DigiLocker Access Token — Complete Authorization

Exchange the authorization code for a DigiLocker access token. Required to fetch user documents after consent is granted.

curl -X POST "https://production.deepvue.tech/v1/kyc/digilocker/access-token" \
  -H "Content-Type: application/json" \
  -H "x-api-key: YOUR_API_KEY" \
  -H "client-id: YOUR_API_KEY" \
  -d '{
  "consent": "example_string",
  "purpose": "example_string",
  "initial_deepvue_transaction_id": "example_string",
  "digilocker_code": "example_string"
}'

import requests
import json

url = "https://production.deepvue.tech/v1/kyc/digilocker/access-token"
headers = {
  "Content-Type": "application/json",
  "x-api-key": "YOUR_API_KEY",
  "client-id": "YOUR_API_KEY"
}
data = {
  "consent": "example_string",
  "purpose": "example_string",
  "initial_deepvue_transaction_id": "example_string",
  "digilocker_code": "example_string"
}

response = requests.post(url, headers=headers, json=data)
print(response.json())

const response = await fetch("https://production.deepvue.tech/v1/kyc/digilocker/access-token", {
  method: "POST",
  headers: {
  "Content-Type": "application/json",
  "x-api-key": "YOUR_API_KEY",
  "client-id": "YOUR_API_KEY"
},
  body: JSON.stringify({
  "consent": "example_string",
  "purpose": "example_string",
  "initial_deepvue_transaction_id": "example_string",
  "digilocker_code": "example_string"
})
});

const data = await response.json();
console.log(data);

package main

import (
    "fmt"
    "net/http"
    "bytes"
    "encoding/json"
)

func main() {
    data := []byte(`{
  "consent": "example_string",
  "purpose": "example_string",
  "initial_deepvue_transaction_id": "example_string",
  "digilocker_code": "example_string"
}`)

    req, err := http.NewRequest("POST", "https://production.deepvue.tech/v1/kyc/digilocker/access-token", bytes.NewBuffer(data))
    if err != nil {
        panic(err)
    }

    req.Header.Set("Content-Type", "application/json")
    req.Header.Set("x-api-key", "YOUR_API_KEY")
    req.Header.Set("client-id", "YOUR_API_KEY")

    client := &http.Client{}
    resp, err := client.Do(req)
    if err != nil {
        panic(err)
    }
    defer resp.Body.Close()

    fmt.Println("Response Status:", resp.Status)
}

require 'net/http'
require 'json'

uri = URI('https://production.deepvue.tech/v1/kyc/digilocker/access-token')
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true

request = Net::HTTP::Post.new(uri)
request['Content-Type'] = 'application/json'
request['x-api-key'] = 'YOUR_API_KEY'
request['client-id'] = 'YOUR_API_KEY'
request.body = '{
  "consent": "example_string",
  "purpose": "example_string",
  "initial_deepvue_transaction_id": "example_string",
  "digilocker_code": "example_string"
}'

response = http.request(request)
puts response.body

{
  "code": 200,
  "timestamp": 1766069383550,
  "transaction_id": "b07f6adc78b2467d9813980ce7baafea",
  "sub_code": "SUCCESS",
  "message": "Access Token generated successfully from Digilocker.",
  "data": {
    "expires_in": 3600,
    "consent_valid_till": "1768674599",
    "digilockerid": "2d6275fa-3b64",
    "name": "John Doe",
    "dob": "19011994",
    "gender": "M",
    "eaadhaar": "Y",
    "mobile": "9191993245"
  }
}

{
  "code": 400,
  "timestamp": 1738183354983,
  "transaction_id": "your_transaction_id",
  "sub_code": "INVALID_GRANT",
  "message": "Authorization code doesn't exist or is invalid for the client"
}

POST

/v1/kyc/digilocker/access-token

POST

API Key (header: x-api-key)

x-api-keystring

Required

The CLIENT_SECRET provided to you. This header parameter is required for authentication purposes.

API Key (header: client-id)

client-idstring

Required

The CLIENT_ID provided to you. This header parameter is required for authentication purposes.

Content-Typestring

Required

The media type of the request body

Options: application/json

purposestring

Required

Indicates the purpose of the request for accessing the Digilocker API.

initial_deepvue_transaction_idstring

Required

Represents the unique identifier associated with the initial DeepVue transaction.

digilocker_codestring

Required

Specifies the code required for accessing Digilocker services.

Request Preview

Response

Response will appear here after sending the request

Authentication

header

x-api-keystring

Required

API Key for authentication. The CLIENT_SECRET provided to you. This header parameter is required for authentication purposes.

header

client-idstring

Required

API Key for authentication. The CLIENT_ID provided to you. This header parameter is required for authentication purposes.

Body

application/json

purposestring

Required

Indicates the purpose of the request for accessing the Digilocker API.

initial_deepvue_transaction_idstring

Required

Represents the unique identifier associated with the initial DeepVue transaction.

digilocker_codestring

Required

Specifies the code required for accessing Digilocker services.

Responses

codeinteger

timestampinteger

transaction_idstring

sub_codestring

messagestring

dataobject

expires_ininteger

consent_valid_tillstring

digilockeridstring

namestring

dobstring

genderstring

eaadhaarstring

mobilestring

codeinteger

timestampinteger

transaction_idstring

sub_codestring

messagestring

codeinteger

timestampinteger

transaction_idstring

sub_codestring

messagestring

codeinteger

timestampinteger

transaction_idstring

sub_codestring

messagestring

codeinteger

timestampinteger

transaction_idstring

sub_codestring

messagestring

detailstring

detailarray

locstring[]

msgstring

typestring

detailstring

Upon successful authentication, the response includes user information such as DigiLocker ID, name, date of birth, gender, e-Aadhaar availability, mobile number, and consent expiration timestamp. Access tokens remain active for 3600 seconds (one hour).

Was this page helpful?

Last updated 4 weeks ago