Skip to content

ID Authentication APIs

Loganathan Sekar edited this page Sep 17, 2019 · 66 revisions

This section details about the REST services in ID Authentication module.

  • Authentication Service - This service can be used by Partners to authenticate an Individual using OTP, Demographic or Biometric-based authentication.
  • eKYC Service - This service can be used by Partners to retrieve KYC details of an Individual, after authenticating them using OTP or Biometric-based authentication.
  • OTP Request Service - This service can be used by Partners to send OTP on behalf of Individual, which can then be used for OTP-based authentication.
  • Internal Authentication Service - This service can be used by MOSIP modules to authenticate Individual using Biometric-based authentication.

Authentication Service (Public)

This service details authentication (yes/no auth) that can be used by Partners to authenticate an Individual. Below are various authentication types supported by this service -

  1. OTP based - OTP (Time based OTP)
  2. Demographic based - Name, DOB, Age, Gender, Address, FullAddress
  3. Biometric based - Fingerprint, IRIS and Face

Users of Authentication service -

  1. MISP (MOSIP Infrastructure Service Provider) - MISP's role is limited to infrastructure provisioning and acting as a gate keeper for all authentication requests sent to this service. The MISP is also responsible for the policy creation on the MOSIP servers so their partners will follow the set policy.
  2. Partners - Auth-Partners register themselves with MOSIP, under a MISP. Authentication requests are captured by Auth-Partners and sent to MOSIP, via MISP.

POST /idauthentication/v1/auth/

This request will authenticate an Individual, based on provided authentication type(s).

Resource URL

https://mosip.io/idauthentication/v1/auth/:Auth-Partner-ID/:MISP-LicenseKey

Resource details

Resource Details Description
Response format JSON
Requires Authentication Yes

Request Body Parameters

Name Required Description Default Value Example
id Y API Id mosip.identity.auth
version Y API version v1
transactionID Y Transaction ID of request 1234567890
requestTime Y Time when Request was captured 2019-02-15T10:01:57.086+05:30
requestedAuth Y Authentication Types requested
requestedAuth: otp Y OTP Authentication Type false false
requestedAuth: demo Y Demographic Authentication Type false false
requestedAuth: bio Y Biometric Authentication Type false false
individualId Y VID of Individual 9830872690593682
individualIdType Y Allowed Type of Individual ID - VID, UIN VID
consentObtained Y If consent of Individual is obtained true
keyIndex Y Thumbprint of public key certificate used for encryption of sessionKey
requestSessionKey Y Session Key encrypted using MOSIP Public Key
requestHMAC Y sha256 of request block before encryption and hash is encrypted using requestSessionKey
request Y Auth request attributes to be used for authenticating Individual
request: otp N OTP
request: timestamp N Timestamp when request block was captured
request: demographics N Demographic data of an Individual
request: biometrics N Biometric data of an Individual

Mandatory fields for different types of authentications-

  1. OTP Auth - request: otp attribute is mandatory
  2. Demographic Auth - request: demographics attribute is mandatory
  3. Biometric Auth - request: biometrics attribute is mandatory

