eSignet

The link transaction endpoint is invoked from Wallet-app.

1. Validates the link-code and its expiry and generates the linkTransactionId. This linkTransactionId is linked to transactionId returned from /oauth-details endpoint.

2. Returns the auth-factors, clientName, logoUrl, User claims, authorize scopes along with linkTransactionId.

Note: Wallet-app will hereafter address the transaction with this linkTransactionId for the /authenticate and /consent endpoints.

Once end user provides the user identifier (UIN/VID) and all the required auth challenge to the Wallet-app, this endpoint will be invoked from wallet-app.

Supported auth-challenge depends on the integrated authentication server.

1. Validates linkedTransactionId.

2. Validates null / empty individualId.

3. Invokes kyc-auth call to integrated authentication server (IDA).

4. Relays error from integrated authentication server to UI on failure.

5. It validates stored userconsent against the requested claims and scopes

On Authentication Success: linkTransactionId and consentAction is returned in the below response without any errors.

On Authentication Failure: Error list will be set with the errors returned from the integrated authentication server.

Once the authentication is successful and user consent is obtained, this endpoint will be invoked by the wallet app to send the accepted consent and permitted scopes.

1. Validates linkedTransactionId.

2. Validate accepted claims and permitted scopes in the request and the signature.

3. If valid, stores the accepted claims, permitted scopes and signature in the consent registry.