from API.
The only way it works right now is
1. Login into API first.
2. Then login to kite3.zerodah.com. I saw some intermittent errors with this as well but its not happening consistently.
It looks like the order matters right now. This was not something that I saw before yesterday.
When you guys opened kite3.zerodha.com, did it call log out or directly landed on the login page?
From the mobile app, I opened the app - It went to the last screen I was on (market-watch). Then it went to the login page.
We are thinking of coming up with a feasible solution for this.
I had successfully authenticated the API, then I authenticated using web. After this, token that was saved from API auth started throwing 403.
On 403, logging out from everywhere can still work out. But with the issue that I am facing, you cannot login into web app or android app after you generate the token or your token gets invalidated.
This is because if you log in using Kite Connect login URL, your session is also created in kite.zerodha.com and not kite3.zerodha.com.
As of now, kite3.zerodha.com is a separate setup. When you open kite3.zerodha.com, it will still have previous day's session which is no more valid. Hence 403 is thrown.
I just tried logging in to Kite Connect 1 and Kite Android app. My Kite Connect's login was not revoked and I placed an order successfully. I think, for now, a feasible solution in your case is to use kite.zerodha.com since you are using Kite Connect 1.
I have a question though. Do you mean I will not have this issue if I move to kite connect 3 and use kite3 ?
Also, please update this thread once a solution for this is in place and deployed.
Even if you move to Kite Connect 3, this issue will be there because log out is called on kite3.zerodha.com
We will update once the solution is deployed.