openapi-directory/api/digitallocker.gov.in/authpartner.json

Building & bundling https://github.com/APIs-guru/openapi-directory for easy use from JS

{"openapi":"3.0.2","servers":[{"url":"https://betaapi.digitallocker.gov.in/public"}],"info":{"contact":{"email":"support@digitallocker.gov.in"},"description":"To access files in user’s DigiLocker account from your application, you must first obtain user’s authorization.","termsOfService":"https://ndh.digitallocker.gov.in/terms.php","title":"Authorized Partner API Specification","version":"1.0.0","x-apisguru-categories":["open_data"],"x-origin":[{"format":"openapi","url":"https://apisetu.gov.in/api_specification_v8/authpartner.yaml","version":"3.0"}],"x-providerName":"digitallocker.gov.in","x-serviceName":"authpartner"},"tags":[{"description":"Authorization APIs For Server Side Web Applications.","name":"Authorization"},{"description":"Authorization APIs For Limited Input Devices.","name":"Authorization API"},{"description":"To revoke a previously obtained Token.","name":"Token Revocation API"},{"description":"Get User Details","name":"Account Detail API"},{"description":"File APIs allow your application to get the meta-data about issued and uploaded documents in user’s DigiLocker.","name":"File APIs"},{"description":"This API can be used to sign up a user for DigiLocker.","name":"DigiLocker Sign up APIs"},{"description":"DigiLocker Meta APIs provide information about a user account, issuers, document types and parameters required to pull a document.","name":"DigiLocker Meta APIs"}],"paths":{"/account/1/pushuri":{"post":{"description":"The API can use to push or delete a single URI into Digital Locker using DigiLocker Id acquired using Get User Details API. This API can be used to push the certificate details to Digital Locker as and when a certificate is generated in the issuer system. The issuing departments must register on DigiLocker as a registered Issuer and implement the requisite Issuer APIs as mentioned in Digital Locker Issuer API Specification document prior to pushing certificates using this API.","operationId":"Push URI to Account id","requestBody":{"content":{"multipart/form-data":{"schema":{"$ref":"#/components/schemas/PushUri"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"title":"Sample"}}},"description":"successful operation"},"400":{"content":{"application/json":{"schema":{"properties":{"error":{"description":"invalid_parameter","type":"string"},"error_description":{"description":"One or more of the mandatory parameters is missing or invalid. The error description text will contain one or more of the following error texts:|-  URI parameter is missing or invalid  Doctype parameter is missing or invalid  Description parameter is missing or invalid  Docid parameter is missing or invalid  Issuedate parameter is missing orinvalid  Timestamp parameter is missing or invalid  HMAC parameter is missing or invalid   URI already exists in this account   URI already exists in another account","type":"string"}},"type":"object"}}},"description":"Bad request"},"401":{"content":{"application/json":{"schema":{"properties":{"error":{"description":"invalid_client_id","type":"string"},"error_description":{"description":"The client_id parameter is invalid","type":"string"}},"type":"object"}}},"description":"Unauthorized error"},"404":{"content":{"application/json":{"schema":{"properties":{"error":{"description":"invalid_digilocker_id","type":"string"},"error_description":{"description":"The digilockerid parameter is invalid","type":"string"}},"type":"object"}}},"description":"Not found"},"500":{"content":{"application/json":{"schema":{"properties":{"error":{"description":"unexpected_error","type":"string"},"error_description":{"description":"Internal server error","type":"string"}},"type":"object"}}},"description":"Internal Error"}},"security":[{"oauthsecurity":[]}],"summary":"Push URI to Account","tags":["DigiLocker Meta APIs"]}},"/account/2/verify":{"post":{"description":"This API can be used to verify whether a mobile number or Aadhaar number is already registered with DigiLocker.","operationId":"Verify Account id","requestBody":{"content":{"multipart/form-data":{"schema":{"$ref":"#/components/schemas/VerifyAccount"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/VerifyAccountResponse"}}},"description":"successful operation"},"400":{"content":{"application/json":{"schema":{"properties":{"error":{"description":"invalid_parameter"},"error_description":{"description":"One or more of the mandatory parameters is missing or invalid. The error description text will contain one or more of the following error texts:|-  Either one of uid or mobile number is mandatory  Timestamp parameter is missing or invalid  HMAC parameter is missing or invalid"}},"type":"object"}}},"description":"Bad request"},"401":{"content":{"application/json":{"schema":{"properties":{"error":{"description":"invalid_client_id","type":"string"},"error_description":{"description":"The client_id parameter is invalid","type":"string"}},"type":"object"}}},"description":"Unauthorized error"},"500":{"content":{"application/json":{"schema":{"properties":{"error":{"description":"unexpected_error"},"error_description":{"description":"Internal server error"}},"type":"object"}}},"description":"Internal Error"}},"security":[{"oauthsecurity":[]}],"summary":"Verify Account","tags":["DigiLocker Meta APIs"]}},"/oauth2/1/authorize":{"get":{"description":"Call to this API starts authorization flow using OAuth 2.0 protocol. This isn't an API call—it's a DigiLocker web page that lets the user sign in to DigiLocker and authorize your application to access user’s data. After the user decides whether or not to authorize your app, they will be redirected to the redirect link provided by your application.","operationId":"Get Authorization Code id","parameters":[{"description":"Provide the client id that was created during the application registration process on Partners Portal.","in":"query","name":"client_id","schema":{"type":"string"}},{"description":"Provide the grant type requested, either token or code.","in":"query","name":"response_type","required":true,"schema":{"type":"string"}},{"description":"The URI to redirect the user after authorization has completed.","in":"query","name":"redirect_uri","required":true,"schema":{"type":"string"}},{"description":"This is your application specific data that will be passed back to your application through redirect_uri.","in":"query","name":"state","required":true,"schema":{"type":"string"}},{"description":"A unique random string called code verifier (code_verifier) is\ncreated by the client application for every authorization request.