about Open Authentication?

Created at 06 Feb 2020, 04:42
Subscribe
How’s your experience with the cTrader Platform?
Your feedback is crucial to cTrader's development. Please take a few seconds to share your opinion and help us improve your trading experience. Thanks!
66

66281850

Follow

Joined 26.06.2019

about Open Authentication?
06 Feb 2020, 04:42

I want to develop a fully automatic unattended trading robot using the open api v2 protocol。This program is an unattended 24-hour program。

There were some issues in the login verification section。

I recorded the “client id” and “client Secret” and "access_token" variables in the configuration file. Each time the program starts, it reads these values from the configuration file and then automatically logs in.

However, I found that after running the program for a while, the access_token variable expired,and need to go to https://connect.spotware.com/apps to get it again.

Before, I manually logged in to this website to get the value of this variable, and then recorded it in the configuration file.

But as a fully automatic unattended program, I need to get the value of this variable automatically through the program. Fortunately, "https://connect.spotware.com/docs/open_api_2/getting_started_v2/open_authentication_v2"  , this document describes that tokens can be obtained via OAuth 2.0.

But there is such a paragraph later in this document:
"When a trader decides to allow a 3rd party application to get access to their trading account they should be taken to Open API OAuth authorization server. The trader will enter his cTrader ID credentials there to be logged in and then will be asked for what kind of resources he would like to grant. ”


 Note: Does this require the trader to enter her cTrader ID?
But my fully automatic unattended program has no human interaction. So, how can I make the program automatically get this token?

@66281850
Replies

PanagiotisCharalampous
06 Feb 2020, 08:04

Hi 66281850,

There is no way to get a token automatically. The user needs to give his explicit permission at least once. After you receive the token, you can use the refresh token to automatically refresh your token without user interaction.

Best Regards,

Panagiotis 

Join us on Telegram

 

@PanagiotisCharalampous

66281850
06 Feb 2020, 08:26

RE:

PanagiotisCharalampous said:

Hi 66281850,

There is no way to get a token automatically. The user needs to give his explicit permission at least once. After you receive the token, you can use the refresh token to automatically refresh your token without user interaction.

Best Regards,

Panagiotis 

Join us on Telegram

 

Then can I manually visit https://connect.spotware.com/apps with a browser to get the token, and then record this token in the configuration file. Then when starting the automatic machine transaction program on the remote machine, use the refresh token to automatically refresh my token.
If so, does it also require at least one manual interactive authorization before refresh token?
My automated trading program runs on a linux system. If it is necessary to perform a manual interactive authorization before refreshing the token, can't my fully automatic machine trading program be implemented on the Linux system?

@66281850

PanagiotisCharalampous
06 Feb 2020, 08:30

Hi 66281850,

If you manually get the initial token, then everything else can be done automatically. No further user interaction is required.

Best Regards,

Panagiotis 

Join us on Telegram

@PanagiotisCharalampous

66281850
06 Feb 2020, 08:44

RE:

PanagiotisCharalampous said:

Hi 66281850,

If you manually get the initial token, then everything else can be done automatically. No further user interaction is required.

Best Regards,

Panagiotis 

Join us on Telegram

but when I use this link refresh token,

https://connect.spotware.com/apps/token?  
grant_type=refresh_token&  
refresh_token=3_PjO8ONazporH2oQrh77S6r_1vCA2MSzWjf2wl4iq8&  
client_id=781_t9SJJNtFqyr7Q0l9MBoCA903ZyQAgSbmg3e7nbudVJrKjGVr7W&  
client_secret=0kBTax9FNoIbgatU4WJtCPHxqxiyJDXCBrLylcieatm84WgrYp

 

The server responded to me with the following information:

{"errorCode":"ACCESS_DENIED","description":"Access denied. Make sure the credentials are valid."}
@66281850

PanagiotisCharalampous
06 Feb 2020, 08:46

Hi 66281850,

It means that you are using wrong credentials. Make sure that refresh_token, client_id and client_secret are correct.

Best Regards,

Panagiotis 

Join us on Telegram

@PanagiotisCharalampous

66281850
06 Feb 2020, 08:52 ( Updated at: 21 Dec 2023, 09:21 )

RE:

PanagiotisCharalampous said:

Hi 66281850,

It means that you are using wrong credentials. Make sure that refresh_token, client_id and client_secret are correct.

Best Regards,

Panagiotis 

Join us on Telegram

 

But my refresh_token is not wrong。

 

@66281850

PanagiotisCharalampous
06 Feb 2020, 08:56

Hi 66281850,

I just tried this with my token and it works fine. Try with getting new tokens.

Best Regards,

Panagiotis 

Join us on Telegram

@PanagiotisCharalampous

66281850
06 Feb 2020, 09:05

RE:

PanagiotisCharalampous said:

Hi 66281850,

I just tried this with my token and it works fine. Try with getting new tokens.

Best Regards,

Panagiotis 

Join us on Telegram

Oh well, let me try again, let me ask another question by the way:
expires_in => 2628000
This number indicates when the token expires? So how long does 2628000 represent? one day? Still an hour?

@66281850

PanagiotisCharalampous
06 Feb 2020, 09:19

Hi 66281850,

It represents seconds. It is around 30 days.

Best Regards,

Panagiotis 

Join us on Telegram

@PanagiotisCharalampous
Copyright © 2024 Spotware Systems Ltd. All rights reserved.
The services provided by Spotware Systems Ltd. are not available to citizens or residents of the USA. Neither is the information on our websites directed toward soliciting citizens or residents of the USA.