Aadhaar Verification
Aadhaar is a 12-digit individual identification number which serves as proof of identity and proof of address for residents of India. Aadhaar is a valid Proof of Identity and Proof of Address.
This document covers two methods for Aadhaar verification:
- Direct Method: OTP-based verification using mobile number
- DigiLocker Method: Seamless verification through DigiLocker integration
Aadhaar Structure
The following data structure is returned upon successful verification:
| Key | Description |
|---|---|
| Aadhaar ID | Masked Aadhaar Number |
| Date of Birth | Date of birth in DD-MM-YYYY format |
| Gender | Gender (Male/Female) |
| Name | First name from Aadhaar |
| Last Name | Last name from Aadhaar (DigiLocker only) |
| Care Of | Care of field from Aadhaar |
| Country | Country (India) |
| District | District |
| Locality | Locality information |
| Pin Code | PIN code |
| State | State |
| VTC | Village/Town/City |
| House | House number |
| Street | Street information |
| Landmark | Landmark (Direct method only) |
| Post Office | Post Office (Direct method only) |
| Sub-District | Sub-District (Direct method only) |
| Address | Complete address |
| Photo | Base64 encoded image of the Aadhaar holder |
API Integration
Direct Method
Step 1 - Send OTP to registered mobile number linked to Aadhaar Number
To generate OTP use Generate OTP Api
Request
{
"number": 732255662234
}
Response
{
"code": 0,
"message": "Success",
"data": {
"ref_id": "9183621",
"message": "OTP sent to *******8011"
}
}
The ref_id in the response is to be used in Step 2.
Step 2 - Verify OTP and get details linked to Aadhaar Number
To verify with OTP, use this Verify Aadhaar API
Request
{
"ekycOtp": "299508",
"refId": "9183621",
"digiLocker": false
}
Response
{
"code": 0,
"message": "Success",
"data": {
"aadhaarId": "2XXXXXXXXXX8",
"dateOfBirth": "DD-MM-YYYY",
"gender": "Male",
"name": "KXXXXXj MXXXXXa",
"careOf": "UXXXXl SXXXXh",
"country": "India",
"district": "Gurgaon",
"locality": "Sector 55",
"pinCode": "122004",
"state": "Haryana",
"vtc": "Gurgaon",
"house": "238",
"street": "Sector 55",
"landmark": "Sector 54 Metro",
"postOffice": "Gurugram",
"subDistrict": "Gurugram",
"address": "Sector 55 Gurgaon Haryana",
"photo": "Base-64 encoded image"
}
}
DigiLocker Method
The DigiLocker method provides a secure and seamless verification process without requiring OTP. This method leverages the government-backed DigiLocker infrastructure for authentication.
DigiLocker Integration Flow
The DigiLocker-based Aadhaar verification follows a two-step process:
- Pre-Verification: Initialize the DigiLocker authentication process
- Verification: Retrieve the Aadhaar details after user authentication
Step 1: Pre-Verify Aadhaar (Initialize DigiLocker)
Use the Pre-Verify Aadhaar API to initialize the DigiLocker authentication process.
Request
{
"digiLocker": true,
"redirectUrl": "https://your-redirect-url.com"
}
Response
{
"code": 0,
"message": "Success",
"data": {
"transactionId": "90074f18-cb8c-4405-ae7d-e801afa19534",
"authUrl": "https://digilocker-auth-url.example"
}
}
Important:
- Save the
transactionIdfor Step 2 - Redirect the user to the
authUrlto complete DigiLocker authentication
Step 2: Complete Aadhaar Verification
After the user completes DigiLocker authentication and returns to your redirectUrl, use the Aadhaar Verification (Self) API to retrieve the verification results.
Request
{
"digiLocker": true,
"transactionId": "90074f18-cb8c-4405-ae7d-e801afa19534"
}
Response
{
"code": 0,
"message": "Success",
"data": {
"aadhaarId": "XXXXXXXXXXXX",
"dateOfBirth": "DD-MM-YYYY",
"gender": "Male/Female",
"name": "XXXXXXXXXXXX",
"lname": "XXXXXXXXXXXX",
"careOf": "XXXXXXXXXXXX",
"country": "India",
"district": "XXXX",
"locality": "XXXX 55",
"pinCode": "XXXXXX",
"state": "XXXXX",
"vtc": "XXXXXXX",
"house": "XXXX",
"street": "XXXXX",
"address": "Complete address",
"photo": "Base 64 encoded image"
}
}
Implementation Steps
- Call Pre-Verify API: Make a request to initialize DigiLocker authentication
- Redirect User: Direct the user to the
authUrlreceived in the response - Handle Callback: When the user returns to your
redirectUrl, capture the callback - Call Verification API: Use the saved
transactionIdto retrieve Aadhaar details - Process Results: Handle the returned Aadhaar information in your application
Error Handling
400 Bad Request
{
"code": 1,
"message": "Invalid transaction ID",
"data": {}
}
404 Not Found
{
"code": 1,
"message": "Transaction not found or expired",
"data": {}
}
422 Unprocessable Entity
{
"message": "Invalid redirectUrl"
}
Best Practices
- Secure Storage: Store the
transactionIdsecurely and associate it with the user session - Timeout Handling: Implement appropriate timeout mechanisms for the DigiLocker authentication process
- Error Handling: Properly handle all error responses and provide meaningful feedback to users
- URL Validation: Ensure your
redirectUrlis valid and publicly accessible - Data Privacy: Handle the returned Aadhaar data according to data protection regulations