You're not alone in facing this issue - the symptoms you're experiencing are consistent with a known problem related to the initial handshake and authentication process in the cTrader Open API, particularly when using a custom implementation.
First, to verify whether your clientId and clientSecret are still valid, the easiest way is to test them using the official Python or C# SDKs provided by Spotware. These SDKs are actively maintained and will give you a clear indication of whether your credentials are accepted or rejected. This helps eliminate concerns around framing, Protobuf compatibility, or protocol version mismatches.
The behavior you described - repeated payloadType 51 messages followed by a dropped connection - strongly suggests a protocol-level mismatch rather than invalid credentials. For clarity, payloadType 51 corresponds to a heartbeat message, not a version negotiation or response. Some clients send this heartbeat early on to maintain or confirm a connection, but it should not be confused with authentication or protocol negotiation.
From what I've seen while working on a C client implementation using libwebsockets, there are some important nuances:
The Python SDK sends a 4-byte message with the payload 08 33 12 00 before sending the authentication request. This corresponds to a ProtoMessage with payloadType = 51, i.e., a heartbeat.
If I replicate this in my C client and follow it with a valid ProtoOAApplicationAuthReq, I still don’t get an auth response.
If I intentionally send an invalid auth request (with empty credentials), I do get a server-side error about missing fields - proving that the connection and Protobuf encoding are fundamentally working.
This seems to suggest that:
The server recognizes the transport, framing, and message types.
But it may require a specific message flow or implicit handshake (such as heartbeat or version alignment) before proceeding with authentication.
fudheryk
10 Apr 2025, 14:58 ( Updated at: 11 Apr 2025, 05:27 )
Hi there,
You're not alone in facing this issue - the symptoms you're experiencing are consistent with a known problem related to the initial handshake and authentication process in the cTrader Open API, particularly when using a custom implementation.
First, to verify whether your clientId and clientSecret are still valid, the easiest way is to test them using the official Python or C# SDKs provided by Spotware. These SDKs are actively maintained and will give you a clear indication of whether your credentials are accepted or rejected. This helps eliminate concerns around framing, Protobuf compatibility, or protocol version mismatches.
The behavior you described - repeated payloadType 51 messages followed by a dropped connection - strongly suggests a protocol-level mismatch rather than invalid credentials. For clarity, payloadType 51 corresponds to a heartbeat message, not a version negotiation or response. Some clients send this heartbeat early on to maintain or confirm a connection, but it should not be confused with authentication or protocol negotiation.
From what I've seen while working on a C client implementation using libwebsockets, there are some important nuances:
This seems to suggest that:
Hope this sheds more light on the issue!
@fudheryk