Issue in Verify Mobile OTP. In Update Mobile API shows Incorrect OTP

pooja · March 7, 2022, 12:05pm

I am Trying to Update Mobile no in Profile, But In Verify OTP API got error as Invalid OTP.Kindly check attached Screenshot and Advice.

I have used below CURL.
curl --location --request POST ‘https://healthidsbx.abdm.gov.in/api/v2/account/change/mobile/new/verifyOTP’ \

–header ‘X-TOKEN: Bearer eyJhbGciOiJSUzUxMiJ9.eyJzdWIiOiIyMS03MTA4LTMyNTItMDUwNSIsImNsaWVudElkIjoiU0JYXzAwMDIwNSIsInN5c3RlbSI6IkFCSEEtTiIsIm1vYmlsZSI6Ijk4MTkyMjk3MDQiLCJoZWFsdGhJZCI6InJhanB1dGtodXNoaUBzYngiLCJleHAiOjE2NDY2NTA0MjAsImhlYWx0aElkTnVtYmVyIjoiMjEtNzEwOC0zMjUyLTA1MDUiLCJpYXQiOjE2NDY2NDg2MjB9.nZswGoJpfwoSpFAxdbjh9GzlmSiu73FiDltRFCkn-6EBxvYrB6sWc2ujvvAg3MMu13STtowUB03LcXUBohydNraF9GphHMdTeAxkG8Ih9s8Y0lU6cYmoYEGwPfg-WVm-9FSdgokDDz3Lkn974tRf0nWZXSeKQZwT_q31WV_qDPSro0Pl9V6MQd6BjqzSPKGCDTK0RrkP1O3W3MKU9flLmYjeqkLQMsGyn2osFrmTlPojywwpRMylk54qyvIiDUckxZ2lmKrJuzmPB4bR7UAdztHJLr1G73RNtUXhC-ipuqXdSML54v_tbhuQ7RBCNgKEeVu4UDH26CP6CuVHuc-NokY0tvpYJl5qRQlrFcZ17d2kcb81a4sYrVYmMaELJgcyMuU_d10nbiWXb1YjwT_UzY7iJ5ndnVUOFGG1tySeEvaSzgbvwFsKnRqweT0fl6wywR4MaSYZsIr2vg2EV9VfDwaYYoKfvSn6bu3uD2CSGWP8A9qYKDUS-cEWeYJ_sD14Dy2jUbjjMbVoWQtYQblBMl8g8LohRbOQ1hbnDLn80W7HdTlUx0oOiMdz9EJIrNnA51JaiFGDIQWEpyEwenLvrAsRVjiBA3SEgzzBLhdwIDIkG3gRDhQrmTrHU-oXURt7TOgjx-digpd_Pz0K4pgP01WZ_JOpucRv1JNOkFRgEiA’ \

–header ‘Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJBbFJiNVdDbThUbTlFSl9JZk85ejA2ajlvQ3Y1MXBLS0ZrbkdiX1RCdkswIn0.eyJleHAiOjE2NDY2NTA2NTYsImlhdCI6MTY0NjY1MDA1NiwianRpIjoiNjg1NzM0YjAtMmU2My00ZDQ4LWI3ZWQtZWI4ZGQ5ZWQ2ZDFlIiwiaXNzIjoiaHR0cHM6Ly9kZXYubmRobS5nb3YuaW4vYXV0aC9yZWFsbXMvY2VudHJhbC1yZWdpc3RyeSIsImF1ZCI6ImFjY291bnQiLCJzdWIiOiIwZDMwZGRkMi0yZTgyLTQzMWQtYWI0NC0yMjI0OTQ2OTdkYjciLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJTQlhfMDAwMjA1Iiwic2Vzc2lvbl9zdGF0ZSI6Ijk1ZDY0M2Q2LTk2ZjYtNDNlZC05ODA0LTI1MDdjNWEwMjgxOCIsImFjciI6IjEiLCJhbGxvd2VkLW9yaWdpbnMiOlsiaHR0cDovL2xvY2FsaG9zdDo5MDA3Il0sInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJoaXUiLCJvZmZsaW5lX2FjY2VzcyIsImhlYWx0aElkIiwiT0lEQyIsImhpcCJdfSwicmVzb3VyY2VfYWNjZXNzIjp7IlNCWF8wMDAyMDUiOnsicm9sZXMiOlsidW1hX3Byb3RlY3Rpb24iXX0sImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoib3BlbmlkIGVtYWlsIHByb2ZpbGUiLCJjbGllbnRJZCI6IlNCWF8wMDAyMDUiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsImNsaWVudEhvc3QiOiIxMC4yMzMuNjkuMjE4IiwicHJlZmVycmVkX3VzZXJuYW1lIjoic2VydmljZS1hY2NvdW50LXNieF8wMDAyMDUiLCJjbGllbnRBZGRyZXNzIjoiMTAuMjMzLjY5LjIxOCJ9.O4bnFqQTr8JCTWCLTLonT5j9Xfjbb35YPZNvrUE1LVH0cdidikBVDOqe6aYYxRoeaqWQyBt-p_9mtLomgiB5d6f5mcvQ4vWDf99W0RDm9N0zXIOmDV-iXARP-GO8r8RuJ6RF_vV5N7UnLaRznjYWl-VA698sVF1WbBZDHN0MN9qFQqAFmiRqrex_WdD2G4wQAxAJJ_19gGoZqgY2kjAETvF83XMVjjfKMYK-csh9kuH8y9RX3h-Oh22sRnUivP8lqf6weagEy8gvfHv6qLls6SzxNXWGkFuekiDXvRTi8m-y5w4ds8T-1-HJdQ0fI05jY5aRkwuUoBpx4ra1LuIN9w’ \

