ibind icon indicating copy to clipboard operation
ibind copied to clipboard
Published 1 month ago verified publisher icon Voyz

Littles questions, issue, plus "2FA" easy way to connect?

Open lm8lm8 opened this issue 9 months ago • 5 comments

hello!

thank you for this guide ! several things :

  1. on a specific ibkr account, i have an error message at the upload of the second file (the encryption key) :

Failed to set Key - failed to put consumer info - Request failed with status code 403

i think it comes from the ibkr service side, but i may be wrong.

  1. pip install ibind[oauth] <= on my debian it's sudo apt-get install python3-oauthlib

  2. with another account, i went up to the DH Prime, until here it's not that hard. However, after it's a bit more complicated : i understood that i should choose between two methods :

    As environment variables

    As constructor parameters of IbkrClient class

the second one is well explained, but the first one, i see only "env variables", but not how to "place" them, as i never developped in python. is it possible to explain a bit more? thanks!

  1. my main goal is to have a smartphone-free (or smartphone-less) option to connect/login ibkr.

Like others people, i use especially my computer to do absolutely everything related to online services. I have to use a trusted relative's device since IBKR told us "the app or TOTP for 1MUSD" and i dont have that amount.

So it's either the app, or your tutorial for oauth2. But : with those keys and oauth2 setup, i guess properly (up to step dhprime done), i'd like to use oauth2 just to connect my web browser (on computer, firefox) into the classic web interface of ibkr. Is there a specific way to do so? Im looking only to get this "2FA" with oauth, in order also to test this type of connection with my others banks. Is there a way to do so?

in fact, i dont understand how to use the program to "communicate" in python with the IBKR services, with the generated keys, eg with a command program to allow "yes this connection validated" ?

i also found that guide (pdf), but i guess you already saw it : https://www.interactivebrokers.com/webtradingapi/oauth.pdf

thank you vm !

lm8lm8 avatar Mar 31 '25 23:03 lm8lm8

Hi, I'm not sure I'm understanding correctly, but let me try to answer some of your questions:

  1. on a specific ibkr account, i have an error message at the upload of the second file (the encryption key) : Failed to set Key - failed to put consumer info - Request failed with status code 403 i think it comes from the ibkr service side, but i may be wrong.

I believe this is best answered by IBKR support. You seem to be on the IBKR OAuth setup page, which is not managed by this library. Maybe check your consumer key, which should consist of 9 letters?

  1. pip install ibind[oauth] <= on my debian it's sudo apt-get install python3-oauthlib

Caution here, python3-oauthlib is a package totally different from this here ibind project with the oauth option. pip install ibind[oauth] is correct. pip is the python package installer and will usually install the requested package into your virtual environment.

the second one is well explained, but the first one, i see only "env variables", but not how to "place" them, as i never developped in python. is it possible to explain a bit more? thanks!

"env variables" are not python-specific, but a feature of most Unix systems. Please see https://wiki.debian.org/EnvironmentVariables for an explanation for your Debian system.

  1. my main goal is to have a smartphone-free (or smartphone-less) option to connect/login ibkr.

So it's either the app, or your tutorial for oauth2. But : with those keys and oauth2 setup, i guess properly (up to step dhprime done), i'd like to use oauth2 just to connect my web browser (on computer, firefox) into the classic web interface of ibkr. Is there a specific way to do so? Im looking only to get this "2FA" with oauth, in order also to test this type of connection with my others banks. Is there a way to do so?

I'm at a loss here, so sorry. Unsure about what you're trying to achieve. Note the ibind library does not support OAuth 2.0 yet. AFAIK, "2FA with oauth" is neither necessary nor possible.

in fact, i dont understand how to use the program to "communicate" in python with the IBKR services, with the generated keys, eg with a command program to allow "yes this connection validated" ?

Not sure if this what you're looking for, but here are some example programs: https://github.com/Voyz/ibind/tree/master/examples

Please let me know if that helps in any way

salsasepp avatar Apr 01 '25 09:04 salsasepp

hey @lm8lm8 thanks for your issue and for your questions. Do note that there seem to be multiple intertwined topics in your post, and it's not entirely clear what you're trying to ask. I'd encourage you to break the questions off into separate issues for clarity.

Nevertheless, to add to @salsasepp's superb reply:

i see only "env variables", but not how to "place" them, as i never developped in python. is it possible to explain a bit more?

I found a few tutorials that should help you. Please note that this question is more related to computer systems in general and programming in Python, explaining which isn't really something we do as part of maintaining this library.

https://developer.vonage.com/en/blog/python-environment-variables-a-primer https://www.datacamp.com/tutorial/python-environment-variables https://fastapi.tiangolo.com/environment-variables/

Im looking only to get this "2FA" with oauth

There is no 2FA with OAuth

Like others people, i use especially my computer to do absolutely everything related to online services. I have to use a trusted relative's device since IBKR told us "the app or TOTP for 1MUSD" and i dont have that amount. So it's either the app, or your tutorial for oauth2. But : with those keys and oauth2 setup, i guess properly (up to step dhprime done), i'd like to use oauth2 just to connect my web browser (on computer, firefox) into the classic web interface of ibkr. Is there a specific way to do so? Im looking only to get this "2FA" with oauth, in order also to test this type of connection with my others banks. Is there a way to do so? in fact, i dont understand how to use the program to "communicate" in python with the IBKR services, with the generated keys, eg with a command program to allow "yes this connection validated" ?