\nThe code_challenge sent as this parameter is the Base64URL (with no\npadding) encoded SHA256 hash of the code verifier.\n        Code block:\n\n       ```\n       string base64_url_encode_without_padding(string arg)\n       { \n          string s = base64encode(arg); //Regular base64encoder with padding\n          s = s.replace(’=’,’’); //Remove any trailing ’=’\n          s = s.replace(’+’, ’-’); //Replace ’+’ with ’-’\n          s = s.replace(’/’, ’_’); //Replace ’/’ with ’_’ return s;\n        }\n        ```\n","in":"query","name":"Code_challenge","required":false,"schema":{"example":"base64_url_encode_without_padding(sha256(code_verifier))","properties":{"parameter":{"enum":["Base64URL","SHA256"],"type":"string"}},"type":"string"}},{"description":"Specifies what method was used to encode a code_verifier to generate code_challenge parameter above. This parameter must be used with the code_challenge parameter. The only supported values for this parameter is S256.","in":"query","name":"Code_challenge_method","required":false,"schema":{"properties":{"parameter":{"enum":["S256"],"type":"string"}},"type":"string"}},{"description":"If this parameter is provided its value will always be signup. This parameter indicates that the user does not have a DigiLocker account and will be directed to the signup flow directly. After the account is created, the user will be directed to the authorization flow. If this parameter is not sent, the user will be redirected to the sign in flow.","in":"query","name":"dl_flow","required":false,"schema":{"type":"string"}},{"description":"Verified mobile number of the user. If this parameter is passed, DigiLocker will skip the mobile OTP verification step during sign up. DigiLocker will treat the mobile number passed in this parameter as a verified mobile number by the trusted client application. This parameter will be used only if dl_flow parameter mentioned above is set to signup and will be ignored otherwise.","in":"query","name":"Verified_mobile","required":false,"schema":{"type":"integer"}}],"responses":{"200":{"content":{"application/json":{"schema":{"properties":{"details":{"properties":{"access_token":{"type":"string"},"expires_in":{"type":"integer"},"scope":{"type":"string"},"token_type":{"type":"string"}},"required":["access_token","expires_in","token_type","scope"],"type":"object"}},"title":"Sample"}}},"description":"successful operation"},"400":{"description":"Invalid status value"}},"security":[{"oauthAuthorizeCode":[]}],"summary":"Get Authorization Code","tags":["Authorization"]}},"/oauth2/1/code":{"post":{"description":"The client device calls the DigiLocker API to get the device code by providing the client_id issued to the device OEM and either the username or the mobile number of the user. DigiLocker responds with a device code and then sends an OTP on the mobile number and email address associated with the user’s account. The masked mobile number and email address is also sent in response. The device should use these values to notify the users about the mobile and email address on which the OTP has been sent.","operationId":"Get Device Code id","requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/DeviceAuthorizationCode"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/DeviceAuthorizationCodeResponse"}}},"description":"successful operation"},"400":{"content":{"application/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/ResponseOne"},{"$ref":"#/components/schemas/ResponseTwo"},{"$ref":"#/components/schemas/ResponseThree"},{"$ref":"#/components/schemas/ResponseFour"}]}}},"description":"Bad Request"},"401":{"content":{"application/json":{"schema":{"properties":{"error":{"example":"invalid_client_id","type":"string"},"error_description":{"example":"The client_id parameter is invalid","type":"string"}},"type":"object"}}},"description":"The client_id parameter is invalid."},"500":{"content":{"application/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/ResponseFive"},{"$ref":"#/components/schemas/ResponseSix"}]}}},"description":"Internal Error"}},"security":[{"oauthsecurity":[]}],"summary":"Get Device Code","tags":["Authorization API"]}},"/oauth2/1/file/upload":{"post":{"description":"This API can be used to save/upload a file to uploaded documents in DigiLocker. The allowed file types are JPG, JPEG, PNG and PDF. The file size must not exceed 10MB.","operationId":"Upload File to Locker id","parameters":[{"description":"The destination path of the file in DigiLocker including filename.","in":"header","name":"path","required":false,"schema":{"type":"string"}},{"description":"This is used to verify the integrity of the file data. The client app calculates the hash message authentication code (HMAC) of the file content using SHA256 hashing algorithm and the client secret as the hashing key. The resulting HMAC is converted to Base64 format and sent in this parameter. Upon upload of file, DigiLocker calculates the HMAC of the file data and compares it with this HMAC..","in":"header","name":"hmac","required":false,"schema":{"type":"string"}}],"requestBody":{"content":{"application/octet-stream":{"schema":{"$ref":"#/components/schemas/FileUpload"}},"image/jpeg":{"schema":{"format":"binary","type":"string"}},"image/jpg":{"schema":{"format":"binary","type":"string"}},"image/pdf":{"schema":{"format":"binary","type":"string"}},"image/png":{"schema":{"format":"binary","type":"string"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/FileUploadResponse"}}},"description":"successful