Authentication
The authentication mechanism is handled by customising one of the most reliable open source IAM (Identity & Access Management) in the planet. The authentication layer takes care of integration with RMS/OMS, Mutual Funds and other backend systems.
Login¶
Check Device Info¶
Login¶
| Method | APIS | Detail |
|---|---|---|
| Post | auth/login | login |
Request Structure
Input parameters
| Field | Type | Description |
|---|---|---|
| userId | String | The unique, permanent user ID registered with the broker |
| password | String | The unique, user Created a Password |
| source | String | Request source from which platform eg., 'MOBILEAPI' or 'RESTAPI' |
Response Structure
{
"status":"Ok",
"message":"Success",
"result":[
{
"accessToken":"XXXX",
"tokenType":"Bearer",
"refreshToken":"XXXX""
}
]
}
parameters
| Field | Type | Description |
|---|---|---|
| accessToken | String | The authentication token that's used with every subsequent request Unless this is invalidated using the API, or invalidated by a master-logout from the Kite Web trading terminal, it'll expire at 6 AM on the next day (regulatory requirement) |
| tokenType | String | |
| refreshToken | String | A token for getting long standing read permissions. This is only available to certain approved platforms |
Logout¶
2FA Login¶
Credentials¶
Forget Password¶
Request Structure
Input parameters
| Field | Type | Description |
|---|---|---|
| mobileNo | String | Account holder Mobile number will be displayed |
| source | String | Request source from which platform eg., 'MOBILEAPI' or 'RESTAPI' |
| pan | String | Account holder PAN number will be displayed |
Response Structure
Change Password¶
New Password¶
Set Password¶
OTP¶
| Method | APIS | Detail |
|---|---|---|
| Post | access/otp/send | Send OTP |
| Post | access/otp/validate | Validate OTP |
Send OTP¶
Request Structure
Input parameters
| Field | Type | Description |
|---|---|---|
| userId | String | The unique, permanent user ID registered with the broker |
| source | String | Request source from which platform eg., 'MOBILEAPI' or 'RESTAPI' |
Response Structure
parameters
Validate OTP¶
Request Structure
Input parameters
| Field | Type | Description |
|---|---|---|
| userId | String | The unique, permanent user ID registered with the broker |
| source | String | Request source from which platform eg., 'MOBILEAPI' or 'RESTAPI' |
| otp | String |
Response Structure
{
"status": "Ok",
"message": "Success",
"result": [
{
"accessToken": xxxx,
"refreshToken": xxxx,
"kcRole": "ACTIVE_USER"
}
]
}
parameters
| Field | Type | Description |
|---|---|---|
| accessToken | String | The authentication token that's used with every subsequent request Unless this is invalidated using the API, or invalidated by a master-logout from the Kite Web trading terminal, it'll expire at 6 AM on the next day (regulatory requirement) |
| tokenType | String | |
| refreshToken | String | A token for getting long standing read permissions. This is only available to certain approved platforms |
User Preference¶
| Method | APIS | Detail |
|---|---|---|
| Post | preferences/get | Get preferences |
| Post | preferences/update | Set preferences |
Get User Preference¶
Request Structure
Input parameters
| Field | Type | Description |
|---|---|---|
| source | String | Request source from which platform eg., 'MOBILEAPI' or 'RESTAPI' |
| keyVariable | String |
Response Structure
{
"status": "Ok",
"message": "Success",
"result": [
{
"id": 75,
"keyVariable": "marketWatch",
"value": "MyList",
"source": "MOB"
}
]
}
parameters
| Field | Type | Description |
|---|---|---|
| id | String | Unique ID |
| keyVariable | String | |
| value | String | |
| source | String | Request source from which platform eg., 'MOBILEAPI' or 'RESTAPI' |
Set User Preference¶
Request Structure
{
"userId": "<USER_ID>",
"source": "MOB",
"preferences": [
{
"id": 10,
"keyVariable": "marketWatch",
"value": "PreDefined"
}
]
}
Input parameters
| Field | Type | Description |
|---|---|---|
| id | String | Unique ID |
| keyVariable | String | |
| value | String |
Response Structure