Skip to main content


The authorization flow initiates a redirection to the Upstox login page, with necessary information. Upon a successful user login, the user is then redirected to the specified "redirect_uri" with an authorization code. This code should be utilized in the subsequent step to acquire the access token in the get token API.

  • While creating app provide a redirect_uri which is in your control rather than a public endpoint.
  • Additionally, it's important to generate a random value for the state parameter and subsequently validate whether the value returned matches the one you originally sent. This helps ensure the security and integrity of your application.
  • The QR code login is not compatible with the login flow of the Upstox API.

Query Parameters

client_idtruestringThe API key obtained during the app generation process.
redirect_uritruestringThe URL to which the user will be redirected post authentication; must match the URL provided during app generation.
statefalsestringAn optional parameter. If specified, will be returned after authentication, allowing for state continuity between request and callback.
response_typetruestringThis value must always be code.

Upon successful authentication, this API will redirect to the URL specified in the redirect_url parameter, with the code essential for the token generation included within the request parameters.

codeUtilize this code to generate the access_token through the Get Token API.
stateProvided optionally if it was initially included in the request URL parameters.