operation"},"400":{"content":{"application/json":{"schema":{"properties":{"error":{"enum":["path_missing","contenttype_missing","hmac_missing","filename_missing","hmac_mismatch","invalid_filename","invalid_filesize","invalid_filetype","invalid_path","file_data_missing","mimetype_mismatch"]},"error_description":{"enum":["Path parameter is missing","Content-Type parameter is missing","HMAC parameter is missing","Filename is missing in path parameter","HMAC does not match","Restricted characters are not allowed in file name","The file size exceeds maximum allowed file size of 10MB","The file type is not allowed","The destination folder does not exist","Missing file content in the request","The mimetype provided in Content-Type parameter does not match with the mimetype of the file"]}},"type":"object"}}},"description":"Bad request"},"401":{"content":{"application/json":{"schema":{"properties":{"error":{"example":"invalid_token","type":"string"},"error_description":{"example":"The access token is invalid","type":"string"}},"type":"object"}}},"description":"Unauthorized error"},"500":{"content":{"application/json":{"schema":{"properties":{"error":{"description":"unexpected_error","type":"string"},"error_description":{"description":"Internal server error","type":"string"}},"type":"object"}}},"description":"Internal Error"}},"security":[{"bearerAuth":[]}],"summary":"Upload file to locker","tags":["File APIs"]}},"/oauth2/1/file/{uri}":{"get":{"description":"Returns a file from URI. This API can be used to fetch both issued document and uploaded document.","operationId":"Get File from URI id","parameters":[{"description":"This is the unique identifier of the document.","in":"path","name":"uri","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/pdf":{"schema":{"example":"pdf binary content","type":"string"}},"image/jpeg":{"schema":{"example":"jpeg binary content","type":"string"}},"image/jpg":{"schema":{"example":"jpg binary content","type":"string"}},"image/png":{"schema":{"example":"png binary content","type":"string"}}},"description":"successful operation"},"400":{"content":{"application/json":{"schema":{"properties":{"error":{"example":"uri_missing","type":"string"},"error_description":{"example":"URI parameter missing","type":"string"}},"type":"object"}}},"description":"Bad request"},"401":{"content":{"application/json":{"schema":{"properties":{"error":{"example":"invalid_token","type":"string"},"error_description":{"example":"The access token is invalid","type":"string"}},"type":"object"}}},"description":"Unauthorized error"},"404":{"content":{"application/json":{"schema":{"properties":{"error":{"example":"invalid_uri","type":"string"},"error_description":{"example":"No file found for given URI","type":"string"}},"type":"object"}}},"description":"Not found"},"500":{"content":{"application/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/Response3"},{"$ref":"#/components/schemas/Response4"},{"$ref":"#/components/schemas/Response5"},{"$ref":"#/components/schemas/Response6"}]}}},"description":"Internal Error"},"503":{"content":{"application/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/Response1"},{"$ref":"#/components/schemas/Response2"}]}}},"description":"Gateway timeout"}},"security":[{"bearerAuth":[]}],"summary":"Get File from URI","tags":["File APIs"]}},"/oauth2/1/files/":{"get":{"description":"Returns the list of meta-data about documents or folders in user’s DigiLocker in a specific location.","operationId":"Get List of Self Uploaded Documents","responses":{"200":{"content":{"application/json":{"schema":{"properties":{"directory":{"minLength":1,"type":"string"},"items":{"items":{"properties":{"date":{"minLength":1,"type":"string"},"description":{"type":"string"},"id":{"example":189079894,"minLength":1,"type":"string"},"issuer":{"type":"string"},"mime":{"type":"string"},"name":{"minLength":1,"type":"string"},"parent":{"minLength":1,"type":"string"},"size":{"minLength":1,"type":"string"},"type":{"minLength":1,"type":"string"},"uri":{"type":"string"}},"required":["id","name","type","size","date","parent","mime","uri","description","issuer"]},"minItems":1,"type":"array","uniqueItems":true}},"required":["directory","items"],"title":"Sample"}}},"description":"successful operation"},"401":{"content":{"application/json":{"schema":{"properties":{"error":{"example":"invalid_token","type":"string"},"error_description":{"example":"The access token is invalid","type":"string"}},"type":"object"}}},"description":"Unauthorized error"},"404":{"content":{"application/json":{"schema":{"properties":{"error":{"example":"invalid_id","type":"string"},"error_description":{"example":"The folder does not exist","type":"string"}},"type":"object"}}},"description":"Not found"},"500":{"content":{"application/json":{"schema":{"properties":{"error":{"example":"unexpected_error","type":"string"},"error_description":{"example":"Internal server error","type":"string"}},"type":"object"}}},"description":"Internal Error"}},"security":[{"bearerAuth":[]}],"summary":"Get List of Self Uploaded Documents","tags":["File APIs"]}},"/oauth2/1/files/issued":{"get":{"description":"Returns the list of meta-data about issued documents in user’s DigiLocker.","operationId":"Get List of issued Documents Version1 id","responses":{"200":{"content":{"application/json":{"schema":{"properties":{"details":{"properties":{"date":{"description":"This contains the date on which the certificate was last modified in DigiLocker.","example":"2025-04-15T13:51:32.349Z","type":"string"},"description":{"description":"This is the descriptive document type stored in DigiLocker such as ‘Income Certificate’ or ‘Driving License’.","example":"Class XII Marksheet","type":"string"},"doctype":{"description":"A 5 character unique document type provided by DigiLocker.","example":"HSCER","type":"string"},"issuer":{"description":"The name of the issuer.","example":"CBSE","type":"string"},"issuerid":{"description":"Unique DigiLocker issuer id as mentioned in the URI.","example":"in.gov.cbse","type":"string"},"mime":{"description":"The list of mime types for the certificate data. This field will contain “application/PDF” or “application/xml”.","example":"application/pdf","type":"string"},"name":{"description":"The name of the certificate.","example":"Class XII Marksheet","type":"string"},"parent":{"description":"This