Skip to main content

Automated Fyers broker access token generation with encrypted storage

Project description

fyers-auto-auth

Automated Fyers broker access token generation with encrypted storage.

Handles the complete TOTP-based login flow, generates access tokens, and caches them encrypted on disk — refreshing automatically each day. Built for use in automated trading systems.

Features

  • Fully automated — no manual browser login needed (after one-time setup)
  • Encrypted storage — access tokens are encrypted at rest using Fernet symmetric encryption
  • Smart caching — tokens are cached in memory and on disk; a new token is fetched only when the cached one is stale
  • Configurable paths — choose where to store your encrypted tokens and encryption keys
  • CLI tools — generate encryption keys and perform first-time app setup from the terminal
  • Retry logic — automatic retries with jitter on transient failures

Installation

pip install fyers-auto-auth

Prerequisites

You need a Fyers API app. If you don't have one:

  1. Go to Fyers API Dashboard and create a new app.
  2. Note down your Client ID, Secret Key, and Redirect URI.
  3. Enable TOTP on your Fyers account and save the TOTP secret key.

Quick Start

1. First-Time App Setup (one-time only)

When you create a new Fyers API app, you must authorize it once in a browser:

fyers-auto-auth setup-app --client-id "XXXXXXXXXX-100" --secret-key "your_secret_key"

This opens a URL in your browser — log in and grant permissions. This is a one-time step.

Or programmatically:

from fyers_auto_auth import setup_app

setup_app(client_id="XXXXXXXXXX-100", secret_key="your_secret_key")

2. Generate an Encryption Key

fyers-auto-auth generate-key
# Key saved to: ~/.fyers_auto_auth/fernet.key

Or with a custom path:

fyers-auto-auth generate-key --output /path/to/my_key.key

Or programmatically:

from fyers_auto_auth import generate_fernet_key

key = generate_fernet_key(save_to="~/.fyers_auto_auth/fernet.key")

3. Get Access Tokens

from fyers_auto_auth import FyersAuth, load_fernet_key

auth = FyersAuth(
    client_id="XXXXXXXXXX-100",
    secret_key="your_secret_key",
    username="your_fyers_id",
    totp_key="YOUR_TOTP_BASE32_KEY",
    pin="1234",
    encryption_key=load_fernet_key(),
)

# Get token — cached, auto-refreshes daily
access_token = auth.get_token()

# Or use the shorthand
access_token = auth()

4. Use with Fyers API

from fyers_apiv3 import fyersModel
from fyers_auto_auth import FyersAuth, load_fernet_key

auth = FyersAuth(
    client_id="XXXXXXXXXX-100",
    secret_key="your_secret_key",
    username="your_fyers_id",
    totp_key="YOUR_TOTP_BASE32_KEY",
    pin="1234",
    encryption_key=load_fernet_key(),
)

fyers = fyersModel.FyersModel(
    client_id="XXXXXXXXXX-100",
    token=auth.get_token(),
    is_async=False,
    log_path="",
)

print(fyers.get_profile())

Configuration

Token File Location

By default, encrypted tokens are stored at ~/.fyers_auto_auth/tokens.json.

You can customize this:

# Option 1: Pass directly
auth = FyersAuth(..., token_file="/path/to/my_tokens.json")

# Option 2: Environment variable
# export FYERS_TOKEN_FILE=/path/to/my_tokens.json
auth = FyersAuth(...)  # picks up from env automatically

Resolution order: explicit argument → FYERS_TOKEN_FILE env var → default path.

Encryption Key Location

The load_fernet_key() helper looks for the key in this order:

  1. Explicit path argument: load_fernet_key("/path/to/key.key")
  2. FYERS_FERNET_KEY env var (the raw key value)
  3. FYERS_FERNET_KEY_FILE env var (path to a key file)
  4. Default: ~/.fyers_auto_auth/fernet.key

Environment Variables

Variable Description
FYERS_TOKEN_FILE Path to the encrypted token file
FYERS_FERNET_KEY Fernet key value (raw)
FYERS_FERNET_KEY_FILE Path to a file containing the Fernet key

CLI Reference

fyers-auto-auth generate-key [--output PATH]
    Generate a new Fernet encryption key.

fyers-auto-auth setup-app --client-id ID --secret-key KEY [--redirect-uri URI] [--no-browser]
    First-time Fyers API app authorization.

API Reference

FyersAuth(client_id, secret_key, username, totp_key, pin, encryption_key, token_file=None, redirect_uri=None)

Main class for automated token management.

  • get_token()str — Get a valid access token (auto-refreshes if stale).
  • auth()str — Shorthand for get_token().

generate_fernet_key(save_to=None)bytes

Generate a new Fernet encryption key. Optionally save to a file.

load_fernet_key(path=None)bytes

Load a Fernet key from file or environment variable.

setup_app(client_id, secret_key, redirect_uri=None, open_browser=True)str

Generate and display the first-time authorization URL.

How It Works

get_token() called
     │
     ├─ Check in-memory cache → return if today's token
     │
     ├─ Check encrypted file on disk → decrypt & return if today's token
     │
     └─ Run full login flow:
         1. Send login OTP request
         2. Verify OTP using TOTP (generated from your secret key)
         3. Verify PIN
         4. Get authorization code
         5. Exchange auth code for access token
         6. Encrypt & save to disk
         7. Cache in memory & return

Security Notes

  • Never commit your .env files, .key files, or tokens.json to version control.
  • Add these to your .gitignore:
    *.env
    *.key
    tokens.json
    
  • The Fernet encryption key is the master secret — treat it like a password.
  • Tokens are valid for one trading day only.

License

MIT

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

fyers_auto_auth-0.1.3.tar.gz (15.6 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

fyers_auto_auth-0.1.3-py3-none-any.whl (13.5 kB view details)

Uploaded Python 3

File details

Details for the file fyers_auto_auth-0.1.3.tar.gz.

File metadata

  • Download URL: fyers_auto_auth-0.1.3.tar.gz
  • Upload date:
  • Size: 15.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for fyers_auto_auth-0.1.3.tar.gz
Algorithm Hash digest
SHA256 c4ee6cc17afe440ad4f75d4c1d505dee1b0af0eb4ed7f1d7f4e8425adb593b9d
MD5 4c41f798e17dfd7bf1c1fb5889bf2813
BLAKE2b-256 65c57e70d6365b2492d347f1a0f527d0a37e641137067de523ad13231a690f0b

See more details on using hashes here.

Provenance

The following attestation bundles were made for fyers_auto_auth-0.1.3.tar.gz:

Publisher: pypi-package-publish.yml on KoushikEng/fyers-auto-auth

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file fyers_auto_auth-0.1.3-py3-none-any.whl.

File metadata

  • Download URL: fyers_auto_auth-0.1.3-py3-none-any.whl
  • Upload date:
  • Size: 13.5 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for fyers_auto_auth-0.1.3-py3-none-any.whl
Algorithm Hash digest
SHA256 94f76f6a725a9c67795423ffc02654d3b598e1a87908c6d264dfd2ba3c1bcc27
MD5 18425269eccc11ed5ed4b62758cc4bb2
BLAKE2b-256 4225eb549541e106af777d8a35b567e1d41ad7b3a39ee84b1155f8d1f70aba6a

See more details on using hashes here.

Provenance

The following attestation bundles were made for fyers_auto_auth-0.1.3-py3-none-any.whl:

Publisher: pypi-package-publish.yml on KoushikEng/fyers-auto-auth

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page