Eko Platform Services Logo
    Open in ChatGPTOpen in ClaudeView as Markdown
    Get Postman CollectionDownload OpenAPI

    POSTAePS Cash Withdrawal

    Withdraw cash from any Aadhaar-linked bank account using biometric fingerprint authentication — no card or PIN required.

    POST/customer/collection/aeps-fingpay/cash-withdrawal/{customer_id}

    Allows a customer to withdraw cash from their bank account at an agent/BC point by providing their Aadhaar number and a live fingerprint scan. The agent's biometric device captures a PID XML blob which is passed verbatim to this API. The customer's Aadhaar is RSA-encrypted before transmission. Requires the agent to have completed AePS Fingpay activation, OTP-based eKYC, and the daily 2FA authentication for the current day.

    Path parameters

    customer_idstringRequired

    Customer's registered mobile number.

    example: 9876543210

    Body parameters

    initiator_idstringRequired

    Registered mobile number of the API user (see Platform Credentials).

    example: 9962981729

    user_codestringRequired

    User code of the retailer/agent the service is run for.

    example: 20810200

    client_ref_idstringoptional

    Unique reference id per API call, generated by your system.

    example: REQ-20260101-001

    bank_codestringRequired

    Bank IIN/IFS code identifying the customer's bank. Obtain from the bank list API.

    example: 607153

    amountnumberRequired

    Withdrawal amount in Indian Rupees (integer). Must be greater than 0 for cash withdrawal.

    example: 1000

    aadhaarstringRequired

    RSA-encrypted, Base64-encoded Aadhaar number. Encrypt the 12-digit Aadhaar using the Eko RSA public key with OPENSSL_SSLV23_PADDING, then Base64-encode the ciphertext.

    example: BASE64_ENCRYPTED_AADHAAR

    piddatastringRequired

    PID data captured from the UIDAI-certified biometric device, as a raw XML string. Must use Data type='X' (XML, not Protobuf). DeviceInfo must include the 'mc' (device certificate) parameter. fType must be 2.

    example: <?xml version='1.0'?><PidData><Data type='X'>...</Data><DeviceInfo mc='...' /></PidData>

    pipenumberRequired

    Routing pipe selector. Use 0 (default).

    example: 0

    notify_customernumberRequired

    Send SMS notification to the customer. 1 = yes, 0 = no.

    example: 1

    latlongstringRequired

    GPS coordinates of the transaction origin in 'latitude,longitude' format.

    example: 28.6139,77.2090

    source_ipstringRequired

    IP address of the merchant/agent system initiating the transaction.

    example: 103.56.78.90

    reference_idstringRequired

    2FA reference ID obtained from the Daily Authentication (daily eKYC) API. Required for every Cash Withdrawal transaction due to compliance 2FA mandate.

    example: DAKYC20240101001

    Headers

    developer_keystringRequired

    Static API key issued to your account after KYC.

    secret-keystringRequired

    Dynamic per-request signature: base64(HMAC-SHA256(timestamp, base64(access_key))).

    secret-key-timestampstringRequired

    Current time in milliseconds since UNIX epoch, used to compute secret-key. Must match server time.

    content-typestringRequired

    application/json

    example: application/json

    Responses

    • statusnumber

      Primary success indicator (0 = success).

    • messagestring

      Human-readable response / error message.

    • response_status_idnumber

      Granular status id; see the shared error-codes table.

    • response_type_idnumber

      A unique id for every possible response shape (success or error) — useful for client logic branching and analytics.

    • tx_statusstring

      Transaction state: 0=Success, 1=Fail, 2=Awaited, 3=Refund Pending, 4=Refunded, 5=On Hold.

    • txstatus_descstring

      Human-readable transaction status.

    • dataobject

      API-specific response payload.

      • tidstring

        Eko's internal transaction ID. Use for reconciliation and support queries.

      • amountnumber

        Withdrawal amount processed in the transaction (INR).

      • bank_namestring

        Name of the customer's bank where the debit occurred.

      • bank_ref_numstring

        Bank/NPCI reference number for the transaction.

      • balancestring

        Remaining balance in the customer's bank account after withdrawal, if returned by the bank.

      • aadhaar_ref_numstring

        Aadhaar authentication reference number from UIDAI.

      • service_typenumber

        Echo of the service_type from the request (2 for Cash Withdrawal).