Aadhaar Database Verification Check

India Aadhaar Database Verification Check allows generating and verifying one-time passwords (OTP) over API.

The solution is available only via API.

Contact your solutions engineer for info and configuration.

Prerequisites

You have an integration set up with Veriff and configured by your Solutions Engineer
You have configured the decision webhook to get responses from Veriff (see the Webhooks section for info)
You know your end-user's Aadhaar identifier

Flow overview

Generate a verification session with POST /sessions[↗]
1. Minimal required payload in an empty verification object
2. Capture the session Id from the id field in the response
Make the POST sessions/{id}/mfa/generate[↗] call to generate the OTP for the end-user
Make the POST sessions/{id}/mfa/verify[↗] call to verify the OTP
You need to upload an end-user's selfie via POST /sessions/{sessionId}/media[↗], specifying the image.context as face
If both calls to POST sessions/{sessionId}/mfa endpoints are successful, update the session status to submitted via PATCH /sessions/{sessionId}[↗]
Veriff verifies the session and returns the result via decision webhook. You can also query data via GET sessions/{sessionId}/decision[↗] endpoint

Use via API

The solution uses two endpoints:

POST sessions/{id}/mfa/generate[↗] - to generate a MFA session and trigger the one-time password (OTP) generation for the end-user
POST sessions/{id}/mfa/verify[↗] - to submit the OTP

Requests to both endpoints may fail due to erroneous input data, issues with the registry, etc. If this happens, the response payload will return a reason string. You can find explanations of failed request reasons in the Aadhaar Database Verification Checks Reason Codes table.

Find decision and/or session related info

You can get the data from three sources:

Receive the decision webhook
Query the results via GET sessions/{sessionId}/decision
View the session in Veriff Customer Portal

Webhook payload

See the decision webhook payload for more info.

API call

You can query the GET sessions/{sessionId}/decision endpoint, see the GET sessions/{sessionId}/decision[↗] documentation for more info.

Veriff Customer Portal

You can find the verification session related info, including the decision, in the Veriff Customer Portal, under the Webhooks tab.

→ See Review verification in Veriff Customer Portal about how to view the session info in the Veriff Customer portal

Rate limits

Cap on OTP generation attempts per verification session

You can make up to three calls to generate/regenerate OTP via POST sessions/{id}/mfa/generate[↗] endpoint, using the same session Id path parameter.

The system will always generate an OTP for the identifier specified in the request parameter:

If you do not specify an identifier, you will see an error
If you specify a new identifier for the same session Id, the OTP is generated for the new identifier

Rate limiting on OTP generation frequency

To generate (or regenerate) OTP, you can call the POST sessions/{id}/mfa/generate[↗] endpoint once every 60 seconds. Calling the endpoint more frequently will result in error 429 - OTP_REQUEST_TOO_SOON.