Where to get requester type and ID for login collection API?

jdk2588 · May 13, 2022, 11:19am

Trying to use PHR Login API as documented in https://sandbox.abdm.gov.in/swagger/ndhm-phr-app2.yaml using phrAddress. Endpoint is /v1/apps/phrAddress/auth-init
In the API specs, I read request body to have

{
  "patientId": "hinapatel@sbx",
  "purpose": "CM_ACCESS",
  "authMode": "MOBILE_OTP",
  "requester": {
    "type": "PHR",
    "id": "IN0400XX"
  }
}

Where to get the value for requester.id from? Please suggest

jdk2588 · May 17, 2022, 3:45am

When I make the call, I get the error,

    {
        "error": {
            "code": 1401,
            "message": "Token verification failed"
        }
    }

Ramandeep1 · May 17, 2022, 7:34am

@Prajwal kindly look into the same.

jdk2588 · May 19, 2022, 5:04am

Helllo @Ramandeep1 @Prajwal, any update on this?

Prajwal · May 19, 2022, 7:35am

call session api and get new api token then try to pass it in this api

jdk2588 · May 19, 2022, 2:18pm

@Prajwal can you please point which session API from here https://sandbox.abdm.gov.in/swagger/ndhm-phr-app2.yaml?

Prajwal · May 20, 2022, 8:40am

https://dev.ndhm.gov.in/gateway/v0.5/sessions
Req.
{“clientId”:"",“clientSecret”:"",“grantType”:""}

Note - use this swagger link. here u can find the sessions api detail
https://sandbox.abdm.gov.in/swagger/ndhm-phr-app.yaml

slamba · May 23, 2022, 12:04pm

@Prajwal
Facing same issue while calling https://dev.abdm.gov.in/cm/v1/apps/login/hid/auth-init/v1/apps/login/hid/auth-init this API getting following error

 "error": {
     "code": 1401,
     "message": "Token verification failed"
    }

Even if i try `https://dev.abdm.gov.in/cm/v1/sessions` this API where we can get refresh token?

Can you provide sequence of APIs for PHR login?

jdk2588 · May 27, 2022, 10:08am

@Prajwal tried passing the API token in the API but still getting response as “Token Verification failed”.

curl --location --request POST ‘https://dev.abdm.gov.in/cm/v1/apps/login/hid/auth-init’
–header ‘X-CM-ID: sbx’
–header ‘Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJBbFJiNVdDbThUbTlFSl9JZk85ejA2ajlvQ3Y1MXBLS0ZrbkdiX1RCdkswIn0.eyJleHAiOjE2NTM2NDU3NDUsImlhdCI6MTY1MzY0NTE0NSwianRpIjoiMGE0ZGMxM2QtNjUyZS00M…’
–header ‘Content-Type: application/json’
–header ‘Cookie: TS011c04bd=01115a1c90b8e8bb9134c4520146b65970893d6e2650f34aa40405ae247207d10f1331934c11fea0a4df50e88f345db47a7a5cb992’
–data-raw ‘{
“value”: “45rmSPs2bq1U/Z5DaaJDhBVO3xHiBNHXOTus7+pRk/907La+q8Afi2zrCYikMiwh4GSqeUfY7ckDE8O6EcAZ0dg7Ybsn7nFQN3lVnfuprL8fBYEY3RUAQB5EhtgQnM1pKJXqbf8v5Vfc6fQM8bkGA9bFRXwSAK6TSWt0eFP7cQxME+boKXhktTU8JCi1aRsPj4W+rxOzABWFynu6pFl2NBqfS/y+uDFXeHVPOCqR1Y8DTvw3cUdagB8Ss2c6uodcvlsgECGuX21+EmHtoTuDXy7gFOk4aY2byuIo5i9ewCqjLDIP6hDtT6+EzEbI7TJcEqeuR+ya+jr0g9qNXPxSew==”,
“authMode”: “AADHAAR_OTP”,
“purpose”: “CM_ACCESS”,
“requester”: {
“type”: “PHR”,
“id”: “IN0400XX”
}
}’

Getting response as:

{
“error”: {
“code”: 1401,
“message”: “Token verification failed”
}
}

sudo · May 30, 2022, 5:53am

Here is the sequence of API calls for the PHR API.

https://docs.google.com/spreadsheets/d/1lrLSu_ShXTwi6p6ETbss_Ibx-Lodj5KcZAkyvuGruXY/edit#gid=0

AFAIK, You should have the PHR role and pass the phr id to make these APIs work.