Request Body

{
  "id": "mosip.identity.auth",
  "version": "v1",
  "requestTime": "2019-02-15T10:01:57.086+05:30",
  "transactionID": "1234567890",
  "requestedAuth": {
    "otp": true,
    "demo": false,
    "bio": false
  },
  "consentObtained": true,
  "individualId": "9830872690593682",
  "individualIdType": "VID",
  "keyIndex": "<thumbprint of the public key certficate used for enryption of sessionKey. This is necessary for key rotaion>",
  "requestSessionKey": "<encrypted with MOSIP public key and encoded session key>",
  "requestHMAC": "<sha256 of the request block before encryption and the hash is encrypted using the requestSessionKey>",
  "request": { // Encrypted with session key and base64 encoded
    "timestamp": "2019-02-15T10:01:56.086+05:30 - ISO format timestamp",
    "otp": "123456",
    "demographics": {
      "name": [
        {
          "language": "ara",
          "value": "ابراهيم بن علي"
        },
        {
          "language": "fra",
          "value": "Ibrahim Ibn Ali"
        }
      ],
      "gender": [
        {
          "language": "ara",
          "value": "الذكر"
        },
        {
          "language": "fra",
          "value": "mâle"
        }
      ],
      "age": "25",
      "dob": "25/11/1990",
      "fullAddress": [
        {
          "language": "ara",
          "value": "عنوان العينة سطر 1, عنوان العينة سطر 2"
        },
        {
          "language": "fra",
          "value": "exemple d'adresse ligne 1, exemple d'adresse ligne 2"
        }
      ]
    },
    "biometrics": [
      {
        "data": { // Base64 encoded
          "mosipProcess": "",
          "environment": "",
          "version": "",
          "deviceCode": "",
          "deviceProviderID": "",
          "deviceServiceID": "",
          "deviceServiceVersion": "",
          "bioType": "FMR",
          "bioSubType": "UNKNOWN",
          "bioValue": "<encrypted with session key and base64 encoded biometric data>",
          "transactionID": "1234567890",
          "timestamp": "2019-02-15T10:01:57.086+05:30",
          "requestedScore": "<floating point number to represent the minimum required score for the capture>",
          "qualityScore": "<floating point number representing the score for the current capture>"
        },
        "hash": "sha256(sha256 hash of the previous data block + sha256 of the current data block before encryption)",
        "sessionKey": "<encrypted with MOSIP public key and encoded session key biometric>",
        "signature": "base64 signature of the data and metaData block"
      },
      {
        "data": { // Base64 encoded
          "mosipProcess": "",
          "environment": "",
          "version": "",
          "deviceCode": "",
          "deviceProviderID": "",
          "deviceServiceID": "",
          "deviceServiceVersion": "",
          "bioType": "IIR",
          "bioSubType": "RIGHT",
          "bioValue": "<encrypted with session key and base64 encoded biometric data>",
          "transactionID": "1234567890",
          "timestamp": "2019-02-15T10:01:57.086+05:30"
        },
        "hash": "sha256(sha256 hash of the previous data block + sha256 of the current data block before encryption)",
        "sessionKey": "<encrypted with MOSIP public key and encoded session key biometric>",
        "signature": "base64 signature of the data and metaData block"
      }
    ]
  }
}

Responses:

