Overview
The GST Network (GSTN) has announced a new facility that brings greater transparency and control for taxpayers over their data shared with Application Suvidha Providers (ASPs) through GSP APIs.
As an authorised GSP, Octa GST fully supports this initiative, which aims to enhance taxpayer trust and data security in the GST ecosystem. Starting November 7, 2025, every taxpayer can view which ASPs have their consent to access data from the GST system — and, importantly, can revoke that access at any time.
Why This Matters?
Earlier, when taxpayers granted OTP-based consent to an ASP (through a GSP) to fetch their GST data — for return filing, reconciliation, or e-invoicing — there was no central view of which ASPs currently had access.
This new feature ensures:
- Transparency: Taxpayers can see the list of ASPs that have active access to their GST data.
- Control: They can revoke consent instantly if they no longer wish to share data with an ASP.
- Accountability: Access logs show when each ASP fetched data and its current status.
- Data Security: No ASP can fetch data once consent is revoked, unless a new OTP-based consent is granted.
Together, these changes build a more secure, auditable, and taxpayer-friendly GST ecosystem.
How to Use the New Facility
Taxpayers can access this functionality directly on the GST Common Portal (https://gst.gov.in). Here’s a step-by-step guide to view or revoke API access consents:
Step 1: Log in to GST Portal
Visit gst.gov.in and log in using your username and password.
Step 2: Go to Your Profile
Click on your name at the top right corner → choose My Profile from the dropdown.
Step 3: Open “Manage API Access”
On the left sidebar, select Manage API Access.
Here, you can enable or disable API access for ASPs by choosing YES and defining the access duration.
Step 4: View ASPs with Active Consents
If API access is enabled, you’ll see a list of ASPs that currently have your consent to fetch data via APIs.
Click on View Logs → Active Tokens to see the active access records.
Step 5: Revoke Consent
If you wish to stop any ASP from accessing your GST data, simply click Revoke.
The ASP’s authentication token will be invalidated, and they will no longer be able to fetch any data unless you grant
consent again.
Step 6: Review Access Logs
Under View Logs, you can see a complete list of all access attempts made by each ASP, along with their status — whether successful, failed, or revoked.
Benefits for Taxpayers
| Benefit | Description |
|---|---|
| Enhanced Transparency | Easily view all ASPs who have been granted API access via your consent. |
| Improved Data Security | Prevent unauthorized or outdated access to your GST data. |
| Instant Control | Revoke any ASP’s access token immediately without waiting for expiry. |
| Better Audit Trail | View detailed access history and status of each data fetch attempt. |
Key Takeaways
- The new feature goes live on November 7, 2025.
- Taxpayers can now view, monitor, and revoke ASP data access from their GST portal.
- No ASP can access taxpayer data once consent is revoked.
- A detailed advisory and tutorial are available on the GST Common Portal.
Conclusion
This new data access transparency feature is a major step toward building trust in the GST digital ecosystem.
By empowering taxpayers with visibility and control, GSTN ensures data is accessed only with proper consent — a win for
both compliance and confidence.
At Octa GST, we welcome this initiative and will continue to ensure our users enjoy the highest standards of security, privacy, and compliance.