will be blank.","example":" ","type":"string"},"size":{"description":"This will be blank.","example":" ","type":"string"},"type":{"description":"String file.","example":"file","type":"string"},"uri":{"description":"This is the unique identifier of the document shared by the user in DigiLocker. You will use this identifier to get the actual file from DigiLocker using the API.","example":"in.gov.cbse-HSCER-201412345678","type":"string"}},"required":["type","name","size","date","parent","mime","uri","doctype","description","issuer","issuerid"],"type":"object"}},"title":"Sample"}}},"description":"successful operation"},"401":{"content":{"application/json":{"schema":{"properties":{"error":{"example":"invalid_token","type":"string"},"error_description":{"example":"The access token is invalid","type":"string"}},"type":"object"}}},"description":"Unauthorized error"},"500":{"content":{"application/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/ResponseSix"},{"$ref":"#/components/schemas/ResponseSeven"}]}}},"description":"Internal Error"}},"security":[{"bearerAuth":[]}],"summary":"Issued Documents","tags":["File APIs"]}},"/oauth2/1/files/{id}":{"get":{"description":"Returns the list of meta-data about documents or folders in user’s DigiLocker in a specific location.","operationId":"Get List of Self Uploaded Documents id","parameters":[{"description":"The id of the folder to list. To list the files of root folder of a user’s locker, do not send this parameter. This is sent as a part of the URL.","in":"path","name":"id","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"properties":{"details":{"properties":{"date":{"description":"This contains the date of file upload in case of self uploaded documents","example":"2025-04-15T13:51:32.349Z","type":"string"},"description":{"description":"This is the descriptive document type stored in DigiLocker such as ‘Income Certificate’ or ‘Driving License’.","example":"","type":"string"},"id":{"description":"The id if this item is a folder.","example":"5678","type":"integer"},"issuer":{"description":"The name of the issuer. This is blank in case of uploaded documents and folders.","example":"","type":"string"},"mime":{"description":"The mime type of the file. This field will contain “application/PDF” for PDF files; “image/png” for PNG files and “image/jpg” or “image/jpeg” for JPG/JPEG files. This will be blank in case of folder.","example":"","type":"string"},"name":{"description":"The name of the file or folder.","example":"My Documents","type":"string"},"parent":{"description":"The id of the parent folder.","example":"1234","type":"string"},"size":{"description":"Size of file or folder.","example":"366481","type":"string"},"type":{"description":"String dir for folder and string file for file.","example":"dir","type":"string"},"uri":{"description":"This is the unique identifier of the document shared by the user in DigiLocker. You will use this identifier to get the actual file from DigiLocker using the API. URI will be blank in case of folder.","example":"","type":"string"}},"required":["type","name","id","size","date","parent","mime","uri","description","issuer"],"type":"object"}},"title":"Sample"}}},"description":"successful operation"},"401":{"content":{"application/json":{"schema":{"properties":{"error":{"example":"invalid_token","type":"string"},"error_description":{"example":"The access token is invalid","type":"string"}},"type":"object"}}},"description":"Unauthorized error"},"404":{"content":{"application/json":{"schema":{"properties":{"error":{"example":"invalid_id","type":"string"},"error_description":{"example":"The folder does not exist","type":"string"}},"type":"object"}}},"description":"Not found"},"500":{"content":{"application/json":{"schema":{"properties":{"error":{"example":"unexpected_error","type":"string"},"error_description":{"example":"Internal server error","type":"string"}},"type":"object"}}},"description":"Internal Error"}},"security":[{"bearerAuth":[]}],"summary":"Get List of Self Uploaded Documents","tags":["File APIs"]}},"/oauth2/1/pull/doctype":{"post":{"description":"Returns a list of documents/certificates issued by an issuer organization registered with DigiLocker.","operationId":"Get List of Documents Provided by an Issuer id","requestBody":{"content":{"application/x-www-form-urlencoded":{"schema":{"$ref":"#/components/schemas/DocType"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/DocTypeResponse"}}},"description":"successful operation"},"400":{"content":{"application/json":{"schema":{"properties":{"error":{"description":"invalid_parameter"},"error_description":{"description":"One or more of the mandatory parameters is missing or invalid. The error description text will contain one or more of the following error texts:|-  The orgid parameter is missing or invalid  Timestamp parameter is missing or invalid  HMAC parameter is missing or invalid"}},"type":"object"}}},"description":"Bad request"},"401":{"content":{"application/json":{"schema":{"properties":{"error":{"example":"invalid_client_id","type":"string"},"error_description":{"example":"The client_id parameter is invalid","type":"string"}},"type":"object"}}},"description":"Unauthorized error"},"500":{"content":{"application/json":{"schema":{"properties":{"error":{"description":"unexpected_error"},"error_description":{"description":"Internal server error"}},"type":"object"}}},"description":"Internal Error"}},"security":[{"oauthsecurity":[]}],"summary":"Get List of Documents Provided by an Issuer","tags":["DigiLocker Meta APIs"]}},"/oauth2/1/pull/issuers":{"post":{"description":"Returns the list of issuers registered with DigiLocker.","operationId":"Get List of Issuers id","requestBody":{"content":{"application/x-www-form-urlencoded":{"schema":{"$ref":"#/components/schemas/Issuer"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/IssuerResponse"}}},"description":"successful operation"},"400":{"content":{"application/json":{"schema":{"properties":{"error":{"example":"invalid_parameter","type":"string"},"error_description":{"example":"One or more of the mandatory parameters is missing or invalid. The error description text