Success Response:
Status Code : 200 (OK)
Description : Successfully authenticated an Individual
{
  //API Metadata
  "id": "mosip.identity.auth",
  "version": "v1",
  "responseTime": "2019-02-15T07:23:19.590+05:30",
  //Response Metadata
  "transactionID": "txn12345",
  //Auth Response
  "response": {
    "authStatus": true,
    "staticToken": "<static_token>"
  },
  "errors": null
}
Failed Response:
Status Code : 200 (OK)
Description : Authentication of an Individual failed
{
  //API Metadata
  "id": "mosip.identity.auth",
  "version": "v1",
  "responseTime": "2019-02-15T07:23:19.590+05:30",
  //Response Metadata
  "transactionID": "txn12345",
  //Auth Response
  "response": {
    "authStatus": false,
    "staticToken": null
  },
  "errors": [
    {
      "errorCode": "IDA-MLC-002",
      "errorMessage": "Invalid UIN",
      "actionMessage": "Please retry with the correct UIN"
    }
  ]
}
Failure Details
Error Code Error Message Description Action Message
IDA-BIA-001 Biometric data – <Biometric Attribute> did not match FMR,IIR,FID Mismatch Please give your biometrics again.
IDA-BIA-002 Duplicate fingers in request. Duplicate fingers Please try again with distinct fingers
IDA-BIA-003 Number of FMR should not exceed 2. Fingers exceeding 2
IDA-BIA-006 Biometric data <Biometric Attribute> not available in database. Missing biometric data in MOSIP database Your Biometric data is not available in MOSIP
IDA-BIA-007 Duplicate Irises in request. Duplicate Irises used Please try again with distinct Irises
IDA-BIA-008 Number of IIR should not exceed 2. Irises exceeding 2
IDA-BIA-009 Number of FID records should not exceed 1. Face exceeding 1
IDA-BIA-013 Number of FMR should not exceed 10. Fingers exceeding 10 for Internal Auth
IDA-DEA-001 Demographic data <demo attribute> in <Language Code> (if applicable) did not match name, Full Address, Address line Items, Gender, Phone,e-mail,DOB,DOB Type, and age Mismatch in any language Please re-enter your <demo attribute> in <Language Code>
IDA-DEA-002 Unsupported Language Code <XX> Unsupported language Code used in the Lang attribute
IDA-DEA-003 Demographic data <Demographic Attribute> in <Language Code> (if applicable) not available in database. Individual’s data not available
IDA-MLC-001 Request to be received at MOSIP within<x> hrs/min Invalid Time stamp Please send the request within <x> hrs/min
IDA-MLC-002 Invalid UIN Invalid UIN Please retry with the correct UIN.
IDA-MLC-003 UIN has been deactivated UIN Deactivated Your UIN status is not active.
IDA-MLC-004 Invalid VID Invalid VID Please retry with correct VID.
IDA-MLC-005 %s VID Expired,Used,Revoked VID Please regenerate VID and try again
IDA-MLC-006 Missing Input parameter- <attribute> Example: Missing Input parameter- version Missing Input parameter- attribute - all the mandatory attributes
IDA-MLC-007 Request could not be processed. Please try again Could not process request/Unknown error; Invalid Auth Request; Unable to encrypt eKYC response
IDA-MLC-008 No authentication type selected No authentication type selected in the request
IDA-MLC-009 Invalid Input parameter- attribute Invalid Input parameter- attribute
IDA-MLC-010 VID has been deactivated VID corresponding to a deactivated UIN
IDA-MLC-011 Unsupported Authentication Type - <Auth Type> - <SubType> if applicable Auth Type not supported for a country Please use other Authentication Types in the request
IDA-MLC-012 Individual's Consent is not available Invalid resident consent for eKYC/Auth
IDA-MLC-013 Missing <authtype> auth attribute Missing authtype parameter – when <auth-type> = ‘True’ and corresponding auth attribute missing (OTP,Demo and Bio)
IDA-MLC-014 <Notification Channel> not registered. Individual has to register and try again <Notification Channel> not Registered (Phone/e-mail/both) Please register your <Notification Channel> and try again
IDA-MLC-015 Identity Type - <Identity Type> not configured for the country ID Type (UIN/VID) not supported for a country
IDA-MLC-018 %s not available in database UIN,VID, User ID not available in database
IDA-MPA-003 Unable to decrypt Request. Invalid encryption of session key/request
IDA-MPA-004 MOSIP Public key expired. MOSIP Public key expired Please reinitiate the request with updated public key
IDA-MPA-006 <Auth Type> - <Sub Type> (if applicable) Authentication Usage not allowed as per policy (Eg: OTP/Demo/Bio - FMR) All Authentication Usages not allowed as per policy
IDA-MPA-007 License key does not belong to a registered MISP License key does not belong to a registered MISP/ License key invalid
IDA-MPA-008 License key of MISP has expired License key expired
IDA-MPA-009 Partner is not registered PartnerID Invalid
IDA-MPA-010 MISP and Partner not mapped MISP and Partner not
IDA-MPA-011 License key of MISP is suspended License key status of MISP is suspended
IDA-MPA-012 Partner is deactivated PartnerID is not active
IDA-MPA-014 Partner is not assigned with any policy PartnerID is not mapped to a policy
IDA-MPA-015 <Auth Type> - <Sub Type> (if applicable) Authentiation Usage is mandatory as per policy (Eg: OTP/Demo/Bio - FMR) Mandatory Auth Type as per policy of the partner is not available in the auth request
IDA-MPA-016 HMAC Validation failed HMAC value does not match
IDA-MPA-017 License key of MISP is blocked License key status of MISP is blocked
IDA-OTA-003 OTP has expired OTP expired Please regenerate OTP and try again after sometime.
IDA-OTA-004 OTP is invalid OTP Invalid Please provide correct OTP value.
IDA-OTA-005 Input transactionID does not match transactionID of OTP Request Invalid Transaction ID
IDA-OTA-007 UIN is locked for OTP validation due to exceeding no of invalid OTP trials Validate wrong OTP for exceeding no of retries
IDA-OTA-010 Input Identity Type does not match Identity Type of OTP Request Invalid Identity Type

eKYC Service (Public)