–header ‘Content-Type: application/json’
–data-raw ‘{
“txnId”: “625da1a8-a87c-4a59-b8f3-c4cd095f0c14”,
“otp”:“308554”
}’

adnan_360 · March 7, 2022, 7:40pm

Hiii @pooja
its working fine right now

curl -X POST “https://healthidsbx.abdm.gov.in/api/v2/account/change/mobile/new/generateOTP” -H “accept: /” -H “Accept-Language: en-US” -H “X-Token: Bearer eyJhbGciOiJSUzUxMiJ9.eyJzdWIiOiIzNC0wNzg2LTYyODQtNjc1MyIsImNsaWVudElkIjoiaGVhbHRoaWQtYXBpIiwic3lzdGVtIjoiQUJIQS1OIiwibW9iaWxlIjoiNzkwNjg1MzQ2NCIsImhlYWx0aElkIjoibW9oZGNob3VkaGFyeTEzMTIxOTk0QHNieCIsImV4cCI6MTY0NjY4Mjk0MiwiaGVhbHRoSWROdW1iZXIiOiIzNC0wNzg2LTYyODQtNjc1MyIsImlhdCI6MTY0NjY4MTE0Mn0.EfPfYjILop7qMQYisLKFPalt-X7G9fK6RBANQ55t21WoDpSzUqffMuKi03zVhzkXTV9lwybZZhQhzPYMpJRkphMuPzUNe3vbfL-oDkQUUH2qEg03b-b1sLzEetPzsw396EWdegkPVqrEG1HzViIwYwW9Wc0TKL3T7pT28LgY_AkNVK-gho9dwwWbHmlUbwiXXxBaGWNQX5c1YlVADQBx2MElNUdP7k1FRBQ2DCJYMZeOgVGNofpxnj-zdY8UnIbe7_75Wy-grdLkzyx4qe1o0BdgyKriLIZWuI9uRiblMOQUXpFzE_qDCXfNYjaBYz6TskZl_Hie_yk8uvPF6_larMqMLRudv_uqiAsYt4Em5as7KI35spKbuEs5KKCxnXZhjeUCgsXMyiCSBpKHZ8XjbpnuVvol8M-Q7vCNP_DCGJsK8pYLj0z_HI8BEB2Cp7uxKUQqLHfHSTB0orGOkz4S0feo7GqDlkw9gjTgvSlEF7b7yurLH-wv2rfAGmUlkdXQTg9XjSXd4vOlEv0l9UrQVTJrotaVMCC1H2ITkUEQjjij2Gc2f7geUJRdeZUwnTpGXLcpwPwWcnVkyA_ENkXY_LlJhufZo6agSvlt_31bhvju1XDwTAvPpcF__6gaWMLr2xiSmZIDOrapW0yTYQGzSGF6G9MKrL2vt9Wfj1v9c_4” -H “Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJBbFJiNVdDbThUbTlFSl9JZk85ejA2ajlvQ3Y1MXBLS0ZrbkdiX1RCdkswIn0.eyJleHAiOjE2NDY2ODE5OTAsImlhdCI6MTY0NjY4MTM5MCwianRpIjoiY2MyNGQwOGQtOTUxZC00N2QxLWI1YTEtNTI3NGU5OGI4MDJlIiwiaXNzIjoiaHR0cHM6Ly9kZXYubmRobS5nb3YuaW4vYXV0aC9yZWFsbXMvY2VudHJhbC1yZWdpc3RyeSIsImF1ZCI6WyJyZWFsbS1tYW5hZ2VtZW50IiwiYWNjb3VudCJdLCJzdWIiOiIwNmJkNGZlNy04NjEyLTRiZmEtYTI1NS1iMDdiZmFjZmU1M2QiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJoZWFsdGhpZC1hcGkiLCJzZXNzaW9uX3N0YXRlIjoiMDc0NzUwMTgtZjhmZi00OWQ4LWE3OWYtNzU3NWYyMGRiODNmIiwiYWNyIjoiMSIsInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJoZWFsdGhpZF9zZXJ2ZXIiLCJIaWRJbnRlZ3JhdGVkUHJvZ3JhbSIsImhlYWx0aGlkLXdlYiIsIm9mZmxpbmVfYWNjZXNzIiwiaGVhbHRoSWQiXX0sInJlc291cmNlX2FjY2VzcyI6eyJyZWFsbS1tYW5hZ2VtZW50Ijp7InJvbGVzIjpbInZpZXctY2xpZW50cyIsInF1ZXJ5LWNsaWVudHMiXX0sImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoib3BlbmlkIGVtYWlsIHByb2ZpbGUiLCJjbGllbnRJZCI6ImhlYWx0aGlkLWFwaSIsImNsaWVudEhvc3QiOiIxMC4yMzMuNjkuMjE4IiwiZW1haWxfdmVyaWZpZWQiOmZhbHNlLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJzZXJ2aWNlLWFjY291bnQtaGVhbHRoaWQtYXBpIiwiY2xpZW50QWRkcmVzcyI6IjEwLjIzMy42OS4yMTgifQ.TxnbSV8FsUyTqjCxkFsNxlyhm43FliuXS_Q6irugjvLTligB8gvF9RMH6zv7kVGfl63HLs7y_Kz5Zudz1Ppe_g9tt5LVX9IoNYSIlfZaNc8q26ybOVVrSs7ZONtm6qlwduHA69cj_VugUd8GFme8qMDZKu5V9yg7huRYf-2twgZ4ZPP4_THAZEq0r4PM4XZo5Qpp9MXnIWoUX0lth6HmntCa05APf12R_rGD9mDj8OxpkFs8B_tTqPhdPv7XVB21mVx_ht6E-uITNdO3SMQlq3XoROcRqN0zUWIOZ0CQ2NfymFKf2kdM1Tibwrr5Y-XymGCkuOzqEQAyWAb7oScP9A” -H “Content-Type: application/json” -d “{ “newMobileNumber”: 7417383825}”
its working fine

