5paisa customers who hold a demat account with 5paisa and have generated API keys for themselves can use the API. It allows the user to obtain request token to be used further to fetch access token.

The API generates the Request token for the user which is required for authentication of all other APIs. The API requires the user’s account API Key, client code/emailId/MobileNo, TOTP and MPIN.

Please note this API is not available for Partners and is only available to Individual Users. Hence only individual User's key will be supported.

REQUEST URL

https://Openapi.5paisa.com/VendorsAPI/Service1.svc/TOTPLogin

Headers

KEY	VALUE
Content-Type	application/json

Request body

FIELD NAME		MANDATORY	DESCRIPTION
head	Key STRING	Yes	User Key of the client received along with API credentials. Partner key is not supported.
body	Email_ID STRING	Yes	EmailId or client code or Mobile No. of the client.
	TOTP STRING	Yes	TOTP of the client from authenticator App
	PIN STRING	Yes	PIN of the client.

SAMPLE REQUEST BODY :

{
    "head": {
        "Key": "siUIoaqyGcXADwxM05hWHiOA2POWALcQ"
    },
    "body": {
        "Email_ID": "50011110",
        "TOTP": "185292",
        "PIN": "042935"
    }
}

Response body

FIELD NAME		VALUES	DESCRIPTION
body	ClientCode STRING	50011110	ClientCode of User
	RequestToken STRING		This is the authentication token required for other API calls
	RedirectURL STRING	-	This is the redirect URL provided by client at time of API keys creation.
	Message STRING	-1: Server unable to process request 0: Success 1: Invalid login/password,use \"Forget password\"	This is the description of the status of API request
	Status INTEGER	-1 0 1 2	This is the numeric code for the status of API request
	Userkey		User key of client

Validity of Session Token

The request token generated after successful login request remains valid for 60 min from the time of its generation. However the access token generated from above request token is valid for a day. Please refer next documentation to obtain access token.

SAMPLE SUCCESS RESPONSE

{
"body": {
"ClientCode": "50011110",
"Message": "Success",
"RedirectURL": "",
"RequestToken": "eqJhbGciOiJIUzINiIsInR5cCI6IkpXVCJ9.eyJ1bmladWVfbfFtZaI6IjUwDUyNzcwIiwim9sZSI6ImdpUUlvYXR5R2NYQUR3eFYwNXVXSGlPVzJRT1dOTGNzIwiU3RhdGUiOiIiLCJuYmYiOjE3MDUzMjE3ODUsImV4cCI6MTcwNTyMTk0NwiaW0Ij1xNzA1MzIxODg1fQ.LS5u1Sv0Jt0oF9PBYoSfaJbkBVxhmndMmj9ANw",
"Status": 0,
"Userkey": "siUIoaqyGcXADwxM05hWHiOA2POWALcQ"
},
"head": {
"Status": 0,
"StatusDescription": null
}
}

SAMPLE FAILURE RESPONSE: Failure due reuse of TOTP

{
"body": {
"ClientCode": null,
"Message": "OTP has been used in past, Please try next OTP",
"RedirectURL": null,
"RequestToken": null,
"Status": 2,
"Userkey": null
},
"head": {
"Status": 0,
"StatusDescription": null
}
}

SAMPLE FAILURE RESPONSE: Failure due to incorrect or expired TOTP

{
"body": {
"ClientCode": null,
"Message": "Invalid TOTP",
"RedirectURL": null,
"RequestToken": null,
"Status": 2,
"Userkey": null
},
"head": {
"Status": 0,
"StatusDescription": null
}
}

SAMPLE FAILURE RESPONSE: Failure due to invalid client code

{

"body": {

"ClientCode": null,

"Message": "Two Factor Authentication is not enabled Please enable by visiting https://login.5paisa.com/",

"RedirectURL": null,

"RequestToken": null,

"Status": 2,

"Userkey": null

"head": {

"Status": 0,

"StatusDescription": null

}

On this Page

Knowledge base

Check API Integration Flow

API Integration Flow

How to use fetch Access Token

Access Token API

To the top

Contribute and get rewarded

Help make these Dev Docs great, contribute to the APIs and get rewarded for your contribution

Need Help

Ask Developer Community

Contact Support

Changelog

Changes made to our APIs - Changelog

TOTP Login

Headers

Content-Type

application/json

Request body

head

Key

STRING

Yes

User Key of the client received along with API credentials. Partner key is not supported.

body

Email_ID

STRING

Yes

EmailId or client code or Mobile No. of the client.

TOTP

STRING

Yes

TOTP of the client from authenticator App

PIN

STRING

Yes

PIN of the client.

Response body

body

ClientCode

STRING

50011110

ClientCode of User

RequestToken

STRING

RedirectURL

STRING

This is the redirect URL provided by client at time of API keys creation.

Message

STRING

-1: Server unable to process request

0: Success

1: Invalid login/password,use \"Forget password\"

This is the description of the status of API request

Status

INTEGER

-1

0

1

This is the numeric codefor the status of API request

Validity of Session Token

Knowledge base

Need Help

Changelog

User Key of the client received along with API
credentials. Partner key is not supported.

This is the description of
the status of API request

This is the numeric code
for the status of API
request