This service details authentication (eKYC auth) that can be used by Partners to authenticate an Individual and send Individual's KYC details as response. Below are various authentication types supported by eKYC Authentication -

  1. OTP Authentication - OTP
  2. Biometric Authentication - Fingerprint, IRIS and Face

Users of KYC service -

  1. MISP (MOSIP Infrastructure Service Provider) - MISP's role is limited to infrastructure provisioning and acting as a gate keeper for all KYC requests sent to this service. The MISP is also responsible for policy creation on the MOSIP servers so their partners will follow the set policy.
  2. Partners - eKYC-Partners register themselves with MOSIP, under a MISP. KYC requests are captured by eKYC-Partners and sent to MOSIP, via MISP.

POST /idauthentication/v1/kyc/

This request will provide KYC details of Individual, once an Individual is successfully authenticated.

Resource URL

https://mosip.io/idauthentication/v1/kyc/:eKYC-Partner-ID/:MISP-LicenseKey

Resource details

Resource Details Description
Response format JSON
Requires Authentication Yes

Request Body Parameters

Name Required Description Default Value Example
version Y API version v1
partnerId Y eKYC Partner ID
transactionID Y Transaction ID of request 1234567890
requestTime Y Time when Request was captured 2019-02-15T10:01:57.086+05:30
requestedAuth Y Authentication Types requested
requestedAuth: otp Y OTP Authentication Type false false
requestedAuth: demo N Demographic Authentication Type false false
requestedAuth: bio Y Biometric Authentication Type false false
individualId Y VID of Individual 9830872690593682
individualIdType Y Allowed Type of Individual ID - VID, UIN VID
consentObtained Y If consent of Individual is obtained true
secondaryLangCode Y Secondary Language Code
keyIndex Y Thumbprint of public key certificate used for encryption of sessionKey
requestSessionKey Y Session Key encrypted using MOSIP Public Key
requestHMAC Y sha256 of request block before encryption and hash is encrypted using requestSessionKey
request Y Auth request attributes to be used for authenticating Individual
request: otp N OTP
request: timestamp N Timestamp when request block was captured
request: biometrics N Biometrics of an Individual
request: transactionID N Transaction ID provided by Device Service

Request Body

{
  "id": "mosip.identity.kyc",
  "version": "v1",
  "requestTime": "2019-02-15T10:01:57.086+05:30",
  "transactionID": "1234567890",
  "requestedAuth": {
    "otp": true,
    "demo": false,
    "bio": true
  },
  "consentObtained": true,
  "secondaryLangCode": "<sec-lang-code>",
  "individualId": "9830872690593682",
  "individualIdType": "VID",
  "keyIndex": "<thumbprint of the public key certficate used for enryption of sessionKey. This is necessary for key rotaion>",
  "requestSessionKey": "<encrypted with MOSIP public key and encoded session key>",
  "requestHMAC": "<sha256 of the request block before encryption and the hash is encrypted using the requestSessionKey>",
  "request": { // Encrypted with session key and base64 encoded
    "timestamp": "2019-02-15T10:01:56.086+05:30 - ISO format timestamp",
    "otp": "123456",
    "biometrics": [
      {
        "data": { // Base64 encoded
          "mosipProcess": "",
          "environment": "",
          "version": "",
          "deviceCode": "",
          "deviceProviderID": "",
          "deviceServiceID": "",
          "deviceServiceVersion": "",
          "bioType": "FMR",
          "bioSubType": "UNKNOWN",
          "bioValue": "<encrypted with session key and base64 encoded biometric data>",
          "transactionID": "1234567890",
          "timestamp": "2019-02-15T10:01:57.086+05:30",
          "requestedScore": "<floating point number to represent the minimum required score for the capture>",
          "qualityScore": "<floating point number representing the score for the current capture>"
        },
        "hash": "sha256(sha256 hash of the previous data block + sha256 of the current data block before encryption)",
        "sessionKey": "<encrypted with MOSIP public key and encoded session key biometric>",
        "signature": "base64 signature of the data and metaData block"
      }
    ]
  }
}

