India Aadhaar Database Verification Check allows generating and verifying one-time passwords (OTP) over API.
The solution is available only via API.
Contact your solutions engineer for info and configuration.
Prerequisites
You have an integration set up with Veriff and configured by your Solutions Engineer
You have configured the decision webhook to get responses from Veriff (see the Webhooks section for info)
You know your end-user's Aadhaar identifier
Flow overview
Generate a verification session with POST /sessions[↗]
Minimal required payload in an empty
verification
objectCapture the session Id from the
id
field in the response
Make the POST sessions/{id}/mfa/generate[↗] call to generate the OTP for the end-user
Make the POST sessions/{id}/mfa/verify[↗] call to verify the OTP
You need to upload an end-user's selfie via POST /sessions/{sessionId}/media[↗], specifying the
image.context
asface
If both calls to POST sessions/{sessionId}/mfa endpoints are successful, update the session status to
submitted
via PATCH /sessions/{sessionId}[↗]Veriff verifies the session and returns the result via decision webhook. You can also query data via GET sessions/{sessionId}/decision[↗] endpoint
Use via API
The solution uses two endpoints:
POST sessions/{id}/mfa/generate[↗] - to generate a MFA session and trigger the one-time password (OTP) generation for the end-user
POST sessions/{id}/mfa/verify[↗] - to submit the OTP
Requests to both endpoints may fail due to erroneous input data, issues with the registry, etc. If this happens, the response payload will return a reason
string. You can find explanations of failed request reasons in the Aadhaar Database Verification Checks Reason Codes table.
Find decision and/or session related info
You can get the data from three sources:
Receive the decision webhook
Query the results via GET sessions/{sessionId}/decision
View the session in Veriff Customer Portal
Webhook payload
See the decision webhook payload for more info.
API call
You can query the GET sessions/{sessionId}/decision endpoint, see the GET sessions/{sessionId}/decision[↗] documentation for more info.
Veriff Customer Portal
You can find the verification session related info, including the decision, in the Veriff Customer Portal, under the Webhooks tab.
→ See Review verification in Veriff Customer Portal about how to view the session info in the Veriff Customer portal
Rate limits
Cap on OTP generation attempts per verification session
You can make up to three calls to generate/regenerate OTP via POST sessions/{id}/mfa/generate[↗] endpoint, using the same session Id path parameter.
The system will always generate an OTP for the identifier
specified in the request parameter:
If you do not specify an
identifier
, you will see an errorIf you specify a new
identifier
for the same session Id, the OTP is generated for the new identifier
Rate limiting on OTP generation frequency
To generate (or regenerate) OTP, you can call the POST sessions/{id}/mfa/generate[↗] endpoint once every 60 seconds. Calling the endpoint more frequently will result in error 429 - OTP_REQUEST_TOO_SOON
.