Skip to main content
POST
/
kyc
/
digilocker
/
sessions
/
init
Initiate session
curl --request POST \
  --url https://api.sandbox.co.in/kyc/digilocker/sessions/init \
  --header 'Authorization: <authorization>' \
  --header 'Content-Type: application/json' \
  --header 'x-api-key: <x-api-key>' \
  --data '
{
  "@entity": "in.co.sandbox.kyc.digilocker.session.request",
  "flow": "signin",
  "redirect_url": "https://developer.sandbox.co.in/",
  "doc_types": [
    "aadhaar"
  ],
  "options": {
    "verification_method": [
      "aadhaar"
    ],
    "pinless": true,
    "usernameless": true,
    "verified_mobile": "9999999999"
  },
  "consent_expiry": 1751975600361
}
'
{
  "code": 200,
  "timestamp": 1751975600361,
  "data": {
    "@entity": "in.co.sandbox.kyc.digilocker.session.response",
    "authorization_url": "https://digilocker.meripehchaan.gov.in/public/oauth2/1/authorize?response_type=code&client_id=IW55C7A3B0&state=e385432b-575c-4b6f-8928-79136dbc0d4f%7Cf1bd0342-cc1d-4051-8301-e8ee17e3a3c3%7Chttps%3A%2F%2Fdeveloper.sandbox.co.in%2F&code_verifier=ADlMHKsr~L8YIwLoIOGgwwRQoouE-m~Z9yu0KWstrsKrdAtUY2IkmOoDWZNn80_G&code_challenge=pnowXsaM5mBqNR3NfSfsaLBC2JYjoy2eRLOwKNVjFY8&code_challenge_method=S256&scope=files.issueddocs&redirect_uri=https%3A%2F%2Fdeveloper.sandbox.co.in%2F&pla=Y&dl_flow=signup&plsignup=Y&amr=driving_license%2Baadhaar%2Bpan%2Bemail%2Busername%2Bmobile%2Bother&verified_mobile=9004813042&req_doctype=PANCR%2CADHAR%2CDRVLC&consent_valid_till=1752061999",
    "session_id": "f1bd0342-cc1d-4051-8301-e8ee17e3a3c3"
  },
  "transaction_id": "a11c4e00-fae1-4092-a55f-b4f0be92ffeb"
}
https://mintcdn.com/sandboxfinancialtechnologiesprivatelimited/gviqebbpT5NUt_6i/static/svg/Postman.svg?fit=max&auto=format&n=gviqebbpT5NUt_6i&q=85&s=da47f2b7e10d87befec951aed9468de3

Run in Postman

Headers

Authorization
string
required

JWT access token. For token-generation steps, refer to the Quickstart Guide.

x-api-key
string
required

API key used to identify and authenticate the client.

x-api-version
string

Specifies the API version for the request.

Body

application/json
@entity
enum<string>
required
Available options:
in.co.sandbox.kyc.digilocker.session.request
flow
enum<string>
required

Authentication flow to initiate on DigiLocker. Use signin for existing users or signup to create a new DigiLocker account.

Available options:
signin,
signup
redirect_url
string<uri>
required

HTTPS URL where the user will be redirected after granting or denying DigiLocker consent. Must be a valid, publicly accessible URL.

Pattern: ^https://
doc_types
enum<string>[]
required

List of DigiLocker document types for which user consent is being requested.

Minimum array length: 1
Available options:
aadhaar,
pan,
driving_license
Minimum string length: 1
options
object

Configuration object controlling the DigiLocker authentication and sign-up user experience.

consent_expiry
integer

Unix epoch timestamp (milliseconds) after which the consent request expires. Must be at least 1 hour in the future.

Response

200 - application/json
code
integer
required
timestamp
integer
required
data
object
required
transaction_id
string
required