Authorize
The authorization flow initiates a redirection to the Upstox login page, with necessary information. Upon a successful user login, the user is then redirected to the specified "redirect_uri" with an authorization code. This code should be utilized in the subsequent step to acquire the access token in the get token API.
NOTE
- While creating app provide a
redirect_uriwhich is in your control rather than a public endpoint. - Additionally, it's important to generate a random value for the state parameter and subsequently validate whether the value returned matches the one you originally sent. This helps ensure the security and integrity of your application.
- The QR code login is not compatible with the login flow of the Upstox API.
Query Parameters
| Name | Required | Type | Description | |
|---|---|---|---|---|
| client_id | true | string | The API key obtained during the app generation process. | |
| redirect_uri | true | string | The URL to which the user will be redirected post authentication; must match the URL provided during app generation. | |
| state | false | string | An optional parameter. If specified, will be returned after authentication, allowing for state continuity between request and callback. | |
| response_type | true | string | This value must always be code. |
Responses
- 302
- 4XX
Upon successful authentication, this API will redirect to the URL specified in the redirect_url parameter, with the code essential for the token generation included within the request parameters.
https://<redirect_uri>?code=mk404x&state=XX56849
| Name | Description |
|---|---|
| code | Utilize this code to generate the access_token through the Get Token API. |
| state | Provided optionally if it was initially included in the request URL parameters. |
| Error code | Description |
|---|---|
| UDAPI100068 | Check your 'client_id' and 'redirect_uri'; one or both are incorrect. - Thrown when one of the credentials you've passed to this API is invalid. |
Loading...