Responses:

Success Response:
Status Code : 200 (OK)
Description : Successful KYC Authentication of an Individual
{
  //API Metadata
  "id": "mosip.identity.kyc",
  "version": "v1",
  "responseTime": "2019-02-15T07:23:19.590+05:30",
  //Response Metadata
  "transactionID": "txn12345",
  //Auth Response
  "response": {
    "kycStatus": true,
    "staticToken": "<static_token>",
    "identity": {// encoded encrypted KYC info using Partner's public key
      "name": [
        {
          "language": "ara",
          "value": "ابراهيم"
        },
        {
          "language": "fra",
          "value": "Ibrahim"
        }
      ],
      "dob": "25/11/1990",
      "gender": [
        {
          "language": "ara",
          "value": "الذكر"
        }
      ],
      "phoneNumber": "+212-5398-12345",
      "emailId": "sample@samplamail.com",
      "addressLine1": [
        {
          "language": "ara",
          "value": "عنوان العينة سطر 1"
        },
        {
          "language": "fra",
          "value": "exemple d'adresse ligne 1"
        }
      ],
      "addressLine2": [
        {
          "language": "ara",
          "value": "عنوان العينة سطر 2"
        },
        {
          "language": "fra",
          "value": "exemple d'adresse ligne 2"
        }
      ],
      "addressLine3": [
        {
          "language": "ara",
          "value": "عنوان العينة سطر 3"
        },
        {
          "language": "fra",
          "value": "exemple d'adresse ligne 3"
        }
      ]
    }
  },
  "errors": null
}
Failed Response:
Status Code : 200 (OK)
Description : KYC Authentication of an Individual failed
{
  //API Metadata
  "id": "mosip.identity.kyc",
  "version": "v1",
  "responseTime": "2019-02-15T07:23:19.590+05:30",
  //Response Metadata
  "transactionID": "txn12345",
  //Auth Response
  "response": {// encoded encrypted KYC info using Partner's public key
    "kycStatus": false,
    "identity": null
  },
  "errors": [
      {
        "errorCode": "IDA-MLC-002",
        "errorMessage": "Invalid UIN",
        "actionMessage": "Please retry with the correct UIN"
      }
    ]
}
Failure Details
Error Code Error Message Description Action Message
IDA-BIA-001 Biometric data – <Biometric Attribute> did not match FMR,IIR,FID Mismatch Please give your biometrics again.
IDA-BIA-002 Duplicate fingers in request. Duplicate fingers Please try again with distinct fingers
IDA-BIA-003 Number of FMR should not exceed 2. Fingers exceeding 2
IDA-BIA-006 Biometric data <Biometric Attribute> not available in database. Missing biometric data in MOSIP database Your Biometric data is not available in MOSIP
IDA-BIA-007 Duplicate Irises in request. Duplicate Irises used Please try again with distinct Irises
IDA-BIA-008 Number of IIR should not exceed 2. Irises exceeding 2
IDA-BIA-009 Number of FID records should not exceed 1. Face exceeding 1
IDA-BIA-013 Number of FMR should not exceed 10. Fingers exceeding 10 for Internal Auth
IDA-EKA-001 Unable to encrypt eKYC response Invalid encryption of eKYC response
IDA-MLC-001 Request to be received at MOSIP within<x> hrs/min Invalid Time stamp Please send the request within <x> hrs/min
IDA-MLC-002 Invalid UIN Invalid UIN Please retry with the correct UIN.
IDA-MLC-003 UIN has been deactivated UIN Deactivated Your UIN status is not active.
IDA-MLC-004 Invalid VID Invalid VID Please retry with correct VID.
