Broker API Session Expiry: The Silent Algo Failure

Your strategy is backtested. Your capital is allocated. The market opens, your scanner fires, your algo places the entry order — and nothing happens. No fill. No error popup. Just silence.

When you finally check the logs an hour later, you find one line: 401 Unauthorized. The broker session expired overnight, and your algo has been firing orders into a dead socket since 9:15.

This is the single most common live-trading failure for Indian retail algo traders. It does not show up in backtests. It does not show up in paper trading. And it usually does not show up in your dashboard until money is already on the table.

Why Session Expiry Is the Silent Killer

Almost every Indian broker API — Zerodha Kite Connect, Upstox, Angel One SmartAPI, Fyers, Dhan, Flattrade, Kotak Neo — uses a daily access token model. You authenticate once, get a token, and that token dies at a fixed time (usually around 06:00 IST or end-of-day). SEBI's framing of API access keeps this manual login step in the loop on purpose.

The dangerous part is what happens after the token dies:

• WebSocket feeds keep streaming stale data or silently drop.
• Order placement returns an error, but your strategy code might not parse the error correctly.
• Position-fetch calls return empty arrays, so your risk module thinks you have zero exposure when you actually have an open position from yesterday.
• Some brokers throw Invalid Token. Others throw Session Expired. Others throw a generic 400. Your error handler needs to recognise all of them as the same problem.

If your code treats "empty positions" as "no risk" and your token is dead, you can re-enter a trade you already have open. That is how duplicate orders happen on expiry day for traders who never wrote a single bug. The token expiry is the bug.

The Daily Token Reality Across Brokers

Most retail APIs in India share the same constraint: you cannot programmatically log in. You have to hit a broker-hosted login URL, complete 2FA, get a request token, and exchange it for an access token. This is a regulator-backed design, not a broker oversight.

What changes between brokers is the expiry timing and the refresh ergonomics:

• Zerodha Kite Connect: Access token expires daily at 06:00 IST. No refresh token. You must re-login every morning.
• Upstox: Daily token expiry, with documented session handling that lets you detect expiry before the open if you implement the health check correctly.
• Angel One SmartAPI / Fyers: Daily login flow, free access, with the trade-off that automated overnight strategies need a fresh token before 09:15.
• Dhan, Flattrade: Daily token model with their own login URLs and 2FA flow.

The takeaway is not "which broker is best." It is that every live algo in India must assume the session is dead until proven alive. If you want a deeper workflow comparison, the NSE algo trading API page walks through the practical differences in order routing and session handling.

The Pre-Market Check That Prevents 90% of Failures

Before 09:15, your system needs to answer four questions. If any answer is "no," do not start trading.

1. Is the access token valid right now? Hit a cheap authenticated endpoint — /user/profile or /funds — and confirm a 200 response. Do not assume the token from yesterday's file is alive.
2. Is the order endpoint reachable? A profile call hitting cache is not the same as an order endpoint working. Some brokers route these differently. Place a test order with invalid params and confirm you get a validation error (not an auth error). A validation error proves the order channel is alive.
3. Is the WebSocket feed actually streaming? Open the socket, subscribe to NIFTY spot, and confirm at least one tick within 5 seconds. A connected socket that streams zero ticks is the worst possible state — your code thinks it is live, but it is blind.
4. Are existing positions visible? Fetch positions and holdings. If the array is empty when you know you carried a position overnight, your token is half-dead. Halt the algo.

This entire check should run as a pre_market_health.py script that exits non-zero on any failure and blocks your algo from starting. Wire it to your scheduler at 09:00 IST. Get a notification if it fails. Fix it before 09:15.

Handling Mid-Session Failures

Tokens usually die at the boundary (overnight or 06:00). But mid-session, you can still lose the session if:

• The broker rotates infrastructure and invalidates your token.
• Your WebSocket drops on a network blip and your reconnect logic re-authenticates incorrectly.
• You exceed a rate limit and get throttled into an auth-looking error.

Your algo should treat any 401 or Session Expired mid-session as a trading halt, not a retry. Retrying an auth failure 200 times per minute just gets you IP-blocked. Halt, alert, and require a manual restart with a fresh token. This is conservative and that is the point — silent re-auth is the path to duplicate orders.

Logging That Actually Helps

Most algo failure post-mortems get stuck because the logs are useless. Three log lines change that:

• Every API call: timestamp, endpoint, HTTP status, and the first 100 chars of the response body.
• Every order: client order ID, broker order ID, status, and the exact request payload.
• Every WebSocket event: connect, disconnect, last-tick-timestamp, and reconnect attempt count.

When you do this, "the algo stopped at 10:42" becomes "the access token returned 401 at 10:42:13 after a successful order placement at 10:41:58." The second sentence tells you exactly what to fix.

The Pre-Live Checklist

Before you point a real-money algo at any broker, walk this list:

• Token refresh process is documented, scripted, and runs before 09:15 IST every trading day.
• A health check script verifies token, order channel, WebSocket ticks, and position fetch — and exits non-zero on failure.
• Your error handler maps every broker's variant of "session dead" (401, Invalid Token, Session Expired, generic 400) to a single halt state.
• Mid-session auth failures halt the algo, not retry it.
• All API calls, orders, and socket events are logged with timestamps and status codes.
• A separate process monitors the algo process — if the algo dies, you get an alert, not silence.
• Position reconciliation runs every 60 seconds and flags any mismatch between your internal state and the broker's reported positions.

A platform like Anadi Algo wraps the token refresh, health checks, and reconciliation around your strategy logic so you do not rebuild the plumbing for every new system. If you are still hand-rolling this, request early access and run your strategy against a managed execution layer first — or at least audit your own setup against the checklist above before you go live.

Session expiry is not exciting. It is not a sharp edge in your strategy or a new indicator. It is the boring, repeatable failure that quietly costs retail algo traders more money than any backtest mistake. Treat it as a first-class problem, and most of your "the algo just stopped" mornings disappear.