Use Python (Flask) to create a simple HTTP server that listens for POST requests.
Then, use Ngrok to expose your local server to the internet through a secure tunnel.
Copy this URL and paste it into the Webhook URL field in TradingView. That’s it!
And the good thing is Kite Connect Personal APIs are free for placing orders.
@Matti , is there any security risk in exposing our local server to the internet using this method?
Yes, exposing your local Flask server with Ngrok is convenient for development or testing, but it does come with security risks.
Key concerns include:
Direct Internet Access: Ngrok creates a public tunnel that bypasses your firewall. Anyone with the link can reach your Flask server. If the webhook endpoint lacks validation, attackers could send malicious data.
URL Guessing & Scanning: Ngrok URLs may seem random, but attackers use bots to scan for live tunnels. If found, they could probe for vulnerabilities in your app.
Phishing & Abuse: Ngrok has been misused to host fake login pages or malware, which could affect your tunnel’s reputation or get it flagged.
Firewall Bypass: Because Ngrok opens an outbound tunnel, your network firewall can’t filter incoming requests like it usually would.
Shared IP Reputation: Free Ngrok tunnels share IPs. If someone else using that IP does something malicious, your tunnel might get blocked.