will contain one or more of the following error texts:|-  Timestamp parameter is missing or invalid  HMAC parameter is missing or invalid","type":"string"}},"type":"object"}}},"description":"Bad request"},"401":{"content":{"application/json":{"schema":{"properties":{"error":{"example":"invalid_client_id","type":"string"},"error_description":{"example":"The client_id parameter is invalid","type":"string"}},"type":"object"}}},"description":"Unauthorized error"},"500":{"content":{"application/json":{"schema":{"properties":{"error":{"description":"unexpected_error"},"error_description":{"description":"Internal server error"}},"type":"object"}}},"description":"Internal Error"}},"security":[{"oauthsecurity":[]}],"summary":"Get List of Issuers","tags":["DigiLocker Meta APIs"]}},"/oauth2/1/pull/parameters":{"post":{"description":"Returns a list of parameters required to search a document/certificate of an issuer organization registered with DigiLocker. These parameters are used to pull a document from issuer’s repository using Pull Document API mentioned in subsequent section.","operationId":"Get Search Parameters for a Document id","requestBody":{"content":{"application/x-www-form-urlencoded":{"schema":{"$ref":"#/components/schemas/SearchParameters"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/SearchParametersResponse"}}},"description":"successful operation"},"400":{"content":{"application/json":{"schema":{"properties":{"error":{"description":"invalid_parameter"},"error_description":{"description":"One or more of the mandatory parameters is missing or invalid. The error description text will contain one or more of the following error texts:|-  The orgid parameter is missing or invalid  The doctype parameter is missing or invalid  Timestamp parameter is missing or invalid  HMAC parameter is missing or invalid"}},"type":"object"}}},"description":"Bad request"},"401":{"content":{"application/json":{"schema":{"properties":{"error":{"example":"invalid_client_id","type":"string"},"error_description":{"example":"The client_id parameter is invalid","type":"string"}},"type":"object"}}},"description":"Unauthorized error"},"500":{"content":{"application/json":{"schema":{"properties":{"error":{"description":"unexpected_error"},"error_description":{"description":"Internal server error"}},"type":"object"}}},"description":"Internal Error"}},"security":[{"oauthsecurity":[]}],"summary":"Get Search Parameters for a Document","tags":["DigiLocker Meta APIs"]}},"/oauth2/1/pull/pulldocument":{"post":{"description":"This API allows a client application to search a document/certificate from issuer’s repository using the parameters provided by a user. The searched document is saved in user’s issued document section of DigiLocker if the search is successful.","operationId":"Pull Document id","requestBody":{"content":{"application/x-www-form-urlencoded":{"schema":{"$ref":"#/components/schemas/PullDocumentSchema"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"properties":{"details":{"properties":{"uri":{"type":"string"}},"required":["uri"],"type":"object"}},"title":"Sample"}}},"description":"successful operation"},"400":{"content":{"application/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/Response13"},{"$ref":"#/components/schemas/ResponseSix"}]}}},"description":"Bad request"},"401":{"content":{"application/json":{"schema":{"properties":{"error":{"example":"invalid_token","type":"string"},"error_description":{"example":"The access token is invalid","type":"string"}},"type":"object"}}},"description":"Unauthorized error"},"404":{"content":{"application/json":{"schema":{"properties":{"error":{"description":"record_not_found"},"error_description":{"description":"No record found in issuer database for given criteria. Please check the details and try again. If problem persists, see the FAQ section for possible causes."}},"type":"object"}}},"description":"Not found"},"500":{"content":{"application/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/Response14"},{"$ref":"#/components/schemas/Response15"},{"$ref":"#/components/schemas/Response16"},{"$ref":"#/components/schemas/Response17"},{"$ref":"#/components/schemas/Response18"}]}}},"description":"Internal Error"}},"security":[{"bearerAuth":[]}],"summary":"Pull Document","tags":["File APIs"]}},"/oauth2/1/revoke":{"post":{"description":"Client applications can revoke a previously obtained refresh or access token when it is no longer needed. This is done by making a request to the token revocation endpoint. DigiLocker will invalidate the specified token and, if applicable, other tokens based on the same authorisation grant. This API may be used to sign out a user from DigiLocker. This API will work for server based web applications, mobile application and limited input devices.","operationId":"get token revocation id","requestBody":{"content":{"application/json":{"schema":{"properties":{"token":{"description":"The token that needs to be revoked.","type":"string"},"token_type_hint":{"description":"The type of the above token. The value will be one of access_token or refresh_token. If this parameter is not sent, DigiLocker will look for this token in both access and refresh tokens and then revoke it.","enum":["refresh_token","access_token"],"type":"string"}},"required":["token"],"type":"object"}}}},"responses":{"200":{"description":"successful operation"},"400":{"description":"The token is invalid"}},"security":[{"oauthsecurity":[]}],"summary":"Revoke Token.","tags":["Token Revocation API"]}},"/oauth2/1/token":{"post":{"description":"This endpoint only applies to apps using the authorization code flow. An app calls this endpoint to acquire a bearer token once the user has authorized the app. Calls to /oauth2/1/token need to be authenticated using the app's key and secret. These can either be passed as application/x-www-form-urlencoded POST parameters (see parameters below) or via HTTP basic authentication. If basic authentication is used, the app key should be provided as the username, and the app secret should be provided as the password.","operationId":"getaccesstoken id","requestBody":{"content":{"application/json":{"schema":{"properties":{"Get access token using authorization code":{"$ref":"#/components/schemas/AccessToken"},"Get access token using device code and OTP":{"$ref":"#/components/schemas/DeviceAccessToken"},"Get access token using refresh token":{"$ref":"#/components/schemas/RefreshToken"}},"type":"object"}}},"description":"Details of documents being created.","required":true},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/AccessResponse"}}},"description":"successful operation"},"400":{"description":"Bad request"},"401":{"description":"If the access token is expired or has been revoked by DigiLocker user."