Hi All,
A lot of integrators face 401-Unauthorised issue while trying to comsume to healthID APIs. Please note ABDM EcoSystem has many different components and having clientID/Secret doesn’t mean that you will have access to all different modules. This is because EcoSystem usage Role-based access to different APIs. Hence before calling APIs for any module you need to verify if your clientId/Secret has appropriate roles.
Here is how to check if you have access to HealthID APIs:
- Generate accessToken by calling session APIs:
curl ‘https://dev.ndhm.gov.in/gateway/v0.5/sessions ’ -H ‘User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:79.0) Gecko/20100101 Firefox/79.0’ -H ‘Accept: application/json’ -H ‘Accept-Language: en-US,en;q=0.5’ --compressed -H ‘Referer: https://dev.ndhm.gov.in/swagger/ndhm-gateway ’ -H ‘Content-Type: application/json’ -H ‘Origin: https://dev.ndhm.gov.in ’ -H ‘Connection: keep-alive’ -H ‘Pragma: no-cache’ -H ‘Cache-Control: no-cache’ --data-raw ‘{“clientId”:“SBX_0000000”,“clientSecret”:“142g733a-2020-4xxx-axx11-222xxxxxxx”}’
- On succesful execution, you will get a JWT token in respose to call above. Copy that JWT token (access Token).
- Open jwt.io in your browser and paste access token in left hand side text box titles Encoded.
- Check Decoded result on right-hand side if it has HealthID under realm_access. If it is there then you can access HealthID APIs.
In case you do not see HealthID role in realm_access then please connect with sandbox team to provide access to your clientId highlighting your requirements to so. Once sandBox team confirms your access then you can again verify using steps provided above to check before proceeding to comsume HealthID APIs.
Hope it will help to reduce your issues related to 401-Unauthorised. In case you are still getting it then please refer to this guide for more details.
Thanks
ABDM ID Team