eSignet

The eSignet service is utilized by Inji Wallet for online login. Users have the ability to log in to any service provider portal that is integrated with eSignet.

The user is required to open the portal integrated with eSignet and utilize the app scanner to scan the QR code.

After successfully scanning the QR code, Inji Wallet will access the API below and transmit the link code.

Link Transaction endpoint V2

post

The link transaction endpoint is invoked from Wallet-app.

Validates the link-code and its expiry and generates the linkTransactionId. This linkTransactionId is linked to transactionId returned from /oauth-details endpoint.
Returns the auth-factors, clientName, logoUrl, User claims, authorize scopes along with linkTransactionId.

Note: Wallet-app will hereafter address the transaction with this linkTransactionId for the /authenticate and /consent endpoints.

Body

requestTimestringRequired

Responses

200

application/json

post

/linked-authorization/v2/link-transaction

POST /v1/esignet/linked-authorization/v2/link-transaction HTTP/1.1
Host: esignet.collab.mosip.net
Content-Type: application/json
Accept: */*
Content-Length: 83

{
  "requestTime": "2023-09-22T08:01:10.000Z",
  "request": {
    "linkCode": "xl4cnYtLQkGRxUj"
  }
}

200

{
  "responseTime": "2023-09-22T08:01:13.000Z",
  "response": {
    "linkTransactionId": "qwert_yt46_hX0xlBJNExl9cnYtL8kGvcbf555",
    "clientName": {
      "eng": "Fastlane e-Sim Service",
      "fra": "Service e-Sim de Fastlane",
      "ara": "خدمة فاست لين e-SIM"
    },
    "logoUrl": "https://fastlane.com/logo.png",
    "authFactors": [
      [
        {
          "type": "OTP",
          "count": 0,
          "subTypes": null
        }
      ]
    ],
    "authorizeScopes": [],
    "credentialScopes": [],
    "essentialClaims": [
      "name",
      "address"
    ],
    "voluntaryClaims": [
      "email",
      "phone_number"
    ],
    "configs": {
      "sbi.env": "Staging",
      "sbi.threshold.face": 40,
      "sbi.threshold.finger": 40,
      "sbi.threshold.iris": 40
    }
  },
  "errors": null
}

After successfully completing the offline face authentication and selecting the required and optional information, the two specified APIs are invoked.

Linked Authentication Endpoint V2

post

Once end user provides the user identifier (UIN/VID) and all the required auth challenge to the Wallet-app, this endpoint will be invoked from wallet-app.

Supported auth-challenge depends on the integrated authentication server.

Validates linkedTransactionId.
Validates null / empty individualId.
Invokes kyc-auth call to integrated authentication server (IDA).
Relays error from integrated authentication server to UI on failure.
It validates stored userconsent against the requested claims and scopes

On Authentication Success: linkTransactionId and consentAction is returned in the below response without any errors.

On Authentication Failure: Error list will be set with the errors returned from the integrated authentication server.

Body

requestTimestringRequiredPattern: yyyy-MM-dd'T'HH:mm:ss.SSS'Z'

Responses

200

application/json

post

/linked-authorization/v2/authenticate

POST /v1/esignet/linked-authorization/v2/authenticate HTTP/1.1
Host: esignet.collab.mosip.net
Content-Type: application/json
Accept: */*
Content-Length: 235

{
  "requestTime": "2023-09-22T08:01:10.000Z",
  "request": {
    "linkedTransactionId": "qwert_yt46_hX0xlBJNExl9cnYtL8kGvcbf555",
    "individualId": "34543276756",
    "challengeList": [
      {
        "authFactorType": "OTP",
        "challenge": "111111",
        "format": "alpha-numeric"
      }
    ]
  }
}

200

{
  "responseTime": "2023-09-22T08:01:13.000Z",
  "response": {
    "linkedTransactionId": "qwert_yt46_hX0xlBJNExl9cnYtL8kGvcbf555",
    "consentAction": "CAPTURE"
  },
  "errors": []
}

post

Once the authentication is successful and user consent is obtained, this endpoint will be invoked by the wallet app to send the accepted consent and permitted scopes.

Validates linkedTransactionId.
Validate accepted claims and permitted scopes in the request and the signature.
If valid, stores the accepted claims, permitted scopes and signature in the consent registry.

Body

requestTimestringRequiredPattern: yyyy-MM-dd'T'HH:mm:ss.SSS'Z'

Responses

200

application/json

post

/linked-authorization/v2/consent

POST /v1/esignet/linked-authorization/v2/consent HTTP/1.1
Host: esignet.collab.mosip.net
Content-Type: application/json
Accept: */*
Content-Length: 241

{
  "requestTime": "2023-09-22T08:01:13.000Z",
  "request": {
    "linkedTransactionId": "qwert_yt46_hX0xlBJNExl9cnYtL8kGvcbf555",
    "permittedAuthorizeScopes": [],
    "acceptedClaims": [
      "name",
      "email",
      "phone_number",
      "address"
    ],
    "signature": "<detached signature>"
  }
}

200

{
  "responseTime": "2023-09-22T08:01:14.000Z",
  "response": {
    "linkedTransactionId": "qwert_yt46_hX0xlBJNExl9cnYtL8kGvcbf555"
  },
  "errors": []
}

Last updated 9 months ago

Was this helpful?

hashtagOnline login

hashtagQR code scanning and login to the service provider portal

hashtagLink Transaction endpoint V2

hashtagLink Transaction endpoint V2

hashtagLinked Authentication Endpoint V2

hashtagLinked Authentication Endpoint V2

hashtagLinked Consent Endpoint V2

hashtagLinked Consent Endpoint V2

Online login

QR code scanning and login to the service provider portal

Link Transaction endpoint V2

Link Transaction endpoint V2

Linked Authentication Endpoint V2

Linked Authentication Endpoint V2

Linked Consent Endpoint V2

Linked Consent Endpoint V2