IDA-MLC-005 %s VID Expired,Used,Revoked VID Please regenerate VID and try again
IDA-MLC-006 Missing Input parameter- <attribute> Example: Missing Input parameter- version Missing Input parameter- attribute - all the mandatory attributes
IDA-MLC-007 Request could not be processed. Please try again Could not process request/Unknown error; Invalid Auth Request; Unable to encrypt eKYC response
IDA-MLC-008 No authentication type selected No authentication type selected in the request
IDA-MLC-009 Invalid Input parameter- attribute Invalid Input parameter- attribute
IDA-MLC-010 VID has been deactivated VID corresponding to a deactivated UIN
IDA-MLC-011 Unsupported Authentication Type - <Auth Type> - <SubType> if applicable Auth Type not supported for a country Please use other Authentication Types in the request
IDA-MLC-012 Individual's Consent is not available Invalid resident consent for eKYC/Auth
IDA-MLC-013 Missing <authtype> auth attribute Missing authtype parameter – when <auth-type> = ‘True’ and corresponding auth attribute missing (OTP,Demo and Bio)
IDA-MLC-014 <Notification Channel> not registered. Individual has to register and try again <Notification Channel> not Registered (Phone/e-mail/both) Please register your <Notification Channel> and try again
IDA-MLC-015 Identity Type - <Identity Type> not configured for the country ID Type (UIN/VID) not supported for a country
IDA-MLC-018 %s not available in database UIN,VID, User ID not available in database
IDA-MPA-003 Unable to decrypt Request. Invalid encryption of session key/request
IDA-MPA-004 MOSIP Public key expired. MOSIP Public key expired Please reinitiate the request with updated public key
IDA-MPA-006 <Auth Type> - <Sub Type> (if applicable) Authentication Usage not allowed as per policy (Eg: OTP/Demo/Bio - FMR) All Authentication Usages not allowed as per policy
IDA-MPA-007 License key does not belong to a registered MISP License key does not belong to a registered MISP/ License key invalid
IDA-MPA-008 License key of MISP has expired License key expired
IDA-MPA-009 Partner is not registered PartnerID Invalid
IDA-MPA-010 MISP and Partner not mapped MISP and Partner not
IDA-MPA-011 License key of MISP is suspended License key status of MISP is suspended
IDA-MPA-012 Partner is deactivated PartnerID is not active
IDA-MPA-013 Partner is unauthorised for eKYC Partner has no permission for e-KYC
IDA-MPA-014 Partner is not assigned with any policy PartnerID is not mapped to a policy
IDA-MPA-015 <Auth Type> - <Sub Type> (if applicable) Authentiation Usage is mandatory as per policy (Eg: OTP/Demo/Bio - FMR) Mandatory Auth Type as per policy of the partner is not available in the auth request
IDA-MPA-016 HMAC Validation failed HMAC value does not match
IDA-MPA-017 License key of MISP is blocked License key status of MISP is blocked
IDA-OTA-003 OTP has expired OTP expired Please regenerate OTP and try again after sometime.
IDA-OTA-004 OTP is invalid OTP Invalid Please provide correct OTP value.
IDA-OTA-005 Input transactionID does not match transactionID of OTP Request Invalid Transaction ID
IDA-OTA-007 UIN is locked for OTP validation due to exceeding no of invalid OTP trials Validate wrong OTP for exceeding no of retries
IDA-OTA-010 Input Identity Type does not match Identity Type of OTP Request Invalid Identity Type

