Key Manager Service (Private)
This service in MOSIP are used for operations related to key management and interaction with SoftHSM or RealHSM for key generation.
POST /generateCSR
This service will generate CSRs for a MOSIP application.
https://{base_url}/v1/keymanager/generateCSR
Resource details
Resource Details
Description
Request Part Parameters
Name
Required
Description
Example
ID of the MOSIP Application for which we want to generate the CSR
The fully qualified domain name (FQDN) of your server.
The two-letter ISO code for the country where your organization is location.
The state/region where your organization is located.
The city where your organization is located.
The legal name of your organization. This should not be abbreviated and should include suffixes such as Inc, Corp, or LLC.
The division of your organization handling the certificate.
Success Response
Response Code : 200 (OK)
Failure Response
Response Code : 200 (OK)
POST /generateMasterKey/{objectType}
This service will generate master keys for a MOSIP application.
https://{base_url}/v1/keymanager/generateMasterKey/{objectType}
Resource details
Resource Details
Description
Path Parameters
Name
Required
Description
Example
Object Type can be Response Type Certificate or CSR
Request Part Parameters
Name
Required
Description
Example
ID of the MOSIP Application for which we want to generate the Master Key
The fully qualified domain name (FQDN) of your server.
The two-letter ISO code for the country where your organization is location.
The state/region where your organization is located.
The city where your organization is located.
The legal name of your organization. This should not be abbreviated and should include suffixes such as Inc, Corp, or LLC.
The division of your organization handling the certificate.
ID of the Machine or Partner for whom the Key is getting generated
Force attribute will force key rotation.
Success Response
Response Code : 200 (OK)
Error Response
Response Code : 200 (OK)
GET /getCertificate
This service will retrieve a certificate using the application id and reference id.
https://{base_url}/v1/keymanager/getCertificate?applicationId={application_id}&referenceId={reference_id}
Resource details
Resource Details
Description
Query Parameters
Name
Required
Description
Example
ID of the MOSIP Application for which we want to fetch the certificate
ID of the Machine or Partner for whom we want to fetch the certificate
Request Part Parameters
-NA-
-NA-
Success Response
Response Code : 200 (OK)
Error Response
Response Code : 200 (OK)
Failure Details
ApplicationId not found in Key Policy
Required String parameter 'applicationId' is not present
Key Generation Process is not completed.
POST /uploadCertificate
This service will be used to upload a certificate.
https://{base_url}/v1/keymanager/uploadCertificate
Resource details
Resource Details
Description
Request Part Parameters
Name
Required
Description
Example
ID of the MOSIP Application for which we want to fetch the certificate
ID of the Machine or Partner for which we want to upload the certificate
Success Response
Response Code : 200 (OK)
Error Response
Response Code : 200 (OK)
Failure Details
ApplicationId not found in Key Policy
Required String parameter 'applicationId' is not present
Key Generation Process is not completed.
Certificate Parsing Error.
POST /uploadOtherDomainCertificate
This service will be used to upload a certificate which is of other domains with in MOSIP system.
https://{base_url}/v1/keymanager/uploadOtherDomainCertificate
Resource details
Resource Details
Description
Request Part Parameters
Name
Required
Description
Example
ID of the MOSIP Application for which we want to fetch the certificate
ID of the Machine or Partner for which we want to upload the certificate
Success Response
Response Code : 200 (OK)
Error Response
Response Code : 200 (OK)
Failure Details
ApplicationId not found in Key Policy
Required String parameter 'applicationId' is not present
Key Generation Process is not completed.
Certificate Parsing Error.
Crypto Manager (Private)
POST v1/cryptomanager/encrypt
This service will encrypt provided plain string data with session symmetric key and encrypt symmetric key with application specific public key based on given timestamp(current timestamp of encryption). This will respond combined encrypted data and symmetric key having a key splitter.
https://{base_url}/v1/cryptomanager/encrypt
Resource details
Resource Details
Description
Success Response
Response Code : 200 (OK)
POST v1/cryptomanager/decrypt
This service will decrypt encryted data along with symmetric key having splitter for given timestamp(encryption timestamp).
https://mosip.io/v1/cryptomanager/decrypt
Resource details
Resource Details
Description
Success Response
Response Code : 200 (OK)
Error Response
Response Code : 200 (OK)
Failure details
Error Code
Error Message
Error Description
No Such algorithm is supported
No Such algorithm is supported
data sent to decrypt is without key splitter or invalid
invalid data without key breaker
should not be null or empty
cannot connect to keymanager service
cannot connect to key manager service
Keymanager Service has replied with following error
Error occur while parsing error from response
timestamp should be in ISO 8601 format yyyy-MM-ddTHH::mm:ss.SZ
License Key Manager (Private)
MISPs call the IDA to authenticate the Individuals. There can be various service calls such as Demographic, biometric based authentications. Each service calls have the permission associated. When a service call comes to the IDA, a request is sent to the Kernel module to retrieve the permissions for the License Key.
