Kernel APIs
Notification APIs
ID Generator APIs
Key Manager Service (Private)
This service in MOSIP are used for operations related to key management and interaction with SoftHSM or RealHSM for key generation.
POST /generateCSR
This service will generate CSRs for a MOSIP application.
Resource URL
https://{base_url}/v1/keymanager/generateCSR
Resource details
Response format
JSON
Requires Authentication
No
Request Part Parameters
applicationId
Yes
ID of the MOSIP Application for which we want to generate the CSR
KERNEL
commonName
Yes
The fully qualified domain name (FQDN) of your server.
MOSIP
country
Yes
The two-letter ISO code for the country where your organization is location.
IN for India
state
Yes
The state/region where your organization is located.
KA
location
Yes
The city where your organization is located.
BANGALORE
organization
Yes
The legal name of your organization. This should not be abbreviated and should include suffixes such as Inc, Corp, or LLC.
IIITB
organizationUnit
Yes
The division of your organization handling the certificate.
MOSIP-TECH-CENTER
Request
Responses
Success Response
Response Code : 200 (OK)
Failure Response
Response Code : 200 (OK)
POST /generateMasterKey/{objectType}
This service will generate master keys for a MOSIP application.
Resource URL
https://{base_url}/v1/keymanager/generateMasterKey/{objectType}
Resource details
Response format
JSON
Requires Authentication
Yes
Path Parameters
objectType
Yes
Object Type can be Response Type Certificate or CSR
Request Part Parameters
applicationId
Yes
ID of the MOSIP Application for which we want to generate the Master Key
REGISTRATION
commonName
Yes
The fully qualified domain name (FQDN) of your server.
MOSIP
country
Yes
The two-letter ISO code for the country where your organization is location.
IN for India
state
Yes
The state/region where your organization is located.
KA
location
Yes
The city where your organization is located.
BANGALORE
organization
Yes
The legal name of your organization. This should not be abbreviated and should include suffixes such as Inc, Corp, or LLC.
IIITB
organizationUnit
Yes
The division of your organization handling the certificate.
MOSIP-TECH-CENTER
referenceId
No
ID of the Machine or Partner for whom the Key is getting generated
force
Yes
Force attribute will force key rotation.
true or false
Request
Responses
Success Response
Response Code : 200 (OK)
Error Response
Response Code : 200 (OK)
GET /getCertificate
This service will retrieve a certificate using the application id and reference id.
Resource URL
https://{base_url}/v1/keymanager/getCertificate?applicationId={application_id}&referenceId={reference_id}
Resource details
Response format
JSON
Requires Authentication
Yes
Query Parameters
applicationId
Yes
ID of the MOSIP Application for which we want to fetch the certificate
referenceId
No
ID of the Machine or Partner for whom we want to fetch the certificate
Request Part Parameters
-NA-
Request
-NA-
Responses
Success Response
Response Code : 200 (OK)
Error Response
Response Code : 200 (OK)
Failure Details
KER-KMS-002
ApplicationId not found in Key Policy
KER-KMS-005
Required String parameter 'applicationId' is not present
KER-KMS-012
Key Generation Process is not completed.
POST /uploadCertificate
This service will be used to upload a certificate.
Resource URL
https://{base_url}/v1/keymanager/uploadCertificate
Resource details
Response format
JSON
Requires Authentication
No
Request Part Parameters
applicationId
Yes
ID of the MOSIP Application for which we want to fetch the certificate
certificateData
Yes
The certificate data
referenceId
No
ID of the Machine or Partner for which we want to upload the certificate
Request
Responses
Success Response
Response Code : 200 (OK)
Error Response
Response Code : 200 (OK)
Failure Details
KER-KMS-002
ApplicationId not found in Key Policy
KER-KMS-005
Required String parameter 'applicationId' is not present
KER-KMS-012
Key Generation Process is not completed.
KER-KMS-003
No unique alias is found
KER-KMS-013
Certificate Parsing Error.
POST /uploadOtherDomainCertificate
This service will be used to upload a certificate which is of other domains with in MOSIP system.
