M
M
MOSIP Docs 1.2.0
Search…
Home
Overview
ID Lifecycle Management
ID Authentication
Privacy and Security
Biometrics
Partners
Modules
Administration
Automation Testing
Artifactory
Commons
Datashare
ID Authentication Services
ID Repository
Keycloak
Key Manager
Configurations
Packet Manager
Partner Management
Pre-registration
Reference Implementations
Registration Client
Registration Processor
Reporting
Resident Services
Resident Mobile Application
Persistence
WebSub
Technology Stack
Deployment
Country Implementation
Integrations
API
Community
Releases
MOSIP Documentation Style Guide
Documentation for 1.1.5
License
Powered By GitBook
ID Authentication Services

Overview

ID Authentication (IDA) module of MOSIP consists of the following services:
  1. 1.
    Authentication Services
  2. 2.
    OTP Service
  3. 3.
    Internal Services

Authentication Services

The services mentioned below are used by Authentication/e-KYC Partners.
  • Authentication service- used to authenticate an individual's UIN/VID using one ore more authentication types.
  • KYC Authentication service- used to request e-KYC for an individul's UIN/VID using one ore more authentication types.

OTP Request Service

OTP Request Service is used by Authentication/e-KYC Partners to generate OTP for an individual's UIN/VID. The generated OTP is stored in IDA DB for validation during OTP Authentication.

Internal Services

  1. 1.
    Internal Authentication Service - The authentication service used by internal MOSIP modules such as Resident Service, Registration Processor and Registration Client to authenticate individuals.
  2. 2.
    Internal OTP Service - used by Resident Service to generate OTP for an Individual for performing OTP Authentication.
  3. 3.
    Authentication Transaction History Service - used by Resident Service to retrieve paginated list of authentication and OTP Request transactions for an individual.

Credential issuance callback

  • ​ID Authentication uses credential data of the individuals for performing authentication.
  • This credential is requested by ID Repository upon any UIN insertion/update or VID creation.
  • The credential is created by Credential Service uploaded to Datashare service and the Datashare URL sent to ID-Authentication using WebSub message.
  • WebSub invokes the credential-issuance callback in ID Authentication where the credential data is downloaded from Datashare and then stored into IDA DB.

Key generation

ID Authentication needs the below keys to be generated during the deployment for usage in Authentication Service.
  1. 1.
    IDA IDENTITY_CACHE(K18) symmetric key to encrypt and decrypt the Zero-knowledge 10K random keys
  2. 2.
    IDA ROOT master key(K15)), IDA module master key(K16), IDA-SIGN master key
  3. 3.
    Base keys CRED_SERVICE(K22), IDA-FIR(K21), INTERNAL(K19), PARTNER(K20)

Authentication client demo app

This is a reference application to demonstrate how authentication and KYC can be performed by Authentication Partners.
Refer to the repository for more details.
Below is the sample authentication demo UI image.

Configuration

API

Source code

​Github repo.
Previous
Datashare
Next
ID Repository
Last modified 2mo ago
Export as PDF
Copy link
Edit on GitHub
Contents
Overview
Authentication Services
OTP Request Service
Internal Services
Credential issuance callback
Key generation
Authentication client demo app
Configuration
API
Source code