This service facilitates generation of license key, mapping the license key to several permissions, and fetch permissions mapped to a license key.
License Key Generation
This component generates a license key for a specified MISP ID.
POST /license/generate
https://mosip.io/v1/licensekeymanager/license/generate
Resource details
Resource Details
Description
Request Part Parameters
Name
Required
Description
Default Value
Example
The time at which the license will expire
The MISP ID against which the license key generated will be mapped
Success Response
Description: license key generated successfully
Response Code : 200 (OK)
POST /license/permission
This component maps various permissions provided to a specified license key.
https://mosip.io/v1/licensekeymanager/license/permission
Resource details
Resource Details
Description
Request Part Parameters
Name
Required
Description
Default Value
Example
The license key to which the permissions will be mapped
The MISP ID against which the license key is mapped
The list of permissions that will be mapped to the MISP-licensekey mentioned.
Success Response
Description: license key permission updated successfully
Response Code : 200 (OK)
GET /license/permission
This component fetches various permission mapped to a license key.
https://mosip.io/v1/licensekeymanager/license/permission
Resource details
Resource Details
Description
Request Part Parameters
Name
Required
Description
Default Value
Example
The license key for which the permissions need to be fetched
The MISP ID against which the license key is mapped
https://mosip.io/v1/licensekeymanager/license/permission?licenseKey=gR7Mw7tA7S7qifkf&MISPId=9837
Success Response
Description: license key permissions fetched successfully
Response Code : 200 (OK)
PUT /license/status
This service moves the status of the license key to SUSPENDED status.
https://mosip.io/v1/licensekeymanager/license/status
Resource details
Resource Details
Description
Request Part Parameters
Name
Required
Description
Default Value
Example
The license key for which the permissions need to be fetched
The status of the license key. It is an enumeration {ACTIVE, SUSPENDED, BLOCKED}
Success Response
Description: license key suspended successfully
Response Code : 200 (OK)
Failure Response
Description: Invalid license key
Response Code : 200 (OK)
Failure details
Error Code
Error Message
Error Description
TSP entered is null or empty
The length of license key generated was not of the specified length
Invalid generated license key
Permission value entered is not accepted
Not acceptable permission
License Key entered is null or empty.
Permission entered is an empty string.
Expiry DateTime should be ahead of current DateTime.
No Permissions has been mapped to the entered TSP-LicenseKey Pair.
Crypto Signature Service (Private)
POST v1/signature/sign
This service will sign provided plain string data.
https://mosip.io/v1/signature/sign
Resource details
Resource Details
Description
Success Response
Response Code : 200 (OK)
POST v1/signature/validate
This service will decrypt encryted data along with symmetric key having splitter for given timestamp(encryption timestamp).
https://mosip.io/v1/signature/validate
Resource details
Resource Details
Description
Success Response
Description: decrypt encryted data along with symmetric key having splitter
Response Code : 200 (OK)
Error Response
Response Code : 200 (OK)
Failure details
Error Code
Error Message
Error Description
While passing Invalid input request
While sign response in not valid
SMS Notification (Private)
This service will send request to SMS gateway.
https://mosip.io/v1/smsnotifier/sms/send
Resource details
Resource Details
Description
Request Part Parameters
Name
Required
Description
Default Value
Example
This is the sample SMS message
Mobile number to which the SMS have to be sent
Success Response
Description: sms send successfully
Response Code : 200 (OK)
Error Response
Response Code : 200 (OK)
Failure details
Error Code
Error Message
Error Description
Number and message can't be empty, null
Contact number cannot contains alphabet,special character or less than or more than
SMS Invalid Contact Number
Email Notification (Private)
POST /email/send
This service will send request to Email/SMTP Service.
https://dev.mosip.io/v1/emailnotifier/email/send
Resource details
Resource Details
Description
Request Part Parameters
Name
Required
Description
Default Value
Example
Success Response
Description: sms send successfully
Response Code : 200 (OK)
Error Response
Response Code : 200 (OK)
Failure details
Error Code
Error Message
Error Description
To must be valid. It can't be empty or null.
Receiver Address not found
Subject must be valid. It can't be empty or null.
Content must be valid. It can't be empty or null.