Resource URL
https://{base_url}/v1/keymanager/uploadOtherDomainCertificate
Resource details
Response format
JSON
Requires Authentication
No
Request Part Parameters
applicationId
Yes
ID of the MOSIP Application for which we want to fetch the certificate
certificateData
Yes
The certificate data
referenceId
No
ID of the Machine or Partner for which we want to upload the certificate
Request
Responses
Success Response
Response Code : 200 (OK)
Error Response
Response Code : 200 (OK)
Failure Details
KER-KMS-002
ApplicationId not found in Key Policy
KER-KMS-005
Required String parameter 'applicationId' is not present
KER-KMS-012
Key Generation Process is not completed.
KER-KMS-003
No unique alias is found
KER-KMS-013
Certificate Parsing Error.
Crypto Manager (Private)
POST v1/cryptomanager/encrypt
This service will encrypt provided plain string data with session symmetric key and encrypt symmetric key with application specific public key based on given timestamp(current timestamp of encryption). This will respond combined encrypted data and symmetric key having a key splitter.
Resource URL
https://{base_url}/v1/cryptomanager/encrypt
Resource details
Response format
JSON
Requires Authentication
Yes
Request
Responses
Success Response
Response Code : 200 (OK)
POST v1/cryptomanager/decrypt
This service will decrypt encryted data along with symmetric key having splitter for given timestamp(encryption timestamp).
Resource URL
https://mosip.io/v1/cryptomanager/decrypt
Resource details
Response format
JSON
Requires Authentication
Yes
Request
Responses
Success Response
Response Code : 200 (OK)
Error Response
Response Code : 200 (OK)
Failure details
KER-CRY-001
No Such algorithm is supported
No Such algorithm is supported
KER-CRY-002
public key is invalid
public key is invalid
KER-CRY-003
data sent to decrypt is without key splitter or invalid
invalid data without key breaker
KER-CRY-003
or not base64 encoded
Invalid data
KER-CRY-004
should not be null or empty
Invalid request
KER-CRY-005
cannot connect to keymanager service
cannot connect to key manager service
KER-CRY-006
Keymanager Service has replied with following error
keymanager service error
KER-CRY-008
Error occur while parsing error from response
Response Parse Error
KER-CRY-007
timestamp should be in ISO 8601 format yyyy-MM-ddTHH::mm:ss.SZ
DateTime Parse Exception
KER-CRY-500
Internal server error
Internal server error
License Key Manager (Private)
MISPs call the IDA to authenticate the Individuals. There can be various service calls such as Demographic, biometric based authentications. Each service calls have the permission associated. When a service call comes to the IDA, a request is sent to the Kernel module to retrieve the permissions for the License Key.
This service facilitates generation of license key, mapping the license key to several permissions, and fetch permissions mapped to a license key.
License Key Generation
This component generates a license key for a specified MISP ID.
POST /license/generate
Resource URL
https://mosip.io/v1/licensekeymanager/license/generate
Resource details
Response format
JSON
Requires Authentication
Yes
Request Part Parameters
licenseExpiryTime
Yes
The time at which the license will expire
2019-03-07T10:00:00.000Z
MISPId
Yes
The MISP ID against which the license key generated will be mapped
9837
Request
Responses
Success Response
Description: license key generated successfully
Response Code : 200 (OK)
POST /license/permission
This component maps various permissions provided to a specified license key.
Resource URL
https://mosip.io/v1/licensekeymanager/license/permission
Resource details
Response format
JSON
Requires Authentication
Yes
Request Part Parameters
licenseKey
Yes
The license key to which the permissions will be mapped
gR7Mw7tA7S7qifkf
MISPId
Yes
The MISP ID against which the license key is mapped
9837
permissions
Yes
The list of permissions that will be mapped to the MISP-licensekey mentioned.
OTP Trigger
Request
Responses
Success Response
Description: license key permission updated successfully
Response Code : 200 (OK)
GET /license/permission
This component fetches various permission mapped to a license key.
Resource URL
https://mosip.io/v1/licensekeymanager/license/permission
Resource details
Response format
JSON
Requires Authentication
Yes
Request Part Parameters
licenseKey
Yes
The license key for which the permissions need to be fetched
gR7Mw7tA7S7qifkf
MISPId
Yes
The MISP ID against which the license key is mapped
9837
Request
https://mosip.io/v1/licensekeymanager/license/permission?licenseKey=gR7Mw7tA7S7qifkf&MISPId=9837
Responses
Success Response
Description: license key permissions fetched successfully
Response Code : 200 (OK)
PUT /license/status
This service moves the status of the license key to SUSPENDED status.
