Error 403 on kiteticker, am I getting the wrong public token?

healthsecure15 edited January 2019 in Python client

I have gone through the documentation, refreshed access token multiple times however Kiteticker still says error 403.

Please let me know what could be wrong and whether there is anything I am missing here.
api_key = 'XXXXX'  
api_secret = 'XXXXXX'

# Log in on website and get token:
kite = KiteConnect(api_key)
# Launch browser login to get request_token
tkn = input('Enter request Token')

user = kite.generate_session(tkn,api_secret)


# is the user['access_token'] the public token required to login to KiteTicker?

kws = KiteTicker(api_key,user['access_token'])

def on_ticks(ws, ticks):
# Callback for tick reception.

# Connect callback
def on_connect(ws, response):
# Callback for successful connection.
# Subscribe to a list of instrument_tokens
tokens = [
# Set all symbols to tick in `full` mode.
ws.set_mode(ws.MODE_FULL, tokens)

kws.on_ticks = on_ticks
kws.on_connect = on_connect

  • sujith
    An access token is valid for one whole day. You don't need to generate it every time you run the script.
    A request token is valid only for a couple of minutes and can be used only once.
    Once you have an access token store it and re-use it until it is expired.

    In the above code, you just need to remove generate session. You should only call it when the existing access token is expired.
  • healthsecure15
    @sujith I keep getting the error 403, do I need to have a subscription to Historical API? Is that why it might be giving this error?
  • akshay_thakker
    @sujith , is there a way to check if the token is valid after the command
    kws = KiteTicker(api_key,user['access_token'])?
    The reason I ask, is that I cannot manually refresh the token every 24 hours, and the only option is to then generate a token every time I run kiteticker which is an unnecessary burden on the api server as well as time wasted in gettign the ticks at my end.
  • sujith
    It is mandatory by the exchange that a user has to log in manually at least once a day. We don't recommend automating login flow.
  • sujith
    Once you see 403 in any of the API calls, it is suggested to login and continue.
Sign In or Register to comment.