Guide to secure your SmartAPI Account with two factor authentication
-
How to enable Time-based One Time Password (TOTP) ? (one-time setup)
Step 1 - Visit smartapi.angelbroking.com/enable-totp
Step 2 - Enter your Angel One client id and trading terminal password or PIN
Step 3 - Enter OTP sent to Registered email & mobile. Once OTP is entered, you will see a QR code on the screen.
Step 4 - Open the authenticator app of your choice
Step 5 - Scan the QR code generated from our site on your authenticator appHow to login to SmartAPI using password and TOTP?
Once your authenticator app scans the QR code, it will automatically generate an authentication code (called as TOTP) every 30 seconds. You are required to pass the TOTP code in our existing loginbypassword API endpoint (/rest/auth/angelbroking/user/v1/loginByPassword) by sending a new "totp" parameter via the request body.
The below request parameters illustrates how to send the client code, password and totp to authenticate and get the tokens
{
"clientcode":"your_client_code",
"password":"your_password",
"totp":"enter_the_code_displayed_on_your_authenticator_app"
}Is the new login flow supported via SDKs?
Yes. To support the login authentication flow using TOTP we have updated and released libraries for Python and Java. Same can be referred here -
Python - https://github.com/angel-one/smartapi-python
Totp changes have been deployed in the latest python release 1.3.0
Please use the following command to upgrade to the latest python release
pip install smartapi-python --upgradeJava - https://github.com/angel-one/smartapi-java
- The latest jar version v2.0.0 containing login with totp changes has been released here - https://github.com/angel-one/smartapi-java/tree/main/dist
- Sample Java Code - https://github.com/angel-one/smartapi-java/blob/main/src/main/java/com/angelbroking/smartapi/sample/LoginWithTOTPSample.java
GOLANG - https://github.com/angel-one/smartapigo
What is 2FA?
Two-factor authentication (2FA) is a method of authentication using the following two factors:
- Knowledge factor i.e. something only the user knows like. password, PIN etc
- Possession factor like OTP, authenticator apps etc
Why use it now?
The exchange vide circular ref no. NSE/COMP/52623 (https://www1.nseindia.com/content/circulars/COMP52623.pdf) has now mandated 2FA for login purposes from September 30, 2022
Which authenticator app to use?
Tested and recommended 2FA authentication applications:
- Google Authenticator
- Microsoft Authenticator
-
@nikaashpuri
I also faced similar issue. After upgrading pyotp the issue is resolved for me$pip install --upgrade pyotp
-
@webseos thank you so much for info its working smooth.
-
@clb Nice
-
I have suddenly started getting the following error when logging in using username, password, and otp using the API:
File "abc.py", line 327, in test_login_access data = angel_obj.generateSession(user_id, password, totp.now()) File "/home/ubuntu/py37-venv/lib/python3.7/site-packages/smartapi/smartConnect.py", line 239, in generateSession id=user['data']['clientcode'] TypeError: 'NoneType' object is not subscriptableWhat is going on here?
-
@webseos Thanks for your simple and effective answer. This works really well.
-
@Mr-Depp said in Guide to secure your SmartAPI Account with two factor authentication:
Hello team.
What about the c#.net sdk update ? did you updated to the library or setting some another way to use it ?
Hello Team,
Please update on C#.Net sdk ASAP. -
Hello team.
What about the c#.net sdk update ? did you updated to the library or setting some another way to use it ?
-
@ganesh
update using pip install smartapi-python --upgrade -
@gokul i am also getting same error
-
@aj_Brk not working for me
-
@admin I am unable to login to smartapi.angelbroking.com/enable-totp URL , But I am able to login to https://smartapi.angelbroking.com/apps with my credentials. But to ToTP i am not able to login, Its saying invalid userid or password. Please help me to resolve this issue.
Thanks. -
@Sukhwant280 said in Guide to secure your SmartAPI Account with two factor authentication:
smartApi.generateToken(refreshToken)
Why would you need smartApi.generateToken(refreshToken)?
-
@smrtsaravanan Can you please paste your code here?
-
@admin thanks for update
-
Hi @patisupa , we have modified the goLang. Please refer here - https://github.com/angel-one/smartapigo
-
@admin What about golang library it is updated for totp changes.
-
@aj_Brk I have used similar code as given below , but got the following exception
Exception : Object of type TOTP is not JSON serializablebut then I solved the problem
But then I added last two lines and problem solved the last two lines given at the end of the following code- qrOtp is the code generated here : https://smartapi.angelbroking.com/enable-totp below the QR Code. So you have to generate your own qrOtp code here in this site. Then Install pyotp using command line "pip install pyotp"
My Code Below ( Last line totp = totp.now() is very important)
from smartapi import SmartConnect #or from smartapi.smartConnect import SmartConnect
import config
import pyotpclient_code = "aaaaaa"
client_pass = "bbbbbb"apiKey="yyyyyyy"
qrOtp = "xxxxxxxx"
totp = pyotp.TOTP(qrOtp)
totp = totp.now()smartapiObj =SmartConnect(apiKey)
data = smartapiObj.generateSession(client_code,client_pass,totp)
print(data) -
@smrtsaravanan it is working fine now. Ignore it.
I have made a couple of changes. 1st I have declared it like below
obj=SmartConnect(api_key=apikey)
totp = pyotp.TOTP(s='yourkey')
print("pyotp",totp.now())
attempts = 5
while attempts > 0:
attempts = attempts-1
data = obj.generateSession(username, pwd, totp.now())
print(data)
if data['status']:
break
tt.sleep(2)and entered my new API key.
Hope it helps!
-
@ravindra-e Thanks for the code.. Its working for me but it fails when I pass this token to next steps i.e.
smartApi.getProfile(refreshToken)
smartApi.generateToken(refreshToken)
Error is: Invalid json response.My understanding is that he refresh token is valid until 5 AM next day, hence I can use the same refresh Token whenever I want to make API calls.
Please correct me if my understanding is wrong here. Thanks in advance