}},"summary":"Get Access Token","tags":["Authorization"]}},"/oauth2/1/user":{"get":{"description":"Client applications can call this API to get the DigiLocker Id, name, date of birth and gender of the account holder. An access token is required to call this API. The API will return the user details of the account with which the access token is linked. It is strongly recommended that the API can be called by client application only once after acquiring the access token. Since the user details do not change, the client application may store the values and use them when necessary than calling this API repeatedly.","operationId":"Account Detail API id","responses":{"200":{"content":{"application/json":{"schema":{"properties":{"details":{"properties":{"digilockerid":{"description":"A unique 36 character DigiLocker Id of the user account.","example":"123e4567-e89b-12d3-a456-426655440000","type":"string"},"dob":{"description":"This is date of birth of the user as registered with DigiLocker in DDMMYYYY format.","example":"31121970","format":"dd-mm-yyy","type":"string"},"eaadhar":{"description":"This indicates whether eAadhaar data is available for this account. Possible values are Y and N.","enum":["Y","N"],"type":"string"},"gender":{"description":"This is gender of the user as registered with DigiLocker. The possible values are M, F, T for male, female and transgender respectively.","enum":["M","F","T"],"type":"string"},"name":{"description":"The name of the user as registered with DigiLocker.","example":"Sunil Kumar","type":"string"}},"required":["digilockerid","name","dob","gender","eaadhaar"],"type":"object"}},"title":"Sample"}}},"description":"successful operation"},"401":{"content":{"application/json":{"schema":{"properties":{"error":{"example":"invalid_token","type":"string"},"error_description":{"example":"The access token is invalid","type":"string"}},"type":"object"}}},"description":"Unauthorized error"},"500":{"content":{"application/json":{"schema":{"properties":{"error":{"example":"unexpected_error","type":"string"},"error_description":{"example":"Internal server error","type":"string"}},"type":"object"}}},"description":"Internal server error"}},"security":[{"bearerAuth":[]}],"summary":"Get User Details","tags":["Account Detail API"]}},"/oauth2/1/xml/{uri}":{"get":{"description":"Returns the certificate data in machine readable XML format for a URI. This API can be used to only for issued documents. The XML data may not be available for all documents. If the XML data is available for a particular document, the mime parameter in Get List of Issued Documents API will contain application/xml. Please refer to Digital Locker XML Certificate Formats for more details of XML formats of various documents.","operationId":"Get Certificate Data in XML Format from URI id","parameters":[{"in":"path","name":"uri","required":true,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/xml":{"schema":{"$ref":"#/components/schemas/XMLFormatSchema"}}},"description":"successful operation"},"400":{"content":{"application/json":{"schema":{"properties":{"error":{"example":"uri_missing","type":"string"},"error_description":{"example":"URI parameter missing","type":"string"}},"type":"object"}}},"description":"Bad request"},"401":{"content":{"application/json":{"schema":{"properties":{"error":{"example":"invalid_token","type":"string"},"error_description":{"example":"The access token is invalid","type":"string"}},"type":"object"}}},"description":"Unauthorized error"},"404":{"content":{"application/json":{"schema":{"properties":{"error":{"example":"invalid_uri","type":"string"},"error_description":{"example":"No file found for given URI","type":"string"}},"type":"object"}}},"description":"Not found"},"500":{"content":{"application/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/Response3"},{"$ref":"#/components/schemas/Response4"},{"$ref":"#/components/schemas/Response5"},{"$ref":"#/components/schemas/Response6"}]}}},"description":"Internal Error"},"503":{"content":{"application/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/Response1"},{"$ref":"#/components/schemas/Response2"}]}}},"description":"Gateway timeout"}},"security":[{"bearerAuth":[]}],"summary":"Get Certificate Data in XML Format from URI","tags":["File APIs"]}},"/oauth2/2/files/issued":{"get":{"description":"Returns the list of meta-data about issued documents in user’s DigiLocker.","operationId":"Get List of issued Documents id","responses":{"200":{"content":{"application/json":{"schema":{"properties":{"items":{"items":{"properties":{"date":{"minLength":1,"type":"string"},"description":{"minLength":1,"type":"string"},"doctype":{"minLength":1,"type":"string"},"issuer":{"minLength":1,"type":"string"},"issuerid":{"minLength":1,"type":"string"},"mime":{"items":{"properties":{}},"type":"array"},"name":{"minLength":1,"type":"string"},"parent":{"type":"string"},"size":{"type":"string"},"type":{"minLength":1,"type":"string"},"uri":{"minLength":1,"type":"string"}},"required":["name","type","size","date","parent","uri","doctype","description","issuerid","issuer"]},"minItems":1,"type":"array","uniqueItems":true},"resource":{"minLength":1,"type":"string"}},"required":["items","resource"],"type":"object"}}},"description":"successful operation"},"401":{"content":{"application/json":{"schema":{"properties":{"error":{"example":"invalid_token","type":"string"},"error_description":{"example":"The access token is invalid","type":"string"}},"type":"object"}}},"description":"Unauthorized