POSTCreate DigiLocker URL
Generate a DigiLocker redirect URL to initiate consent-based Aadhaar document retrieval.
Creates a one-time DigiLocker URL that redirects the customer to the DigiLocker portal for consent-based retrieval of Aadhaar (and other) documents. After the customer authorises access on DigiLocker, they are redirected back to the provided redirect_url. The reference_id returned is then used to fetch the verified document data via the Get DigiLocker Document API.
Body parameters
| Field | Type | Required | Description |
|---|---|---|---|
initiator_id | string | required | Registered mobile number of the API user (see Platform Credentials).e.g. 9962981729 |
user_code | string | required | User code of the retailer/agent the service is run for.e.g. 20810200 |
client_ref_id | string | optional | Unique reference id per API call, generated by your system.e.g. REQ-20260101-001 |
document_requested | array | required | List of document types requested for verification. Defaults to ["AADHAAR"].e.g. AADHAAR |
redirect_urlRedirection URL | string | required | The URL to redirect the customer back to after completing the DigiLocker authorisation journey.e.g. https://yourapp.com/kyc/callback |
initiator_idstringRequiredRegistered mobile number of the API user (see Platform Credentials).
example: 9962981729
user_codestringRequiredUser code of the retailer/agent the service is run for.
example: 20810200
client_ref_idstringoptionalUnique reference id per API call, generated by your system.
example: REQ-20260101-001
document_requestedarrayRequiredList of document types requested for verification. Defaults to ["AADHAAR"].
example: AADHAAR
redirect_urlstringRequired· Redirection URLThe URL to redirect the customer back to after completing the DigiLocker authorisation journey.
example: https://yourapp.com/kyc/callback
Headers
| Field | Type | Required | Description |
|---|---|---|---|
developer_key | string | required | Static API key issued to your account after KYC. |
secret-key | string | required | Dynamic per-request signature: base64(HMAC-SHA256(timestamp, base64(access_key))). |
secret-key-timestamp | string | required | Current time in milliseconds since UNIX epoch, used to compute secret-key. Must match server time. |
content-type | string | required | application/jsone.g. application/json |
developer_keystringRequiredStatic API key issued to your account after KYC.
secret-keystringRequiredDynamic per-request signature: base64(HMAC-SHA256(timestamp, base64(access_key))).
secret-key-timestampstringRequiredCurrent time in milliseconds since UNIX epoch, used to compute secret-key. Must match server time.
content-typestringRequiredapplication/json
example: application/json
Responses
statusnumberPrimary success indicator (0 = success).
messagestringHuman-readable response / error message.
response_status_idnumberGranular status id; see the shared error-codes table.
response_type_idnumberA unique id for every possible response shape (success or error) — useful for client logic branching and analytics.
dataobjectAPI-specific response payload.
reference_idnumberUnique reference ID for this DigiLocker session. Store this to call Get DigiLocker Document after the customer completes the DigiLocker journey.
urlstringDigiLocker redirect URL. Present this URL to the customer to begin document authorisation.
document_requestedarrayEcho of the document types requested.
redirect_urlstringThe callback URL provided in the request.