Resource URL
https://mosip.io/v1/licensekeymanager/license/status
Resource details
Response format
JSON
Requires Authentication
Yes
Request Part Parameters
licenseKey
Yes
The license key for which the permissions need to be fetched
gR7Mw7tA7S7qifkf
status
Yes
The status of the license key. It is an enumeration {ACTIVE, SUSPENDED, BLOCKED}
ACTIVE
Request
Responses
Success Response
Description: license key suspended successfully
Response Code : 200 (OK)
Failure Response
Description: Invalid license key
Response Code : 200 (OK)
Failure details
KER-LKM-001
TSP entered is null or empty
Illegal TSP
KER-LKM-002
The length of license key generated was not of the specified length
Invalid generated license key
KER-LKM-003
Permission value entered is not accepted
Not acceptable permission
KER-LKM-004
LicenseKey Not Found.
LicenseKey Not Found
KER-LKM-005
LicenseKey Expired.
LicenseKey Expired
KER-LKM-006
License Key entered is null or empty.
Illegal license key
KER-LKM-007
Permission entered is an empty string.
Illegal Permission
KER-LKM-008
Expiry DateTime should be ahead of current DateTime.
Date expired
KER-LKM-009
No Permissions has been mapped to the entered TSP-LicenseKey Pair.
No Permissions mapped
Crypto Signature Service (Private)
POST v1/signature/sign
This service will sign provided plain string data.
Resource URL
https://mosip.io/v1/signature/sign
Resource details
Response format
JSON
Requires Authentication
Yes
Request
Responses
Success Response
Response Code : 200 (OK)
POST v1/signature/validate
This service will decrypt encryted data along with symmetric key having splitter for given timestamp(encryption timestamp).
Resource URL
https://mosip.io/v1/signature/validate
Resource details
Response format
JSON
Requires Authentication
Yes
Request
Responses
Success Response
Description: decrypt encryted data along with symmetric key having splitter
Response Code : 200 (OK)
Error Response
Response Code : 200 (OK)
Failure details
KER-CSS-999
Invalid request input
While passing Invalid input request
KER-CSS-101
Validation Unsuccessful
While sign response in not valid
KER-CSS-102
Internal server error
Internal server error
SMS Notification (Private)
POST /sms/send
This service will send request to SMS gateway.
Resource URL
https://mosip.io/v1/smsnotifier/sms/send
Resource details
Request format
JSON
Response format
JSON
Requires Authentication
Yes
Request Part Parameters
message
Yes
Message in the SMS
This is the sample SMS message
number
Yes
Mobile number to which the SMS have to be sent
743764398
Request
Responses
Success Response
Description: sms send successfully
Response Code : 200 (OK)
Error Response
Response Code : 200 (OK)
Failure details
KER-NOS-001
Number and message can't be empty, null
SMS Illegal Input
KER-NOS-002
Contact number cannot contains alphabet,special character or less than or more than
SMS Invalid Contact Number
KER-NOS-500
Internal server error
Internal server error
Email Notification (Private)
POST /email/send
This service will send request to Email/SMTP Service.
Resource URL
https://dev.mosip.io/v1/emailnotifier/email/send
Resource details
Request format
Form Data
Response format
JSON
Requires Authentication
Yes
Request Part Parameters
mailTo
Yes
Mail ID of the recepient
mosip@gmail.com
mailCc
No
Mail ID of the recepient
mosip@gmail.com
mailSubject
Yes
Mail ID of the recepient
Sample mail subject
mailContent
No
Mail ID of the recepient
Sample mail content
attachments
No
Mail ID of the recepient
multipart/formdata
Request
Responses
Success Response
Description: sms send successfully
Response Code : 200 (OK)
Error Response
Response Code : 200 (OK)
Failure details
KER-NOE-001
To must be valid. It can't be empty or null.
Receiver Address not found
KER-NOE-002
Subject must be valid. It can't be empty or null.
Subject not found
KER-NOE-003
Content must be valid. It can't be empty or null.
