LOGIN API
This API is used to authenticate users by validating their login credentials. Upon successful authentication, the API returns the following in the response :
- access_token : This token must be included in the Authorization header of all subsequent API request to authorize the users session.
- broadcast_access_token :This token is required to establish a connection with the feed endpoint, accessible via the broadCastSocket URL provided in the response. Please refer to the Price Feed API for detailed usage instructions.
Additionally, the response includes essential information for trading, such as:
- The list of exchanges allowed for the user.
- Supported Product type.
- Other key trading-related parameters.
This API is prerequisite for accessing all authenticated endpoints in the system.
🗝️Login Types and Second-Factor Authentication
| login_type | Password Field | second_auth-type | second_auth_value |
|---|---|---|---|
| PASSWORD | Password | REGISTER | Not required |
| TOKEN | register_token | OTP/TOTP/FINGERPRINT | OTP Value/TOTP Value/Registered UDID |
| PASSWORD | Password | OTP/TOTP/FINGERPRINT | OTP Value/TOTP Value/Registered UDID |
| MPIN | MPIN Registered | OTP/TOTP/FINGERPRINT | OTP Value/TOTP Value/Registered UDID |
| TP_TOKEN | SSO token | Not Required | Not Required |
📝Authentication Flow Notes
- To retrieve the second-factor authentication methods available for a user, user REGISTER in the second_auth_type field.
- This will validate the provided password and return a register_token.
- The returned register_token can then be used in a subsequent login attempt with login_type set to TOKEN, along with the appropriate second-factor credentials.
🔑Header Parameters
| Header | Type | Description | Example |
|---|---|---|---|
| Content-Type | string | Specifies the media type of the request payload | application/json |
| x-api-key | string | API key used to authorize the request | x-api-key |
📑Request Body Parameters
| Field | Type | Required | Descripiton | Example/Enum |
|---|---|---|---|---|
| user_id | string | Yes | User ID (UCC) Provided to the user | "UCC123456" |
| login_type | string | Optional | Specifies the login method. Determines which value is passed in the password field. Use TP_TOKEN when authentication is handled externally 9eg., via a Super APP) | Default: "PASSWORD" Enum : PASSWORD, MPIN, FINGERPRINT, TP_TOKEN |
| password | string | Yes | Password, MPIN, UDID or SSO Token depending on the login_type selected. | "mypassword123" |
| second_auth_type | string | Optional | Type of secondary authentication selected by the user.User REGISTER on first login to register a second-factor method. | Enum : OTP, TOTP, FINGERPRINT, REGISTER |
| second_auth | string | Optional | The credential value for the selected secondary authentication type (e.g., OTP, TOTP,UDID) | "123456"/"MyDeviceID" |
| api_key | string | Yes | API Key provided by Synapsewave for authenticating the client application | "xyz-api-key" |
| source | string | Yes | Indicates the platform from which the user is logging in | Enum : WEBAPI, MOBILEAPI |
| UDID | String | Optional | Unique Device ID of the user's device. | "device-12345-udid" |
| version | string | Optional | version number for the Android application | "2.1.0" |
| iosversion | string | Optional | Version number of the iOS application | "3.0.5" |
| build_version | string | Optional | Internal build version of the application | "build-45" |
| deviceinfo | object | Optional | Additional information about the user's device (e.g., OS, model, etc) | {"os" : "Android", "model" : "Pixel 6"} |
📘DeviceInfo Object Fields
| Field | Type | Description | Example/ENUM |
|---|---|---|---|
| UDID | string | The unique identifier for the device. | "123e4567-e89b-a456-426614174000" |
| DeviceModel | string | The model of the device from which the user has logged in. | "iPhone 12" |
| DeviceSerialNo | string | The serial number of the device used for log in. | SN1234567890 |
| DeviceManufacturer | string | The manufacturer of the device used for login. | Apple |
| DevicePlatform | string | The platform of the device used for login | Web |
| DevicePlatformVer | string | The version of the platform (OS) on the device used for login. | 14.4 |
| Longitude | string | The longitude coordinate of the device's location when logging in. | 77.5946 |
| Latitude | string | The latitude coordinate of the device's location when logging in. | "12.9716" |
| AppName | string | The name of the application being used for login. | Wave 3.0 |
| AppVersion | string | The version of the application used for login. | "1.2.3" |
| AppVersionCode | string | The version code of the application used for login. | "200000" |
| AppPackageName | string | The package name of the application used for login (Android only). | com.example.myapp |
| FCMRegKey | string | The Firebase Cloud Messaging (FCM) registration key for push notifications | "172.25.90.82:8100 |
| IP | string | IP Address of the device used for login | "192.168.1.1" |
| SDKVersion | string | The version of the software development kit (SDK) used for the application. | "30" |
🟢Success Response - 200 OK
Content-Type: application/json
| Field | Type | Description | Example |
|---|---|---|---|
| status | string | Indicates the result of the API call | "success" |
| code | string | Response code corresponding to the request | "s-101" |
| message | string | Descriptive message for the response | "User logged in Successfully." |
| data | object | Contains the user login response payload, including token and user-specific trading information | Refer to Login Response Data Section |
Data Object Fields
| Field | Type | Description | Enum / Example |
|---|---|---|---|
access_token | string | The authentication token to be used with every subsequent request | "eyJhbGciOiJIUzI1NiJ9..." |
user_name | string | User's name | "John Doe" |
login_time | string | User's last login time | "2024-01-01 10:00:00" |
exchanges | string[] | Exchanges allowed to user | ["NSE", "BSE", "NFO"] |
bcastExchanges | string[] | Exchanges allowed to user for market feed data | ["NSE", "BSE"] |
product_types | string[] | Product types allowed to user across all exchanges | ["CNC", "MIS", "NRML"] |
product_types_exchange | object | Product types allowed to user exchange wise | {"NSE": ["CNC", "MIS"]} |
mpin_enabled | boolean | Flag if user has registered MPIN | true / false |
fingerprint_enabled | boolean | Flag if user has registered fingerprint | true / false |
user_id | string | User Id (UCC) provided to the user | "AB1234" |
others | object | See below | — |
Others Object Field
| Field | Type | Description | Enum / Example |
|---|---|---|---|
userCode | string | User Code | "AB1234" |
groupId | string | Group to which the user belongs to | "GRP01" |
groupCode | string | Group Code | "GC01" |
newsCategories | string | News Categories | "GENERAL,MARKET" |
messageSocket | string | Endpoint of socket.io server for receiving interactive messages | "https://socket.example.com" |
broadCastSocket | string | Endpoint of WebSocket server for receiving market feed data | "wss://feed.example.com" |
secondBroadCastSocket | string[] | Other market feed server endpoints | ["wss://feed2.example.com"] |
POA | string | POA status of user | 0 = POA user, 2 = Non POA user |
nGTDDefault | integer | Default GTD set | 7 |
nGTDMaxDays | integer | Maximum days set for GTD | 30 |
sGTDConfigDetails | string | GTD Configuration Details | "config_string" |
ocToken | string | OC Token | "oc_token_string" |
managerIP | string | Manager IP | "192.168.1.1" |
tslAllowed | string[] | TSL Allowed | ["NSE", "BSE"] |
edisForMTF | boolean | EDIS for MTF | true / false |
showJumpPriceBothLtpAndTriggerPrice | boolean | Show jump price for both LTP and trigger price | true / false |
CFT | string | CFT | "cft_value" |
bAMOAllowedForUser | boolean | AMO allowed for user | true / false |