Sorry, I don't understand what you're trying to say or ask here. If you could, please elaborate in detail, avoiding abbreviations such as TOTP or 1MUSD. Ideally try to describe what you're trying to achieve in step-by-step process, and outline where you're encountering problems. Communicating with IBKR services in general is something that IBKR support should be able to help you with. IBind only simplifies the process.

Voyz avatar Apr 01 '25 12:04 Voyz

hey @lm8lm8 thanks for your issue and for your questions. Do note that there seem to be multiple intertwined topics in your post, and it's not entirely clear what you're trying to ask. I'd encourage you to break the questions off into separate issues for clarity.

Nevertheless, to add to @salsasepp's superb reply:

i see only "env variables", but not how to "place" them, as i never developped in python. is it possible to explain a bit more?

I found a few tutorials that should help you. Please note that this question is more related to computer systems in general and programming in Python, explaining which isn't really something we do as part of maintaining this library.

https://developer.vonage.com/en/blog/python-environment-variables-a-primer https://www.datacamp.com/tutorial/python-environment-variables https://fastapi.tiangolo.com/environment-variables/

Im looking only to get this "2FA" with oauth

There is no 2FA with OAuth

Like others people, i use especially my computer to do absolutely everything related to online services. I have to use a trusted relative's device since IBKR told us "the app or TOTP for 1MUSD" and i dont have that amount. So it's either the app, or your tutorial for oauth2. But : with those keys and oauth2 setup, i guess properly (up to step dhprime done), i'd like to use oauth2 just to connect my web browser (on computer, firefox) into the classic web interface of ibkr. Is there a specific way to do so? Im looking only to get this "2FA" with oauth, in order also to test this type of connection with my others banks. Is there a way to do so? in fact, i dont understand how to use the program to "communicate" in python with the IBKR services, with the generated keys, eg with a command program to allow "yes this connection validated" ?

Sorry, I don't understand what you're trying to say or ask here. If you could, please elaborate in detail, avoiding abbreviations such as TOTP or 1MUSD. Ideally try to describe what you're trying to achieve in step-by-step process, and outline where you're encountering problems. Communicating with IBKR services in general is something that IBKR support should be able to help you with. IBind only simplifies the process.

hello

sorry, i have been told that oauth was an alternative for 2FA authentication

that it was possible to use oauth to enable/activate the account login via a script on computer, instead of using "the app" or a TOTP specific device.

my main goal is to use something on my computer (not an android emulation) to be able to login, with absolutely no app, on ibkr. And i cant possess a TOTP, as ibkr requests 1M at least. SO on a forum someone told me that ibkr can be used with oauth, as i guess it would work to make me use the web interface with oauth, instead having to use an "app".

lm8lm8 avatar Apr 02 '25 11:04 lm8lm8

sorry, i have been told that oauth was an alternative for 2FA authentication

that it was possible to use oauth to enable/activate the account login via a script on computer, instead of using "the app" or a TOTP specific device.

my main goal is to use something on my computer (not an android emulation) to be able to login, with absolutely no app, on ibkr. And i cant possess a TOTP, as ibkr requests 1M at least. SO on a forum someone told me that ibkr can be used with oauth, as i guess it would work to make me use the web interface with oauth, instead having to use an "app".

Thank you @lm8lm8 , I believe I now understand better what you're trying to do. Please correct me if I'm wrong:

At this time, you're using one of IBKR's trading platforms (e.g. TWS or IBKR Desktop) and/or you're logging in into the Web Client Portal. All of these require 2FA of some sort, e.g. the "IBKR app" or a TOTP device. You'd like to do this without 2FA and were hoping that OAuth would be the solution.

In that case: No, so sorry. OAuth is an authentication protocol for accessing IBKR's Web API, i.e. to programmatically access your account, place/cancel orders, get market data etc. OAuth cannot be used to bypass 2FA when using any of IBKR's other trading platforms or the Client Portal. ibind[oauth] probably is not the solution to your problem.

The best thing I can think of is using a PC-based TOTP platform, e.g. Bitwarden. This would enable you to login to IBKR and do 2FA on the same device, i.e. your PC. I am not using such a setup myself, so I am not 100% sure this will work. Crossing my fingers for you, please let us know how it goes!

salsasepp avatar Apr 02 '25 19:04 salsasepp

hi @lm8lm8, i have the same issue with 403 error - have you found a solution?

art1c0 avatar Apr 19 '25 07:04 art1c0