Fetch Documents from Digilocker via DigiLocker API - Sandbox Financial Technologies Private Limited

Initiate Session

To begin the DigiLocker workflow, your application must first initiate a session using the Initiate Session endpoint.This endpoint initializes the consent process and returns essential details for user authorization.

cURL Request

    curl --request POST \
      --url https://api.sandbox.co.in/kyc/digilocker/sessions/init \
      --header 'Authorization: <authorization>' \
      --header 'Content-Type: application/json' \
      --header 'x-api-key: <x-api-key>' \
      --data '{
      "@entity": "in.co.sandbox.kyc.digilocker.session.request",
      "flow": "signin",
      "doc_types": [
        "aadhaar",
        "pan"
      ],
      "redirect_url": "https://sandbox.co.in"
    }'

When the session is created successfully, you’ll receive:

session_id

string

required

A unique identifier used to track and fetch status for this specific DigiLocker consent session.

authorization_url

string

required

The URL where the user should be redirected to grant consent for sharing their DigiLocker documents.

Redirect the User to DigiLocker

Once the session is initiated, redirect the user to the authorization_url.At DigiLocker, the user will:

Authenticate using their DigiLocker account
Review permissions
Grant consent for your application to access their documents

This authorization step is mandatory before any document can be fetched.

Handle Session Success and Failure

You can determine whether the user consented by periodically call the
Session Status API using the session_id.

cURL Request

    curl --request GET \
      --url https://api.sandbox.co.in/kyc/digilocker/sessions/{session_id}/status \
      --header 'Authorization: <authorization>' \
      --header 'x-api-key: <x-api-key>'

Fetch Documents

Once the session status is succeeded, you may proceed to retrieve the user’s DigiLocker documents using the Fetch Document API.

cURL Request

curl --request GET \
--url https://api.sandbox.co.in/kyc/digilocker/sessions/{session_id}/documents/{doc_type} \
--header 'Authorization: <authorization>' \
--header 'x-api-key: <x-api-key>'