OTP Request Service (Public)

This service enables Partners to request for an OTP for an Individual. The OTP will be send via message or email as requested to the Individual. This OTP can then be used to authenticate an Individual using Authentication or eKYC service.

Users of OTP Request service -

  1. MISP (MOSIP Infrastructure Service Provider) - MISP acts as a gate keeper for any OTP requests sent to this service. MISP is also responsible for the policy creation on the MOSIP servers so their partners will follow the set policy.
  2. Partners - Auth-Partners and eKYC-Partners can send OTP Request to MOSIP on behalf of Individual for Authentication and eKYC requests respectively, via MISP.

POST /idauthentication/v1/otp/

This request will send an OTP to the Individual.

Resource URL

https://mosip.io/idauthentication/v1/otp/:Partner-ID/:MISP-LicenseKey

Resource details

Resource Details Description
Response format JSON
Requires Authentication Yes

Request Body Parameters

Name Required Description Default Value Example
id Y API Id mosip.identity.otp
version Y API version v1
transactionID Y Transaction ID of request 1234567890
requestTime Y Time when Request was captured 2019-02-15T10:01:57.086+05:30
individualId Y VID 9830872690593682
individualIdType Y Allowed Type of Individual ID - VID, UIN VID
otpChannel Y Allowed OTP Channels - EMAIL, PHONE true

Request Body

{
  "id": "mosip.identity.otp",
  "version": "v1",
  "requestTime": "2019-02-15T07:22:57.086+05:30",
  "transactionID": "txn12345",
  "individualId": "9830872690593682",
  "individualIdType": "VID",
  "otpChannel": [
    "EMAIL",
    "PHONE"
  ]
}

Responses:

Success Response:
Status Code : 200 (OK)
Description : OTP for Authentication or KYC Service was successfully sent to the Individual
{
  //API Metadata
  "id": "mosip.identity.otp",
  "version": "v1",
  "responseTime": "2019-02-15T07:23:19.590+05:30",
  //Response Metadata
  "transactionID": "txn12345",
  //OTP Response
  "response": {
    "maskedMobile": "XXXXXXX123",
    "maskedEmail": "abXXXXXXXXXcd@xyz.com"
  },
  "errors": null
}
Failed Response:
Status Code : 200 (OK)
Description : Failed to send OTP to the Individual
{
  //API Metadata
  "id": "mosip.identity.otp",
  "version": "v1",
  "responseTime": "2019-02-15T07:23:19.590+05:30",
  //Response Metadata
  "transactionID": "txn12345",
  //OTP Response
  "response": null,
  "errors": [
    {
      "errorCode": "IDA-MLC-003",
      "errorMessage": "Invalid VID",
      "actionMessage": "Please retry with correct VID"
    }
  ]
}
Failure Details
Error Code Error Message Description Action Message
IDA-MLC-001 Request to be received at MOSIP within<x> hrs/min Invalid Time stamp Please send the request within <x> hrs/min
IDA-MLC-002 Invalid UIN Invalid UIN Please retry with the correct UIN.
IDA-MLC-003 UIN has been deactivated UIN Deactivated Your UIN status is not active.
IDA-MLC-004 Invalid VID Invalid VID Please retry with correct VID.
IDA-MLC-005 %s VID Expired,Used,Revoked VID Please regenerate VID and try again
IDA-MLC-006 Missing Input parameter- <attribute> Example: Missing Input parameter- version Missing Input parameter- attribute - all the mandatory attributes
IDA-MLC-007 Request could not be processed. Please try again Could not process request/Unknown error; Invalid Auth Request; Unable to encrypt eKYC response
IDA-MLC-009 Invalid Input parameter- attribute Invalid Input parameter- attribute
IDA-MLC-010 VID has been deactivated VID corresponding to a deactivated UIN
IDA-MLC-014 <Notification Channel> not registered. Individual has to register and try again <Notification Channel> not Registered (Phone/e-mail/both) Please register your <Notification Channel> and try again
IDA-MLC-015 Identity Type - <Identity Type> not configured for the country ID Type (UIN/VID) not supported for a country
IDA-MLC-017 Invalid UserID Invalid UserID
IDA-MLC-018 %s not available in database UIN,VID, User ID not available in database
IDA-MPA-004 MOSIP Public key expired. MOSIP Public key expired Please reinitiate the request with updated public key
IDA-MPA-005 OTP Request Usage not allowed as per policy OTP Trigger Usage not allowed as per policy
IDA-MPA-007 License key does not belong to a registered MISP License key does not belong to a registered MISP/ License key invalid
IDA-MPA-008 License key of MISP has expired License key expired
IDA-MPA-009 Partner is not registered PartnerID Invalid
IDA-MPA-010 MISP and Partner not mapped MISP and Partner not
IDA-MPA-011 License key of MISP is suspended License key status of MISP is suspended
IDA-MPA-012 Partner is deactivated PartnerID is not active
IDA-MPA-014 Partner is not assigned with any policy PartnerID is not mapped to a policy
IDA-MPA-017 License key of MISP is blocked License key status of MISP is blocked
IDA-OTA-001 Innumerous OTP requests received OTP Flooding error
IDA-OTA-002 Could not generate/send OTP Could not generate/send OTP
IDA-OTA-006 UIN is locked for OTP generation. Please try again later Try to generate OTP for a frozen Account
IDA-OTA-008 OTP Notification Channel not provided. No OTP Channel is provided in the input
IDA-OTA-009 <Notification Channel> not configured for the country <Notification Channel> not configured (Phone/e-mail/both)

Authentication Transactions Service (Internal)

Authentication Transactions Service can be used by Resident Services Portal - MOSIP module to retrieve the authenticate history of an Individual initiated by Partners. Authentications done by MOSIP internal modules for any verifications will not be returned.