pooja · March 8, 2022, 6:13am

Hii @adnan_360
Yes its working in my system also. But I have got issue in Verify OTP API .Kindly refer attached Screenshot.

depakpant · March 8, 2022, 8:40am

Hi @pooja,

You need to provide the encrypted OTP in the request.

Please check the swagger documentation

Sensitive data(Data like OTP, Aadhaar Number, Password, Username etc) have to be encrypted.
Data is encrypted by the public certificate. The certificate can be downloaded from the /v2/auth/cert API under Authentication tag in the version 2.
RSA Encryption to encrypt the data. Cipher Type - RSA/ECB/PKCS1Padding . online tool to encrypt data click here

Thanks
Deepak

adnan_360 · March 8, 2022, 9:02am

Hiii @pooja
its working fine right now i have tested the same url V2

its verified fine to verify mobile OTP updated mobile

Thanks
Adnan360

pooja · March 8, 2022, 9:39am

Hii @depakpant,

As per your suggestion I have tried Encrypted OTP in the request .But still having same issue. Please refer attached screenshot.

akashkrish · March 11, 2022, 1:35pm

hi @pooja,
you need to generate a public key with /v2/auth/cert to encrypt the otp

adnan_360 · March 11, 2022, 6:17pm

Hi @pooja
Please use to generate otp with mobile no
and verify with encrypt file to convert opt in BASE64 value
and paste in the parameter to and transaction id as well ohk
https://healthidsbx.abdm.gov.in/api/v2/account/change/mobile/new/verifyOTP
{
“txnId”: “f312624c-c5ed-4054-a72e-9a5c56208fc4”
}
its working fine right now
Response is 200 OHK

In both cases is working for your response i have tested for you

Thanks & Regards
Adnan

pooja · March 12, 2022, 6:00am

Hi @adnan_360 @akashkrish

I have tried. It’s working now. Thanks for help.

Regards,
Pooja.

Arshad0903 · May 27, 2022, 1:53pm

hi can you tell me how to generate public key ?i am getting issue of otp verifying

thanks
Arshad

sunchu · May 30, 2022, 8:33am

Hi @pooja,
For v2 APIs, OTP , passwords etc. will be in encrypted format, Please encrypt OTP first using below API :
https://healthidsbx.abdm.gov.in/api/v1/auth/cert

Attaching screenshots for your reference:

Please connect if you still face any issue.

anchal2909 · June 15, 2022, 7:41am

Closing the issue for now. Please create new ticket if you still face this issue.

sunchu · June 28, 2022, 10:33am