eSignet
The eSignet service is utilized by Inji Wallet for online login. Users have the ability to log in to any service provider portal that is integrated with eSignet.
Online login
QR code scanning and login to the service provider portal
The user is required to open the portal integrated with eSignet and utilize the app scanner to scan the QR code.
After successfully scanning the QR code, Inji Wallet will access the API below and transmit the link code.
Link Transaction endpoint V2
The link transaction endpoint is invoked from Wallet-app.
Validates the link-code and its expiry and generates the linkTransactionId. This linkTransactionId is linked to transactionId returned from /oauth-details endpoint.
Returns the auth-factors, clientName, logoUrl, User claims, authorize scopes along with linkTransactionId.
Note: Wallet-app will hereafter address the transaction with this linkTransactionId for the /authenticate and /consent endpoints.
POST /v1/esignet/linked-authorization/v2/link-transaction HTTP/1.1
Host: esignet.collab.mosip.net
Content-Type: application/json
Accept: */*
Content-Length: 83
{
"requestTime": "2023-09-22T08:01:10.000Z",
"request": {
"linkCode": "xl4cnYtLQkGRxUj"
}
}
OK
{
"responseTime": "2023-09-22T08:01:13.000Z",
"response": {
"linkTransactionId": "qwert_yt46_hX0xlBJNExl9cnYtL8kGvcbf555",
"clientName": {
"eng": "Fastlane e-Sim Service",
"fra": "Service e-Sim de Fastlane",
"ara": "خدمة فاست لين e-SIM"
},
"logoUrl": "https://fastlane.com/logo.png",
"authFactors": [
[
{
"type": "OTP",
"count": 0,
"subTypes": null
}
]
],
"authorizeScopes": [],
"credentialScopes": [],
"essentialClaims": [
"name",
"address"
],
"voluntaryClaims": [
"email",
"phone_number"
],
"configs": {
"sbi.env": "Staging",
"sbi.threshold.face": 40,
"sbi.threshold.finger": 40,
"sbi.threshold.iris": 40
}
},
"errors": null
}
After successfully completing the offline face authentication and selecting the required and optional information, the two specified APIs are invoked.
Linked Authentication Endpoint V2
Once end user provides the user identifier (UIN/VID) and all the required auth challenge to the Wallet-app, this endpoint will be invoked from wallet-app.
Supported auth-challenge depends on the integrated authentication server.
Validates linkedTransactionId.
Validates null / empty individualId.
Invokes kyc-auth call to integrated authentication server (IDA).
Relays error from integrated authentication server to UI on failure.
It validates stored userconsent against the requested claims and scopes
On Authentication Success: linkTransactionId and consentAction is returned in the below response without any errors.
On Authentication Failure: Error list will be set with the errors returned from the integrated authentication server.
yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
POST /v1/esignet/linked-authorization/v2/authenticate HTTP/1.1
Host: esignet.collab.mosip.net
Content-Type: application/json
Accept: */*
Content-Length: 235
{
"requestTime": "2023-09-22T08:01:10.000Z",
"request": {
"linkedTransactionId": "qwert_yt46_hX0xlBJNExl9cnYtL8kGvcbf555",
"individualId": "34543276756",
"challengeList": [
{
"authFactorType": "OTP",
"challenge": "111111",
"format": "alpha-numeric"
}
]
}
}
OK
{
"responseTime": "2023-09-22T08:01:13.000Z",
"response": {
"linkedTransactionId": "qwert_yt46_hX0xlBJNExl9cnYtL8kGvcbf555",
"consentAction": "CAPTURE"
},
"errors": []
}
Linked Consent Endpoint V2
Once the authentication is successful and user consent is obtained, this endpoint will be invoked by the wallet app to send the accepted consent and permitted scopes.
Validates linkedTransactionId.
Validate accepted claims and permitted scopes in the request and the signature.
If valid, stores the accepted claims, permitted scopes and signature in the consent registry.
yyyy-MM-dd'T'HH:mm:ss.SSS'Z'
POST /v1/esignet/linked-authorization/v2/consent HTTP/1.1
Host: esignet.collab.mosip.net
Content-Type: application/json
Accept: */*
Content-Length: 241
{
"requestTime": "2023-09-22T08:01:13.000Z",
"request": {
"linkedTransactionId": "qwert_yt46_hX0xlBJNExl9cnYtL8kGvcbf555",
"permittedAuthorizeScopes": [],
"acceptedClaims": [
"name",
"email",
"phone_number",
"address"
],
"signature": "<detached signature>"
}
}
OK
{
"responseTime": "2023-09-22T08:01:14.000Z",
"response": {
"linkedTransactionId": "qwert_yt46_hX0xlBJNExl9cnYtL8kGvcbf555"
},
"errors": []
}
Last updated
Was this helpful?