<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>TOTP Automation on WebNotes</title><link>https://v2.webnotes.in/tags/totp-automation/</link><description>Recent content in TOTP Automation on WebNotes</description><generator>Hugo</generator><language>en-IN</language><lastBuildDate>Tue, 12 May 2026 00:00:00 +0000</lastBuildDate><atom:link href="https://v2.webnotes.in/tags/totp-automation/index.xml" rel="self" type="application/rss+xml"/><item><title>How to authenticate Kite Connect with TOTP automation</title><link>https://v2.webnotes.in/how-to-kite-connect-totp-automation/</link><pubDate>Tue, 12 May 2026 00:00:00 +0000</pubDate><guid>https://v2.webnotes.in/how-to-kite-connect-totp-automation/</guid><description>&lt;p&gt;Algo trading scripts need a fresh &lt;code&gt;access_token&lt;/code&gt; every morning before market open. The standard &lt;a href="https://v2.webnotes.in/how-to-generate-kite-connect-tokens/"&gt;Kite Connect authentication flow&lt;/a&gt;
 requires opening a browser, completing the Zerodha login, and pasting the &lt;code&gt;request_token&lt;/code&gt;. For unattended or server-based strategies, that manual step is a bottleneck. This guide shows how to automate the entire login using &lt;code&gt;pyotp&lt;/code&gt; to generate the TOTP code, eliminating the need for any browser interaction.&lt;/p&gt;
&lt;aside class="callout callout--key" role="note"&gt;
 &lt;strong class="callout__label"&gt;Prerequisites&lt;/strong&gt;
 &lt;div class="callout__body"&gt;&lt;ul&gt;
&lt;li&gt;An active Kite Connect subscription (Rs 2,000/month plus GST). See &lt;a href="https://v2.webnotes.in/how-to-generate-kite-connect-api-key/"&gt;How to generate a Kite Connect API key&lt;/a&gt;
.&lt;/li&gt;
&lt;li&gt;Your &lt;code&gt;api_key&lt;/code&gt;, &lt;code&gt;api_secret&lt;/code&gt;, Zerodha client ID (user ID), and Zerodha account password.&lt;/li&gt;
&lt;li&gt;Your &lt;strong&gt;TOTP secret key&lt;/strong&gt; (the base-32 string shown when you first set up TOTP on your Zerodha account). This is not the six-digit OTP; it is the underlying secret used to generate OTPs.&lt;/li&gt;
&lt;li&gt;Python 3.8 or later and a virtual environment with &lt;code&gt;kiteconnect&lt;/code&gt;, &lt;code&gt;pyotp&lt;/code&gt;, and &lt;code&gt;requests&lt;/code&gt; installed.&lt;/li&gt;
&lt;/ul&gt;
&lt;/div&gt;
&lt;/aside&gt;

&lt;aside class="callout callout--key" role="note"&gt;
 &lt;strong class="callout__label"&gt;Important: TOTP secret vs OTP code&lt;/strong&gt;
 &lt;div class="callout__body"&gt;The TOTP &lt;strong&gt;secret&lt;/strong&gt; is the static base-32 key (typically 32 characters, shown once when you enable 2FA on Zerodha&amp;rsquo;s profile page). The &lt;strong&gt;OTP&lt;/strong&gt; is the six-digit code generated from that secret every 30 seconds. You need to store the secret, not a specific OTP.&lt;/div&gt;
&lt;/aside&gt;

&lt;aside class="callout callout--info" role="note"&gt;
 &lt;strong class="callout__label"&gt;Conflict-of-interest disclosure&lt;/strong&gt;
 &lt;div class="callout__body"&gt;WebNotes is an independent knowledge base. This guide is not sponsored by Zerodha or any third party.&lt;/div&gt;
&lt;/aside&gt;

&lt;h2 id="how-totp-automation-works"&gt;How TOTP automation works&lt;/h2&gt;
&lt;p&gt;The standard Kite Connect login involves three steps at Zerodha&amp;rsquo;s end: submit client ID and password, then submit a TOTP OTP, after which Zerodha redirects to your registered URL with a &lt;code&gt;request_token&lt;/code&gt;. A browser performs these steps interactively. Automation replaces the browser with a &lt;code&gt;requests.Session&lt;/code&gt; that sends the same HTTP POST calls, and replaces the TOTP app with &lt;code&gt;pyotp.TOTP(secret).now()&lt;/code&gt; to generate the current OTP.&lt;/p&gt;</description></item></channel></rss>