post https://staging.eko.in/ekoapi/v1/aeps/otp/verify
This api is used for otp validation
You need to encrypt the aadhaar before passing it as a parameter.
Aadhaar Encryption -
- Decode public key using base64 encoding technique. (public key for UAT and production are different)
- Compute RSA encrypted signature using decoded key and message.
- Encode encrypted signature with base64 encoding to send message on API.
Public Key for Aadhaar Encryption - (UAT)
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCaFyrzeDhMaFLx+LZUNOOO14Pj9aPfr+1WOanDgDHxo9NekENYcWUftM9Y17ul2pXr3bqw0GCh4uxNoTQ5cTH4buI42LI8ibMaf7Kppq9MzdzI9/7pOffgdSn+P8J64CJAk3VrVswVgfy8lABt7fL8R6XReI9x8ewwKHhCRTwBgQIDAQAB
public static String calculateRSA( String salt ) throws InvalidKeyException, Exception {
Cipher encryptCipher = Cipher.getInstance("RSA");
encryptCipher.init(Cipher.ENCRYPT_MODE, getPublicKey());
byte[] secretMessageBytes = salt.getBytes("UTF-8");
byte[] encryptedMessageBytes = encryptCipher.doFinal(secretMessageBytes);
String encodedMessage = Base64.encodeBase64String(encryptedMessageBytes);
return encodedMessage;
}
public static PublicKey getPublicKey() throws Exception {
String rawPublicKey = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCXa63O/UXt5S0Vi8DM/PWF4yugx2OcTVbcFPLfXmLm9ClEVJcRuBr7UDHjJ6gZgG/qcVez5r6AfsYl2PtKmYP3mQdbR/BjVOjnrRooXxwyio6DFk4hTTM8fqQGWWNm6XN5XsPK5+qD5Ic/L0vGrS5nMWDwjRt59gzgNMNMpjheBQIDAQAB";
byte[] keyBytes = Base64.decodeBase64(rawPublicKey);
X509EncodedKeySpec spec = new X509EncodedKeySpec(keyBytes);
KeyFactory kf = KeyFactory.getInstance("RSA");
return kf.generatePublic(spec);// generatePrivate(spec);
}
EKYC Steps -
- It is mandatory to use e-KYC OTP request, e-KYC OTP Verification and Biometric before AePS transaction.
Please make sure you use these APIs consecutively. - The whole process of e-KYC is to be done for every merchant just once.
- For both of these services, Daily authentication i.e. 2FA is mandatory and to be done everyday.
Response Error Codes
| ERROR CODES | MEANING | SOLUTION |
|---|---|---|
| 403 | Forbidden | Regenerate your secret key and timestamp or check if your service is activated or not |
| 500 | Internal Server Error | Check if your request url is correct or the parameters you're passing is correct according to the parameters mentioned above |
| 415 | Unsupported Media Type | Re-check the content/type of the request body. |