Mail Authentication Exception Code
This service will return unused UIN from UIN pool
https://mosip.io/v1/uingenerator/uin
Resource details
Resource Details
Description
Request Part Parameters
Name
Required
Description
Default Value
Example
N/A
Success Response
Description: uin generated successfully
Response Code : 200 (OK)
This service will update the issued UN status to Assigned or Unassigned(Unused).
https://mosip.io/v1/uingenerator/uin
Resource details
Resource Details
Description
Request Part Parameters
Name
Required
Description
Default Value
Example
Success Response
Description: uin status updated successfully
Response Code : 200 (OK)
Error Response
Response Code : 200 (OK)
Failure details
Error Code
Error Message
Error Description
Given UIN status not found
Given UIN is not in ISSUED status
Error in retrieving from config server
Config Server Fetch failed
RID generator (Private)
GET /v1/ridgenerator/generate/rid/{centerid}/{machineid}
This service returns a RID for the requested CenterID and MachineID.
https://mosip.io/v1//generate/rid/{centerid}/{machineid}/
Resource details
Resource Details
Description
Request Part Parameters
Name
Required
Description
Default Value
Example
Machineid of registration
Success Response
Error Response
Response Code : 200 (OK)
Failure details
Error Code
Error Message
Error Description
Input length is not valid
Timestamp length should be greater than zero
Invalid CenterID or MachineID Timestamp Length
Error occured while fetching rid
Error occured while storing rid
Sequence length should be greater than zero
Invalid SEQ_Length Exception
HTTP Message Not Readable
Static Token generator (Private)
GET tokenidgenerator/{uin}/{partnercode}
This service returns a static token for the requested UIN and Partner ID. It will return the same Static Token for every call made with the same UIN and Partner ID.
https://mosip.io/v1/tokenidgenerator/{uin}/{partnercode}/
Resource details
Resource Details
Description
Request Part Parameters
Name
Required
Description
Default Value
Example
Success Response
Description: token id generated successfully
Response Code : 200 (OK)
Failure Response
Description: Invalid parameters
Response Code : 200 (OK)
Failure details
Error Code
Error Message
Error Description
UIN and partner code cannot be empty
Empty UIN or PARTNERCODE Exception
Audit Manager (Private)
Audits are events/transactions which need to be captured and stored to facilitate auditing. This data could further be used for reporting by the business.
This includes auditing various event types like System events (Periodic scans), Business events/transactions (Change in demo data), Security Events etc.
The Audit Manager component will receive a request to audit and store data, validate the request is from an authorized source, securely store the requested data and respond back with an acknowledgement of storage (Success/Failure). This component will also ensure non-auditable data is not stored.
It will also ensure audit data stored is archived based on the defined archival policy.
https://mosip.io/v1/auditmanager/audits
Resource details
Resource Details
Description
Request Part Parameters
Name
Required
Description
Default Value
Example
Success Response
Description: audit request completed successfully
Response Code : 200 (OK)
Error Response
Response Code : 200 (OK)
Failure details
Error Code
Error Message
Error Description
Invalid Audit Request. Required parameters must be present
Invalid Audit Request. Format is incorrect.
Applicant type (Public)
These set of services does various operations regarding the applicant type.
GET /applicanttype/getApplicantType
This service finds the Applicant type for the combination of Individual type code,Gender code ,DOB ,Biometric available and Language code. If there is a combination entry exists for these combinations, the corresponding Applicant Type code is returned.
https://mosip.io/v1/applicanttype/getApplicantType
Resource details
Resource Details
Description
Request Part Parameters
Name
Required
Description
Default Value
Example
The code of the individual type
Date of birth in UTC standard ISO8601 format
Is the biometric details available
Language code in ISO 639-2 standard
Success Response
Description: applicant type code fetched successfully
Response Code : 200 (OK)
Failure Response
Response Code : 200 (OK)
Failure details
Error Code
Error Message
Error Description
Applicant Type data does not exist
One or more input parameter is invalid or does not exist
OTP Manager (Private)
This component facilitates generation of OTP for various purposes. EG: Login in Pre-registration
The OTP Generator component will receive a request to generate OTP, validate if the OTP generation request is from an authorized source, call OTP generator API with the input parameters (Key), receive the OTP from the OTP generator API which is generated based on the OTP generation policy and respond to the source with the OTP.
The OTP Generator can also reject a request from a blocked/frozen account and assign a validity to each OTP that is generated, based on the defined policy
POST /generate
Resource details
Resource Details
Description
Name
Required
Description
Default Value
Example
v1/otpmanager/otp/generate
Success Response
Response Code : 200 (OK)
Failure Response
Response Code : 200 (OK)
This component facilitates basic validation of an OTP.
This includes: Receiving a request for OTP validation with required input parameters (Key), Validating the pattern of OTP generated based on defined policy, validating if the OTP is active/inactive and responding to the source with a response (Valid/Invalid)
This component also facilitates deletion of every successfully validated OTP when consumed and freezing an account for exceeding the number of retries/wrong input of OTP.
GET /validate
Resource details
Resource Details
Description
Name
Required
Description
Default Value
Example
v1/otpmanager/validate?key=9820173642&otp=123456
Response Code : 200 (OK)
Failure details
Error Code
Error Message
Error Description
Key length should be in the range of 3-64.
Key can't be empty or null.
Length of key should be in the range of 3-64.
OTP can't be empty or null.
OTP consists of only numeric characters. No other characters is allowed.
Validation can't be performed against this key. Generate OTP first.
HTTP Message Not Readable Exception
Http Message Not Readable
Invalid key or algorithm found