error"},"500":{"content":{"application/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/ResponseSix"},{"$ref":"#/components/schemas/ResponseSeven"}]}}},"description":"Internal Error"}},"summary":"Issued Documents","tags":["File APIs"]}},"/oauth2/2/xml/eaadhaar":{"get":{"description":"Returns e-Aadhaar data in XML format for the account.","operationId":"Get e-Aadhaar Data in XML Format id","responses":{"200":{"content":{"application/xml":{"schema":{"$ref":"#/components/schemas/EaadharXamlSchema"}}},"description":"successful operation"},"401":{"content":{"application/json":{"schema":{"properties":{"error":{"example":"invalid token","type":"string"},"error_description":{"example":"The access token is invalid","type":"string"}},"type":"object"}}},"description":"Unauthorized error"},"404":{"content":{"application/json":{"schema":{"properties":{"error":{"enum":["aadhaar_not_linked","aadhaar_not_available"]},"error_description":{"enum":["Aadhaar is not linked to the account","Aadhaar data is not available for this user. Please perform Aadhaar eKYC again."]}},"type":"object"}}},"description":"Not found"},"500":{"content":{"application/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/Response3"},{"$ref":"#/components/schemas/Response4"},{"$ref":"#/components/schemas/Response5"},{"$ref":"#/components/schemas/Response6"}]}}},"description":"Internal Error"},"503":{"content":{"application/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/Response1"},{"$ref":"#/components/schemas/Response2"}]}}},"description":"Gateway timeout"}},"security":[{"bearerAuth":[]}],"summary":"Get e-Aadhaar Data in XML Format","tags":["File APIs"]}},"/signup/1/demoauthverify":{"post":{"description":"This API is used to verify the OTP sent by DigiLocker during the sign up API call above.","operationId":"Verify OTP id","requestBody":{"content":{"multipart/form-data":{"schema":{"$ref":"#/components/schemas/DemoAuthVerify"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/DemoAuthVerifyResponse"}}},"description":"successful operation"},"400":{"content":{"application/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/Response7"},{"$ref":"#/components/schemas/Response8"},{"$ref":"#/components/schemas/Response9"}]}}},"description":"Bad request"},"401":{"content":{"application/json":{"schema":{"properties":{"error":{"example":"invalid_client_id","type":"string"},"error_description":{"example":"The client_id parameter is invalid","type":"string"}},"type":"object"}}},"description":"Unauthorized error"},"500":{"content":{"application/json":{"schema":{"properties":{"error":{"description":"unexpected_error"},"error_description":{"description":"Internal server error"}},"type":"object"}}},"description":"Internal Error"}},"security":[{"oauthsecurity":[]}],"summary":"Verify OTP","tags":["DigiLocker Sign up APIs"]}},"/signup/2/demoauth":{"post":{"description":"This API is used to validate Aadhaar details and verify the mobile number by generating an OTP. This API call, if successful, will be followed by verify OTP call by the partner application if the user is online or available to perform OTP validation as indicated in verification parameter","operationId":"SIGN UP id","requestBody":{"content":{"multipart/form-data":{"schema":{"$ref":"#/components/schemas/DemoAuth"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/DemoAuthResponse"}}},"description":"successful operation"},"400":{"content":{"application/json":{"schema":{"oneOf":[{"$ref":"#/components/schemas/Response10"},{"$ref":"#/components/schemas/Response11"},{"$ref":"#/components/schemas/Response12"}]}}},"description":"Bad request"},"401":{"content":{"application/json":{"schema":{"properties":{"error":{"example":"invalid_client_id","type":"string"},"error_description":{"example":"The client_id parameter is invalid","type":"string"}},"type":"object"}}},"description":"Unauthorized error"},"500":{"content":{"application/json":{"schema":{"properties":{"error":{"description":"unexpected_error"},"error_description":{"description":"Internal server error"}},"type":"object"}}},"description":"Internal Error"}},"security":[{"oauthsecurity":[]}],"summary":"SIGN UP","tags":["DigiLocker Sign up APIs"]}},"/statistics/1/counts":{"post":{"description":"Returns DigiLocker statistics such as the count of users, authentic documents, issuers and requesters as on a specific date.","operationId":"Get Statistics id","requestBody":{"content":{"multipart/form-data":{"schema":{"$ref":"#/components/schemas/GetStatistics"}}}},"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/GetStatisticsResponse"}}},"description":"successful operation"},"400":{"content":{"application/json":{"schema":{"properties":{"error":{"description":"invalid_parameter","type":"string"},"error_description":{"description":"One or more of the mandatory parameters is missing or invalid. The error description text will contain one or more of the following error texts:|-  Timestamp parameter is missing or invalid  HMAC parameter is missing or invalid","type":"string"}},"type":"object"}}},"description":"Bad request"},"401":{"content":{"application/json":{"schema":{"properties":{"error":{"description":"invalid_client_id","type":"string"},"error_description":{"description":"The client_id parameter is invalid","type":"string"}},"type":"object"}}},"description":"Unauthorized error"},"500":{"content":{"application/json":{"schema":{"properties":{"error":{"description":"unexpected_error","type":"string"},"error_description":{"description":"Internal server error","type":"string"}},"type":"object"}}},"description":"Internal Error"}},"security":[{"oauthsecurity":[]}],"summary":"Get Statistics","tags":["DigiLocker Meta APIs"]}}},"components":{"schemas":{"AccessResponse":{"properties":{"access_token":{"description":"The access token that can be used to call the DigiLocker APIs.","example":"bc125c212a4b03a9a188a858be5a163f379e878a","type":"string"},"digilocker_id":{"description":"A unique 36 character DigiLocker Id of the user account.","example":"123e4567-e89b-12d3-a456-426655440000","type":"string"},"dob":{"description":"This is date of birth of the user as registered with DigiLocker in DDMMYYYY format.","example":"31121970","format":"dd-mm-yyy","type":"integer"},"eaadhar":{"description":"This indicates