Before you start
AadhaarAPI.com is the platform of Quagga Tech providing Aadhaar services. We provide APIs services of Aadhaar Authentication, eKYC and eSign. We provide a secure link between your website, server or Mobile app to access the Aadhaar services.
In this article, you will find step-by-step instructions to get on-board AadhaarAPI and find resources that can help you integrate it with your website/product. Remember, we are always just a click away on the support in case you come across a hurdle.
To Start On-boarding with AadhaarAPI.com for Access, Drop an email to firstname.lastname@example.org with following details to start services.
Company Registered address:
Company Authorized signatory Name:
Business POC/Representative Details
Technical POC/Representative Details
For Individual Registration
You need to send user/user agency signed and stamped service agreement. Please share above necessary details and accordingly we will share service agreement for sign.
After successful due diligence, your account will be activated.
SDK’s are accessible only when QT_API_KEY is sent as a header parameter with every request. The key can be regenerated or deleted from the dashboard.
In the case of SDK’s the API key should be added to the corresponding settings/resource file into your backend.
The authentication data is first encrypted at the client end and sent to our servers as part of a JSON request via provided our SDKs. This JSON request is then formatted at our end to construct the required XML using the request type. The constructed XML is then sent through secure channels (AUA & ASA) to UIDAI. The request is decrypted and validated by the UIDAI. If the user is Authenticated successfully using OTP/Biometric the requested data is returned. The data received at our end is then converted to JSON for easy consumption and sent back to the requester.
As per UIDAI regulations, Via Software development KIT (SDK) the SKEY, HMAC, and the PID XML which contains the biometric/OTP data gets encrypted and encoded on the client end before being sent to us. The PID XML and HMAC are encrypted using a random session key which in turn is then encrypted by the UIDAI public certificate. This data travels through secure SSL channels and cannot be decrypted by anyone other than UIDAI, thus keeping the whole transaction highly secure.
For more details on Aadhaar utilities, encryption and regulations to be followed, please visit UIDAI developer website.
|Error Message||Suggested Action|
|Invalid or missing QT_API_KEY|
|Agency is not ACTIVE yet||Agency is in an INACTIVE state in case of Pending documents or payment. Contact us!|
|400 Bad Request||In case of 400 error please check error JSON for parameter ‘message’ to get the exact reason.|
|Error Code 500 [IMP]||Note that UIDAI returns 500 error code for various reasons depending on the request type. Hence please check the message text for proper error.|
UIDAI has provided a dedicated page with guidelines for handling API errors within the application.| Go there