Invalid token

singhji · July 2020

Hi,

Below is my code:
api_public = xxxxxxx
api_private = yyyyyyy

kite = KiteConnect(api_public)
request_token = kite.login_url()
print(request_token)
access_token = kite.generate_session(kite.login_url(), api_secret = api_private)
kite.set_access_token(data[access_token])

I do get the following as my request token: https://kite.trade/connect/login?api_key=xxxxxxx&v=3

I am getting the following errors with access_token. I checked the hexdigest module and everything is fine there too. Can anyone direct me to solving this error?

DEBUG:urllib3.connectionpool:https://api.kite.trade:443 "POST /session/token HTTP/1.1" 403 None
Traceback (most recent call last):

  File "<ipython-input-1-ea6aa0483439>", line 1, in <module>
    runfile('/Users/mgz1985/OneDrive/Zerodha/zerodha_mcx.py', wdir='/Users/mgz1985/OneDrive/Zerodha')

  File "/opt/anaconda3/lib/python3.7/site-packages/spyder_kernels/customize/spydercustomize.py", line 827, in runfile
    execfile(filename, namespace)

  File "/opt/anaconda3/lib/python3.7/site-packages/spyder_kernels/customize/spydercustomize.py", line 110, in execfile
    exec(compile(f.read(), filename, 'exec'), namespace)

  File "/Users/mgz1985/OneDrive/Zerodha/zerodha_mcx.py", line 25, in <module>
    access_token  = kite.generate_session(kite.login_url(), api_secret = api_private)

  File "/Users/mgz1985/OneDrive/Zerodha/kiteconnect/connect.py", line 255, in generate_session
    "checksum": checksum

  File "/Users/mgz1985/OneDrive/Zerodha/kiteconnect/connect.py", line 824, in _post
    return self._request(route, "POST", params)

  File "/Users/mgz1985/OneDrive/Zerodha/kiteconnect/connect.py", line 889, in _request
    raise exp(data["message"], code=r.status_code)

TokenException: Token is invalid or has expired.

PS: I have already watched the webinar from 2017 (https://kite.trade/forum/discussion/2005/invalid-checksum), but the method is not valid in v3.

PSS: Btw, there is no video for v3 usage or support?

singhji · July 2020

Below is the original method - generate_session - in the code:
h = hashlib.sha256(self.api_key.encode("utf-8") + request_token.encode("utf-8") + api_secret.encode("utf-8"))
checksum = h.hexdigest()

resp = self._post("api.token", {
"api_key": self.api_key,
"request_token": request_token,
"checksum": checksum
})

if "access_token" in resp:
self.set_access_token(resp["access_token"])

My doubt is how is 'access_token' been created in the dictionary 'resp'

sujith · July 2020

You can refer to this thread.

singhji · July 2020

not working. Getting the same error again. Those threads are not related to Python. Also, I copied the request_token, and pasted it in my browser, it gives me the following:
{"status":"error","message":"Invalid `api_key`","data":null,"error_type":"InputException"}

My API Key is correct. Does someone know how to get this resolved or not?

rakeshr · July 2020

Can you paste complete access_token generation code with the flow you do?
Above pasted code seems to be incomplete. As we don't see data variable used for access_token being assigned anywhere.

kite.set_access_token(data[access_token])

singhji · July 2020

kite = KiteConnect(api_public) # this the api_key
# Redirect the user to the login url obtained
# from kite.login_url(), and receive the request_token
# from the registered redirect url after the login flow.
# Once you have the request_token, obtain the access_token
# as follows.
request_token = kite.login_url() # This value must be stored in database in the dataframe for daily
print(request_token)
data = kite.generate_session(request_token, api_secret = api_private) # api_private is the secret api
kite.set_access_token(data[access_token])

rakeshr · July 2020

The above flow is correct. Unless you copy the wrong request_token or API secret key(available in connect app dev page). Can you once re-check on both of these fields?

singhji · July 2020

done that Rakesh.. is it possible that this is happening because I am running it on anaconda?

singhji · July 2020

tried it from the terminal and same error persists. Btw, something popped up in my mind. In all my trading bots, I have to give permissions to API, but in Zerodha/Kite, no such prompt has been asked by me so far. Is it because of this lack of permissions, that I am not getting the access_token? If Yes, then how do I get this prompt?

rakeshr · July 2020

is it possible that this is happening because I am running it on anaconda?

Though there are few permission related issues on Anaconda env, you can refer pyclient FAQs to know. But, above one doesn't seem to be related to Conda env.

Zerodha/Kite, no such prompt has been asked by me so far.

If you are not authorized/first login on your connect app, either you will get a prompt to give permission or an error of user is not authorised on App. Even you can check for all permitted app on Kite web under App section.

that I am not getting the access_token?

Are you not getting an access_token or you are getting access_token but set_access_token is generating error? kite.set_access_token(data[access_token])

singhji · July 2020

I saw in the kite connect app, and the necessary permissions are correctly set.

In regards to the access_token, when I run print(data), this. is what I get:
DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): api.kite.trade:443
DEBUG:urllib3.connectionpool:https://api.kite.trade:443 "POST /session/token HTTP/1.1" 403 None

I think at my end everything is good now. Do you have any further suggestions?

rakeshr · July 2020

In regards to the access_token, when I run print(data), this. is what I get:
DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): api.kite.trade:443

No, print(data) should return this user_detail response, which will have "access_token" field. From that's what you are extracting access_token here data['access_token']

singhji · July 2020

So the issue of checksum remains from the beginning. Does your team know how to resolve this?

If you see the details in the error posted, the throwback is related to checksum.

Howdy, Stranger!

Categories

In this Discussion

Invalid token