Content not found
KER-NOE-004
Mail Send Exception Code
KER-NOE-005
Mail Authentication Exception Code
KER-NOE-006
Mail Exception Code
KER-NOE-999
Data not valid
Request Data not valid
KER-NOE-500
Internal Server Error
UIN (External)
GET /uin
This service will return unused UIN from UIN pool
Resource URL
https://mosip.io/v1/uingenerator/uin
Resource details
Response format
JSON
Requires Authentication
Yes
Request Part Parameters
-NA-
Request
N/A
Responses
Success Response
Description: uin generated successfully
Response Code : 200 (OK)
PUT /uin
This service will update the issued UN status to Assigned or Unassigned(Unused).
Resource URL
https://mosip.io/v1/uingenerator/uin
Resource details
Response format
JSON
Requires Authentication
Yes
Request Part Parameters
-NA-
Request
Responses
Success Response
Description: uin status updated successfully
Response Code : 200 (OK)
Error Response
Response Code : 200 (OK)
Failure details
KER-UIG-001
UIN could not be found
UIN could not be found
KER-UIG-003
Given UIN status not found
UIN Status not found
KER-UIG-004
Given UIN is not in ISSUED status
UIN Not Issued
KER-UIG-005
Internal Server Error
Internal Server Error
KER-UIG-006
Error in retrieving from config server
Config Server Fetch failed
RID generator (Private)
GET /v1/ridgenerator/generate/rid/{centerid}/{machineid}
This service returns a RID for the requested CenterID and MachineID.
Resource URL
https://mosip.io/v1//generate/rid/{centerid}/{machineid}/
Resource details
Response format
JSON
Requires Authentication
Yes
Request Part Parameters
centerid
Yes
Centerid of registration
-NA-
10002
machineid
Yes
Machineid of registration
-NA-
10032
Request
Responses
Success Response
Error Response
Response Code : 200 (OK)
Failure details
KER-RIG-002
Empty input entered
Empty Input Error Code
KER-RIG-003
Input length is not valid
Input length error code
KER-RIG-004
Timestamp length should be greater than zero
Invalid CenterID or MachineID Timestamp Length
KER-RIG-005
Error occured while fetching rid
RID Fetch Exception
KER-RIG-006
Error occured while storing rid
RID Update Exception
KER-RIG-007
Sequence length should be greater than zero
Invalid SEQ_Length Exception
KER-RIG-999
HTTP Message Not Readable
KER-RIG-500
Runtime Exception
Static Token generator (Private)
GET tokenidgenerator/{uin}/{partnercode}
This service returns a static token for the requested UIN and Partner ID. It will return the same Static Token for every call made with the same UIN and Partner ID.
Resource URL
https://mosip.io/v1/tokenidgenerator/{uin}/{partnercode}/
Resource details
Response format
JSON
Requires Authentication
Yes
Request Part Parameters
UIN
Yes
UIN of the individual.
-NA-
2345346532564566
partnercode
Yes
ID of the partner.
-NA-
9373
Request
Responses
Success Response
Description: token id generated successfully
Response Code : 200 (OK)
Failure Response
Description: Invalid parameters
Response Code : 200 (OK)
Failure details
KER-UIG-005
Internal Server Error
Internal Server Error
KER-TIG-010
UIN and partner code cannot be empty
Empty UIN or PARTNERCODE Exception
KER-RIG-500
Runtime Exception
Audit Manager (Private)
Audits are events/transactions which need to be captured and stored to facilitate auditing. This data could further be used for reporting by the business.
This includes auditing various event types like System events (Periodic scans), Business events/transactions (Change in demo data), Security Events etc.
The Audit Manager component will receive a request to audit and store data, validate the request is from an authorized source, securely store the requested data and respond back with an acknowledgement of storage (Success/Failure). This component will also ensure non-auditable data is not stored.
It will also ensure audit data stored is archived based on the defined archival policy.
