POSTGet DigiLocker Document

Retrieve verified Aadhaar details from DigiLocker after the customer completes the consent journey.

POST/tools/kyc/digilocker/document

Fetches the verified Aadhaar (or other government document) data from DigiLocker using the reference_id obtained from Create DigiLocker URL. Must be called after the customer has completed authorisation on DigiLocker and been redirected back. Returns structured identity data extracted from the verified document.

Body parameters

Field	Type	Required	Description
`initiator_id`	string	required	Registered mobile number of the API user (see Platform Credentials).e.g. 9962981729
`user_code`	string	required	User code of the retailer/agent the service is run for.e.g. 20810200
`client_ref_id`	string	optional	Unique reference id per API call, generated by your system.e.g. REQ-20260101-001
`document_type`	array	required	List of document types to retrieve (e.g. ["AADHAAR"]).e.g. AADHAAR
`verification_id`	string	required	Unique verification ID returned by the Create DigiLocker URL API.e.g. vrf_digilocker_abc123
`reference_id`	string	required	Reference ID from the Create DigiLocker URL API response.e.g. 7483920

initiator_idstringRequired

Registered mobile number of the API user (see Platform Credentials).

example: 9962981729

user_codestringRequired

User code of the retailer/agent the service is run for.

example: 20810200

client_ref_idstringoptional

Unique reference id per API call, generated by your system.

example: REQ-20260101-001

document_typearrayRequired

List of document types to retrieve (e.g. ["AADHAAR"]).

example: AADHAAR

verification_idstringRequired

Unique verification ID returned by the Create DigiLocker URL API.

example: vrf_digilocker_abc123

reference_idstringRequired

Reference ID from the Create DigiLocker URL API response.

example: 7483920

Headers

Field	Type	Required	Description
`developer_key`	string	required	Static API key issued to your account after KYC.
`secret-key`	string	required	Dynamic per-request signature: base64(HMAC-SHA256(timestamp, base64(access_key))).
`secret-key-timestamp`	string	required	Current time in milliseconds since UNIX epoch, used to compute secret-key. Must match server time.
`content-type`	string	required	application/jsone.g. application/json

developer_keystringRequired

Static API key issued to your account after KYC.

secret-keystringRequired

Dynamic per-request signature: base64(HMAC-SHA256(timestamp, base64(access_key))).

secret-key-timestampstringRequired

Current time in milliseconds since UNIX epoch, used to compute secret-key. Must match server time.

content-typestringRequired

application/json

example: application/json

Responses

statusnumber
Primary success indicator (0 = success).
messagestring
Human-readable response / error message.
response_status_idnumber
Granular status id; see the shared error-codes table.
response_type_idnumber
A unique id for every possible response shape (success or error) — useful for client logic branching and analytics.
dataobject
API-specific response payload.
- documentsarray
  List of verified documents retrieved from DigiLocker.
  - document_typestring
    Type of document retrieved (e.g. AADHAAR).
  - namestring
    Full name as per the verified document.
  - dobstring
    Date of birth from the verified document.
  - genderstring
    Gender as per document: M, F, or T.
  - masked_aadhaarstring
    Aadhaar number with first 8 digits masked.
  - addressobject
    Residential address from the verified Aadhaar.
    - housestring
      House or flat number.
    - streetstring
      Street or locality name.
    - village_or_citystring
      Village or city.
    - districtstring
      District.
    - statestring
      State.
    - pincodestring
      6-digit postal code.
  - photostring
    Base64-encoded photograph from the Aadhaar document.
  - issue_datestring
    Date when the document was issued.
- verification_statusstring
  Overall DigiLocker verification status: SUCCESS or PENDING.