Users of Internal Authentication service -

  1. Resident Services Portal

GET /idauthentication/v1/internal/authTransactions/individualIdType/:IDType/individualId/:ID?pageStart=1&pageFetch=10

This request will retrieve authentication transaction history for the given UIN/VID for the given pageStart and pageFetch parameters.

Resource URL

https://mosip.io/idauthentication/v1/internal/authTransactions/individualIdType/:IDType/individualId/:ID?pageStart=1&pageFetch=10

Resource details

Resource Details Description
Response format JSON
Requires Authentication Yes

Request Query Parameters

The authentication transaction history can be queried using this REST service for certain count of transactions which can be retrieved for given pageStart number with pageFetch. The default pageStart value is 1. The default pageFetch value is 10. This default pageFetch value will be taken into account only if the pageStart is provided. If both pageStart and pageFetch values are not provided, all the transaction entries for the UIN/VID are returned in the response.

Name Required Description Default Value Example
pageStart N The page number to start 1 2
pageFetch N The number of entries per page 10 20

Responses:

Success Response:
Status Code : 200 (OK)
Description : Successfully retried authentication transactions
{
        //API Metadata
	"id": "mosip.identity.auth.transactions.read",
	"responseTime": "2019-07-11T07:30:59.383",
	"version": "v1",
	"errors": [],
        //Response
	"response": {
		"authTransactions": [{
				"transactionID": "1234567890",
				"requestdatetime": "2019-07-10T07:28:59.383",
				"authtypeCode": "FINGERPRINT-AUTH",
				"statusCode": "Y",
				"statusComment": "Finger Authentication Success",
				"referenceIdType": "UIN",
				"entityName": ""
			},
			{
				"transactionID": "1234567891",
				"requestdatetime": "2019-07-11T07:29:59.383",
				"authtypeCode": "OTP-REQUEST",
				"statusCode": "F",
				"statusComment": "OTP Authentication Failed",
				"referenceIdType": "UIN",
				"entityName": ""
			}
		]
	}
}
Failed Response:
Status Code : 200 (OK)
Description : Authentication of an Individual failed
{
  //API Metadata
  "id": "mosip.identity.auth.transactions.read",
  "version": "v1",
  "responseTime": "2019-02-15T07:23:19.590+05:30",
  "errors": [
    {
      "errorCode": "IDA-MLC-002",
      "errorMessage": "Invalid UIN",
      "actionMessage": "Please retry with the correct UIN"
    }
  ]
}
Failure Details
Error Code Error Message Description Action Message
IDA-MLC-001 Request to be received at MOSIP within<x> hrs/min Invalid Time stamp Please send the request within <x> hrs/min
IDA-MLC-002 Invalid UIN Invalid UIN Please retry with the correct UIN.
IDA-MLC-003 UIN has been deactivated UIN Deactivated Your UIN status is not active.
IDA-MLC-006 Missing Input parameter- <attribute> Example: Missing Input parameter- version Missing Input parameter- attribute - all the mandatory attributes
IDA-MLC-007 Request could not be processed. Please try again Could not process request/Unknown error; Invalid Auth Request
IDA-MLC-009 Invalid Input parameter- attribute Invalid Input parameter- attribute
IDA-MLC-012 Individual's Consent is not available Invalid resident consent for eKYC/Auth
IDA-MLC-015 Identity Type - <Identity Type> not configured for the country ID Type (UIN/USERID) not supported for a country
IDA-MLC-017 Invalid UserID Invalid UserID
IDA-MLC-018 %s not available in database UIN, User ID not available in database
Clone this wiki locally
You can’t perform that action at this time.