---
title: "AePS Fingpay — Daily Authentication (2FA) API Reference"
description: "Perform the mandatory daily biometric authentication that authorises an agent to carry out AePS transactions for the current calendar day."
canonical: "https://eps.eko.in/docs/aeps-daily-auth"
---


> **Canonical URL:** https://eps.eko.in/docs/aeps-daily-auth
> This is a machine-readable Markdown version of the page for AI agents and LLMs. The primary (HTML) version lives at the canonical URL above.

# AePS Fingpay — Daily Authentication (2FA) API Reference

`POST https://staging.eko.in/ekoapi/v3/customer/aeps/fingpay/kyc/daily`

Perform the mandatory daily biometric authentication that authorises an agent to carry out AePS transactions for the current calendar day.

AePS Fingpay requires every agent to authenticate themselves biometrically at the start of each working day. This daily 2FA must be completed before the first Cash Withdrawal transaction of the day (and is available only 3 or more days after the initial eKYC is completed). The API returns a `reference_id` that must be included in every subsequent Cash Withdrawal request as proof of daily authentication. Daily Auth does not need to be repeated for Balance Enquiry or Mini Statement within the same day.

> View product & pricing details: [AePS Cashout](https://eps.eko.in/products/aeps-api.md)

## Body parameters

| Field | Type | Required | Description |
| --- | --- | --- | --- |
| initiator_id | string | yes | Registered mobile number of the API user (see Platform Credentials). e.g. 9962981729 |
| user_code | string | yes | User code of the retailer/agent the service is run for. e.g. 20810200 |
| client_ref_id | string | no | Unique reference id per API call, generated by your system. e.g. REQ-20260101-001 |
| aadhaar | string | yes | RSA-encrypted, Base64-encoded Aadhaar number of the agent performing daily authentication. e.g. BASE64_ENCRYPTED_AADHAAR |
| piddata | string | yes | PID XML string from the UIDAI-certified biometric device (fType=2, Data type='X', mc in DeviceInfo). This represents the agent's own fingerprint, not the customer's. e.g. <?xml version='1.0'?><PidData><Data type='X'>...</Data><DeviceInfo mc='...' /></PidData> |
| latlong | string | yes | GPS coordinates of the agent's location at the time of daily authentication. e.g. 25.5941,85.1376 |
| source_ip | string | yes | IP address of the agent's terminal/system. e.g. 103.56.78.90 |

## Headers

| Field | Type | Required | Description |
| --- | --- | --- | --- |
| developer_key | string | yes | Static API key issued to your account after KYC. |
| secret-key | string | yes | Dynamic per-request signature: base64(HMAC-SHA256(timestamp, base64(access_key))). |
| secret-key-timestamp | string | yes | Current time in milliseconds since UNIX epoch, used to compute secret-key. Must match server time. |
| content-type | string | yes | application/json e.g. application/json |

## Response

⭐ marks fields highlighted as verifiable.

| Field | Type | Description |
| --- | --- | --- |
| status | number | Primary success indicator (0 = success). |
| message | string | Human-readable response / error message. |
| response_status_id | number | Granular status id; see the shared error-codes table. |
| response_type_id | number | A unique id for every possible response shape (success or error) — useful for client logic branching and analytics. |
| data | object | API-specific response payload. |
| data.reference_id ⭐ | string | Daily authentication reference ID. Pass this as the 'reference_id' parameter in every Cash Withdrawal request made during the current day. Valid for the current calendar day only. |
| data.auth_status ⭐ | string | Result of the daily biometric authentication. 'success' means the agent is cleared to perform Cash Withdrawal transactions for the day. |
| data.valid_till | string | Expiry timestamp of this daily auth token (end of the current calendar day, IST). |

## Example request

```json
{
  "initiator_id": "9962981729",
  "user_code": "20810200",
  "client_ref_id": "REQ-20260101-001",
  "aadhaar": "BASE64_ENCRYPTED_AADHAAR",
  "piddata": "<?xml version='1.0'?><PidData><Data type='X'>...</Data><DeviceInfo mc='...' /></PidData>",
  "latlong": "25.5941,85.1376",
  "source_ip": "103.56.78.90"
}
```

## Example response

```json
{
  "status": 0,
  "response_status_id": 0,
  "message": "Daily authentication successful. You can now process Cash Withdrawal transactions.",
  "response_type_id": 1388,
  "data": {
    "reference_id": "DAKYC20240101001",
    "auth_status": "success",
    "valid_till": "2024-01-01T23:59:59+05:30"
  }
}
```

## Error scenarios

| Status | Scenario |
| --- | --- |
| 200 | Biometric authentication failed |
| 200 | eKYC not completed — daily auth not yet eligible |
| 200 | Daily auth already completed for today |