Facing this issue after entering TOTP.
Also, I am getting consent_limit_exceeded error, kindly reset this for me.
@Hardik kindly solve this. Getting CONSENT_LIMIT_EXCEED error.
Hey @tradernoob
Looking into this. Can you confirm after how many requests are you getting this?
On TOTP, it should be working fine. Are you still getting the error?
I am also getting similar error about CONSENT_LIMIT_ERROR when trying to generate consent at STEP: 1 following your new authentication documentation.
When I checked with the dhan support chat box, it gave a response:
I can see you're encountering a CONSENT_LIMIT_EXCEED error while trying to generate an app secret for API authentication.
This error occurs because you've reached the maximum number of API consent requests allowed in a specific timeframe.
To resolve this:
- Wait 30 days from your first request before trying again
- Each user is limited to 2 API consent requests within a 30-day period
For example, if you made requests on September 1 and September 5, you'll need to wait until October 2 before making another request.
Need help with anything else about Dhan APIs? 🔄
This is absurd!
The JWT is valid only for a day (24 hours) however, the consentAppId can be generated once in a 30 days.
How can we proceed with it?
Since it’s a new implementation, Dhan should offer generous limit at least at the beginning of new change for the users to try and test.
Can we also get the documented rate limits that Dhan currently applies like we have for order and trade api usages?
I am also getting the error something went wrong. Kindly contact system adminstrator when trying to enter the TOTP. It might be possible that I might have been trying the new login system and frequently trying to authenticate and Dhan is again rate limiting it.
Okay, after further conversation with chat I understood that we can have only one valid access token for a consentAppId, which is true and acceptable.
Error CONSENT_LIMIT_EXCEED means:
- You've reached the maximum number of active access tokens allowed
- Solution: Revoke unused tokens before generating new ones
Now, there is no way to revoke the valid access token. In UI, it only has the button to revoke the app key and secret, but not way to revoke the access token.
I think there should be an api to invalidate the access token so that new access token is generated. Waiting for the existing access token to expire in 24 hours and generated a new is quite cumbersome process as slight delay in generating the token will be an overhead for next day.
Another way, should be invalidating the access token automatically at specific time of the in the morning before market hours. Let’s say at 8:00am morning, all the previous day access token will be invalidated automatically. As a user I am okay to generate the new access token with fresh consentAppId between 8am to 9am.
Hi @Hardik tagging you for your input to the issue
Hey @kushal
Welcome to MadeForTrade community!
CONSENT_LIMIT_EXCEED error comes when the number of consent generated per day exceeds 25 requests in a day. Given each consent can be used to generate one login session, we have capped it.
On the chat response, there might be a confusion regarding access token vs consent. Will look into the response and get it fixed as well.
1 Like
Thanks @Hardik, that shall help.
Hi @Hardik , I also mentioned another issue of getting the error something went wrong. Kindly contact system adminstrator while entering the TOTP.
I have tried to create a new app key and secret, but still I am getting this error message.
Can you check why this is happening?
Hey @kushal
This happens when you have entered incorrect TOTP for 5 times continuously. Can you check if this is the scenario here?
No @Hardik , I created a the new App Key and Secret and tried to login, I got this error.
Sometimes it accepts the TOTP, but still throw this error message. Having this issue since start. I tried on both of my dev (local system) as well as prod (ubuntu server) environment.
@Hardik normally TOTP has validity of 60 seconds in Authenticator app. But I think Dhan TOTP authentication system is designed to use TOTP within 30 seconds of generation else it’s fails.
If that’s the case, then most of TOTP might fail if we reach the TOTP authentication page after 30 secs time lapse. Resulting in the error I am currently getting ... to contact adminstrator.
Hi @Hardik did you got the chance to check on this?
Let me check on this, it should be set at the default time itself. Also, TOTP by mechanism, stays valid for the next 30 seconds as well.
This error appears usually when 5 consecutive failed attempts happen at the server.