about Open Authentication?
about Open Authentication?
06 Feb 2020, 04:42
I want to develop a fully automatic unattended trading robot using the open api v2 protocol。This program is an unattended 24-hour program。
There were some issues in the login verification section。
I recorded the “client id” and “client Secret” and "access_token" variables in the configuration file. Each time the program starts, it reads these values from the configuration file and then automatically logs in.
However, I found that after running the program for a while, the access_token variable expired,and need to go to https://connect.spotware.com/apps to get it again.
Before, I manually logged in to this website to get the value of this variable, and then recorded it in the configuration file.
But as a fully automatic unattended program, I need to get the value of this variable automatically through the program. Fortunately, "https://connect.spotware.com/docs/open_api_2/getting_started_v2/open_authentication_v2" , this document describes that tokens can be obtained via OAuth 2.0.
But there is such a paragraph later in this document:
"When a trader decides to allow a 3rd party application to get access to their trading account they should be taken to Open API OAuth authorization server. The trader will enter his cTrader ID credentials there to be logged in and then will be asked for what kind of resources he would like to grant. ”
Note: Does this require the trader to enter her cTrader ID?
But my fully automatic unattended program has no human interaction. So, how can I make the program automatically get this token?
Replies
66281850
06 Feb 2020, 08:26
RE:
PanagiotisCharalampous said:
Hi 66281850,
There is no way to get a token automatically. The user needs to give his explicit permission at least once. After you receive the token, you can use the refresh token to automatically refresh your token without user interaction.
Best Regards,
Panagiotis
Then can I manually visit https://connect.spotware.com/apps with a browser to get the token, and then record this token in the configuration file. Then when starting the automatic machine transaction program on the remote machine, use the refresh token to automatically refresh my token.
If so, does it also require at least one manual interactive authorization before refresh token?
My automated trading program runs on a linux system. If it is necessary to perform a manual interactive authorization before refreshing the token, can't my fully automatic machine trading program be implemented on the Linux system?
@66281850
PanagiotisCharalampous
06 Feb 2020, 08:30
Hi 66281850,
If you manually get the initial token, then everything else can be done automatically. No further user interaction is required.
Best Regards,
Panagiotis
@PanagiotisCharalampous
66281850
06 Feb 2020, 08:44
RE:
PanagiotisCharalampous said:
Hi 66281850,
If you manually get the initial token, then everything else can be done automatically. No further user interaction is required.
Best Regards,
Panagiotis
but when I use this link refresh token,
https://connect.spotware.com/apps/token?
grant_type=refresh_token&
refresh_token=3_PjO8ONazporH2oQrh77S6r_1vCA2MSzWjf2wl4iq8&
client_id=781_t9SJJNtFqyr7Q0l9MBoCA903ZyQAgSbmg3e7nbudVJrKjGVr7W&
client_secret=0kBTax9FNoIbgatU4WJtCPHxqxiyJDXCBrLylcieatm84WgrYp
The server responded to me with the following information:
{"errorCode":"ACCESS_DENIED","description":"Access denied. Make sure the credentials are valid."}
@66281850
PanagiotisCharalampous
06 Feb 2020, 08:46
Hi 66281850,
It means that you are using wrong credentials. Make sure that refresh_token, client_id and client_secret are correct.
Best Regards,
Panagiotis
@PanagiotisCharalampous
PanagiotisCharalampous
06 Feb 2020, 08:56
Hi 66281850,
I just tried this with my token and it works fine. Try with getting new tokens.
Best Regards,
Panagiotis
@PanagiotisCharalampous
66281850
06 Feb 2020, 09:05
RE:
PanagiotisCharalampous said:
Hi 66281850,
I just tried this with my token and it works fine. Try with getting new tokens.
Best Regards,
Panagiotis
Oh well, let me try again, let me ask another question by the way:
expires_in => 2628000
This number indicates when the token expires? So how long does 2628000 represent? one day? Still an hour?
@66281850
PanagiotisCharalampous
06 Feb 2020, 09:19
Hi 66281850,
It represents seconds. It is around 30 days.
Best Regards,
Panagiotis
@PanagiotisCharalampous
PanagiotisCharalampous
06 Feb 2020, 08:04
Hi 66281850,
There is no way to get a token automatically. The user needs to give his explicit permission at least once. After you receive the token, you can use the refresh token to automatically refresh your token without user interaction.
Best Regards,
Panagiotis
Join us on Telegram
@PanagiotisCharalampous