POST /audits
Resource URL
https://mosip.io/v1/auditmanager/audits
Resource details
Response format
JSON
Requires Authentication
Yes
Request Part Parameters
eventId
Yes
ID of the event
eventName
Yes
Name of the event
Periodic Scan
eventType
Yes
Type of the event
System Event
actionTimeStamp
Yes
Timestamp of the event
2018-10-04T05:57:20.929Z
hostName
Yes
Hostname
Hostname
hostIp
Yes
IP of the host
2018-10-04T05:57:20.929Z
applicationId
Yes
ID of the Application
1
applicationName
Yes
Name of the event
Registration
sessionUserId
Yes
Session User Id
sessionUserName
Yes
Session User name
id
Yes
ID
15426388761562
idType
Yes
ID Type
Unique Id
createdBy
Yes
Actor of the event
moduleName
No
Name of the module
Schedulor
moduleId
No
ID of the module
SCHE93
description
No
Description of the event
Example description
Request
Responses
Success Response
Description: audit request completed successfully
Response Code : 200 (OK)
Error Response
Response Code : 200 (OK)
Failure details
KER-AUD-001
Invalid Audit Request. Required parameters must be present
Handler Exception
KER-AUD-002
Invalid Audit Request. Format is incorrect.
Invalid Format
KER-AUD-500
Internal server error
Internal server error
Applicant type (Public)
These set of services does various operations regarding the applicant type.
GET /applicanttype/getApplicantType
This service finds the Applicant type for the combination of Individual type code,Gender code ,DOB ,Biometric available and Language code. If there is a combination entry exists for these combinations, the corresponding Applicant Type code is returned.
Resource URL
https://mosip.io/v1/applicanttype/getApplicantType
Resource details
Response format
JSON
Requires Authentication
Yes
Request Part Parameters
individualTypeCode
Yes
The code of the individual type
-NA-
INDTYP_002
genderCode
Yes
The code of the Gender.
-NA-
ML
dateofbirth
Yes
Date of birth in UTC standard ISO8601 format
-NA-
2008-10-04T05:00:00.000Z
biometricAvailable
No
Is the biometric details available
-NA-
true
languagecode
Yes
Language code in ISO 639-2 standard
-NA-
eng
Request
Responses
Success Response
Description: applicant type code fetched successfully
Response Code : 200 (OK)
Failure Response
Response Code : 200 (OK)
Failure details
KER-MSD-147
Applicant Type data does not exist
No Application Found
KER-MSD-148
One or more input parameter is invalid or does not exist
Invalid Request
OTP Manager (Private)
OTP Generator
This component facilitates generation of OTP for various purposes. EG: Login in Pre-registration
The OTP Generator component will receive a request to generate OTP, validate if the OTP generation request is from an authorized source, call OTP generator API with the input parameters (Key), receive the OTP from the OTP generator API which is generated based on the OTP generation policy and respond to the source with the OTP.
The OTP Generator can also reject a request from a blocked/frozen account and assign a validity to each OTP that is generated, based on the defined policy
Resource URL
POST /generate
Resource details
Response format
JSON
Requires Authentication
Yes
Parameters
key
Yes
Key
9820173642
Request
v1/otpmanager/otp/generate
Response
Success Response
Response Code : 200 (OK)
Failure Response
Response Code : 200 (OK)
OTP Validator
This component facilitates basic validation of an OTP.
This includes: Receiving a request for OTP validation with required input parameters (Key), Validating the pattern of OTP generated based on defined policy, validating if the OTP is active/inactive and responding to the source with a response (Valid/Invalid)
This component also facilitates deletion of every successfully validated OTP when consumed and freezing an account for exceeding the number of retries/wrong input of OTP.
Resource URL
GET /validate
Resource details
Response format
JSON
Requires Authentication
Yes
Parameters
key
Yes
Key
9820173642
otp
Yes
OTP
123456
Request
v1/otpmanager/validate?key=9820173642&otp=123456
Response
Response Code : 200 (OK)
Failure details
KER-OTG-001
Key length should be in the range of 3-64.
Illegal Key Input
KER-OTV-001
Key can't be empty or null.
Invalid Key Input
KER-OTV-002
Length of key should be in the range of 3-64.
Illegal Key Input
KER-OTV-003
OTP can't be empty or null.
Invalid OTP Input
KER-OTV-004
OTP consists of only numeric characters. No other characters is allowed.
Ileegal OTP Input
KER-OTV-005
Validation can't be performed against this key. Generate OTP first.
key not found
KER-OTV-500
Internal server error
Internal server error
KER-OTV-999
HTTP Message Not Readable Exception
Http Message Not Readable
KER-OTG-002
Crypto failure
Crypto failure
KER-OTG-003
Invalid key or algorithm found
Algorithm Failure
KER-OTG-004
IO exception found
IO Failure
Last updated