whether eAadhaar data is available for this account. Possible values are Y and N.","enum":["Y","N"],"type":"string"},"expires_in":{"description":"The duration in seconds for which the access token is valid","example":3600,"format":"int64","type":"integer"},"gender":{"description":"This is gender of the user as registered with DigiLocker. The possible values are M, F, T for male, female and transgender respectively.","enum":["M","F","T"],"type":"string"},"name":{"description":"The name of the user as registered with DigiLocker.","example":"Sunil Kumar","type":"string"},"reference_key":{"description":"A unique reference of the user account.","example":"1c66bec26364cd6fefaabc6cae91840a","type":"string"},"refresh_token":{"description":"The refresh token used to refresh the above access token when it expires. Please refer to Refresh Access Token API for more details.","example":"a47ab18c593703e4f83a274694db7422a8cfcb8f","type":"string"},"scope":{"description":"Scope of the token.","type":"string"},"token_type":{"description":"The type of token which will always be Bearer.","example":"Bearer","type":"string"}},"required":["access_token","expires_in","token_type","scope","refresh_token","digilocker_id","name","dob","gender","eaadhar","reference_key"],"type":"object"},"AccessToken":{"properties":{"client_id":{"example":"ABCDEFG","type":"string"},"client_secret":{"example":"a123456abcdeghijk7890","type":"string"},"code":{"example":"ca82123a5476aa2f5e4638957c0ecc55c6ec07c1","type":"string"},"code_verifier":{"example":"a123456abca","type":"string"},"grant_type":{"enum":["authorization_code"],"type":"string"},"redirect_uri":{"example":"https://ndh.digitallocker.gov.in/oauth2-redirect.html","type":"string"}},"required":["grant_type","client_id","client_secret"],"type":"object"},"AuthTokenResponse":{"properties":{"access_token":{"description":"The access token that can be used to call the\n    DigiLocker APIs.","example":"bc125c212a4b03a9a188a858be5a163f379e878a","type":"string"},"expires_in":{"description":"The duration in seconds for which the access token is\n            valid.","example":3600,"format":"int64","type":"integer"},"refresh_token":{"description":"The refresh token used to refresh the above access\n  token when it expires. This will value will be\n  returned only in case of web applications and not be\n  returned for limited input devices.","example":"ad6f4004cc3e53f56bda391fe485fc4d32928061","type":"string"},"scope":{"description":"Scope of the token.","type":"string"},"token_type":{"description":"The type of token which will always be Bearer.","example":"Bearer","type":"string"}},"required":["access_token","expires_in","token_type","scope","refresh_token"],"type":"object"},"DemoAuth":{"properties":{"clientid":{"description":"Provide the client id that was created during the application registration process on Partners Portal.","type":"string"},"consent":{"description":"The consent indicator from the user for performing demographic authentication using Aadhaar details. This Partner Application must capture the user consent for performing the Aadhaar demographic authentication. The possible values are ‘Y’ and ‘N’. The sign up request will be processed only when this indicator is ‘Y’.","type":"string"},"demoauth":{"description":"The parameter indicates whether Aadhaar demographic authentication must be successful for creating DigiLocker account. The possible values are ‘Y’ and ‘N’. The value of ‘Y’ will perform Aadhaar demographic authentication and will return errors if any in response. The value of ‘N’ will also perform Aadhaar demographic authentication but will return any error in case of authentication failure. It will create a basic mobile based account for the user. Value ‘N’ should be used when the user account needs to be created in the absence of the user.","type":"string"},"dob":{"description":"This is date of birth of the user as mentioned in Aadhaar in DDMMYYYY format.","type":"integer"},"gender":{"description":"This is gender of the user as mentioned in Aadhaar. The possible values are M, F, T for male, female and transgender respectively.","enum":["M","F","T"]},"hmac":{"description":"Provide SHA-256 encrypted value of the client secret, clientid and ts parameters above concatenated in this sequence (client secret, clientid, ts). The hmac parameter is used by DigiLocker to ensure the data integrity and authentication of the request. Use the Client Secret Key generated during the application registration process on Partners Portal as the client secret.","format":"binary","type":"string"},"mobile":{"description":"This is the mobile number of the user. DigiLocker will check whether an account exists for this mobile number. Either uid or mobile is required to verify whether an account exists.","type":"integer"},"name":{"description":"This is name of the user as mentioned in Aadhaar.","type":"string"},"ts":{"description":"Provide a timestamp value in UNIX (or POSIX) format in IST time zone in seconds. This timestamp value must not be older than 30 minutes.","type":"string"},"uid":{"description":"This is the Aadhaar number of the user. DigiLocker will check whether an account exists for this Aadhaar number. Either uid or mobile is required to verify whether an account exists.","type":"integer"},"verification":{"description":"The parameter indicates whether the mobile number provided above should be validated by DigiLocker. If this parameter is ‘Y’, the DigiLocker sends an OTP to verify the mobile number. In this case the client application will call the second API to validate the OTP. The user will be signed on only after successful OTP validation. This flow should be used when the user account is created by user himself/herself or the user is present to provide the OTP. If this parameter is ‘N’, the user account will be created without OTP validation. The OTP validation will be performed when the user signs in for the first time in DigiLocker. This flow should be used when the user account needs to be created in the absence of the user.","type":"string"}}},"DemoAuthResponse":{"properties":{"details":{"properties":{"access_token":{"description":"The access token tha