jdk2588 · May 31, 2022, 11:43am

I tried passing the Gateway token but getting error such as

curl --location --request POST 'https://dev.abdm.gov.in/cm/v1/apps/login/hid/auth-init' \
--header 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJBbFJiNVdDbThUbTlFSl9JZk85ejA2ajlvQ3Y1MXBLS0ZrbkdiX1RCdkswIn0.eyJleHAiOjE2NTM5OTc2NzYsImlhdCI6MTY1Mzk5NzA3NiwianRpIjoiN2NjNmUxMjMtMGQyZi00YjMwLTgwNjYtMmE4YTc0ZmM4YzU5IiwiaXNzIjoiaHR0cHM6Ly9kZXYubmRobS5nb3YuaW4vYXV0aC9yZWFsbXMvY2VudHJhbC1yZWdpc3RyeSIsImF1ZCI6ImFjY291bnQiLCJzdWIiOiI5NTk5YmMwYi0yNWUwLTRiMzAtOWYxMC00NThmZTNhZjU4Y2EiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJTQlhfMDAwMDg4Iiwic2Vzc2lvbl9zdGF0ZSI6Ijk3MjcwZDVhLTVmZWEtNDUyMC05ZmExLTlkNmI5NDRjOTc1MyIsImFjciI6IjEiLCJhbGxvd2VkLW9yaWdpbnMiOlsiaHR0cDovL2xvY2FsaG9zdDo5MDA3Il0sInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJoaXUiLCJvZmZsaW5lX2FjY2VzcyIsImhlYWx0aElkIiwiaGlwIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsiU0JYXzAwMDA4OCI6eyJyb2xlcyI6WyJ1bWFfcHJvdGVjdGlvbiJdfSwiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsIm1hbmFnZS1hY2NvdW50LWxpbmtzIiwidmlldy1wcm9maWxlIl19fSwic2NvcGUiOiJvcGVuaWQgZW1haWwgcHJvZmlsZSIsImNsaWVudEhvc3QiOiIxMC4yMzMuNjguNTQiLCJjbGllbnRJZCI6IlNCWF8wMDAwODgiLCJlbWFpbF92ZXJpZmllZCI6' \
--header 'Content-Type: application/json' \
--header 'Cookie: TS011c04bd=01115a1c901474a7871a692193118c72ee3a085d96ab563265e7f20ded0f78e64561d4eeb28cfba639c619d8b59a1ba81ba3c1bcf8' \
--data-raw '{
  "value": "uD1h5NDO1g+6IqfJr6g6cpnqQgA3RyEu+LCyvyBjAeeIst2c55h3mEv+5t5Nm2LE366OoMFAIjQKvIND6f/xxxoMkJst/Nncb8zeiSDaoIk/dzN7e4IdAh9srTmNX6ReiJCzWppJnOMdmu6MvOQyDdvoeBx5hFlBEojcV8TMrUkaOgy1Qt7gKv8pDJtyHUlBBuvxXaxnzyuhCKgsnj2eD8Aor9uWAGCCzKU03du94BHZEOmvKqcXUqP8+utlWxxEPzF9xM1ct4zyEzq33fNutfwPcfmhYgaT1oN1kZ5u/AorkEzJSgCgWOIMH6ZDfSU5fpr/7SUECvlAOBNUwsq1dQ==",
  "authMode": "AADHAAR_OTP",
  "purpose": "CM_ACCESS",
  "requester": {
    "type": "PHR",
    "id": "IN040088"
  }
}'```

I get the error as ```{
    "error": {
        "code": 1401,
        "message": "Token with invalid access role"
    }
}``` , this is different then error getting earlier. Please help.

Manan · June 4, 2022, 6:31am

Hello.
What are different grant types? And where is it documented
I am trying the API for login via email and mobile flow and it is giving me token with invalid access role.
And I am calling the following API
https://dev.abdm.gov.in/cm/v1/apps/login/mobileEmail/auth-init

jdk2588 · June 10, 2022, 6:42am

Hello sudo,

I have PHR role to my clientId and clientSecret. It does not give me token errors anymore.

But when I try to login with

curl --location --request POST ‘https://dev.abdm.gov.in/cm/v1/apps/login/mobileEmail/auth-init’
–header ‘Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJBbFJiNVdDbThUbTlFSl9JZk85ejA2ajlvQ3Y1MXBLS0ZrbkdiX1RCdkswIn0.eyJleHAiOjE2NTQ4NDM2ODMsImlhdCI6MTY1NDg0MzA4MywianRpIjoiMGI1OTU0MWYtMTk3Mi00N2U0LWI1MzYtOTlhYWEwYTA1NGQ4IiwiaXNzIjoiaHR0cHM6Ly9kZXYubmRobS5nb3YuaW4vYXV0aC9yZWFsbXMvY2VudHJhbC1yZWdpc3RyeSIsImF1ZCI6ImFjY291bnQiLCJzdWIiOiI5NTk5YmMwYi0yNWUwLTRiMzAtOWYxMC00NThmZTNhZjU4Y2EiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJTQlhfMDAwMDg4Iiwic2Vzc2lvbl9zdGF0ZSI6IjVmOTUyYmExLTA5MmEtNGJmNC04M2E…’
–header ‘Content-Type: application/json’
–data-raw ‘{
“value”: “XYo4WSGEko5jcYYRCcY0Hs6LbGFNodyuCvwigllKUvFdBMMBnI4DjshbB4CeVVbTmmW7T7dUNhTYdd7IGYcHIIWi3GSX7w8fg1vvah/z1te1+o2Kb6zm7jvMgYp+FsBPrvOmQIbRaIXlO+lQxWQ240/ElRdO/BZ7ftgBbm7nFigh1O12tzKIVSADdOPxDUe3/fmQBGvV7PTN3ZnjfcHcL0NPTL849Ye1l0VMc8otF09rZo+7RwkU3qiHckOvrXRVDrLX6dfKm2A/3Rwl4sYdG/ZSbz2WyOBoXdRUsSn6R1pVV91JcPWpcWly4+FdGDK95eeEutc37qq87XBADcJ3JA==”,
“authMode”: “MOBILE_OTP”,
“purpose”: “CM_ACCESS”,
“requester”: {
“type”: “PHR”,
“id”: “<client_id>”
}
}’

I am passing my client_id for requester id, getting 200 OK but do not have any transaction Id to begin the login process.

I believe correct PHR ID or requester.id to be passed.
From where can I get the PHR id or “requester” ID? Please suggest.

Thanks

AyushAgarwal · November 18, 2022, 12:59pm

Hi,

How do you encrypt the value parameter in this API?
https://dev.abdm.gov.in/cm/v1/apps/login/mobileEmail/auth-init’

Is there any api provided or any mechanism we have to follow?