The document provides specifications for Digital Locker APIs used by issuers to push documents to the Digital Locker repository and for residents to access documents. It describes the document codification scheme including a unique document URI format. It also outlines the onboarding flow, document specifications, and three issuer interfaces: PUSH URI to Digital Locker, Pull URI Request API, and Pull Doc Request API.
How Educational Institutions Can Provide Digital Mark Sheets To Students Us...DigiLocker
Digital Locker is Govt of India's cloud based platform to issue digital copies of documents & certificates directly to Indian residents (based on Aadhaar) and make these sharable with various agencies. Citizens can also upload their documents online using Digital Locker, digitally sign them using eSign and use the system to electronically submit these documents for various Government services.
With reference to State Education Institutions/ Boards, DigiLocker can be used to push various education certificates and examination mark sheets in digital format. The State Education Board can also facilitate its online users to submit supporting documents from Digital Locker in various online application and admission forms.
Benefits for State Education Institution/ Board:
- Issuing digital marks sheets and certificates
- Forgery proof verification of mark sheets/certificates
Benefit to Students:
- Anytime, anywhere access to mark sheet & certificate
How Educational Institutions Can Provide Digital Mark Sheets To Students Us...DigiLocker
Digital Locker is Govt of India's cloud based platform to issue digital copies of documents & certificates directly to Indian residents (based on Aadhaar) and make these sharable with various agencies. Citizens can also upload their documents online using Digital Locker, digitally sign them using eSign and use the system to electronically submit these documents for various Government services.
With reference to State Education Institutions/ Boards, DigiLocker can be used to push various education certificates and examination mark sheets in digital format. The State Education Board can also facilitate its online users to submit supporting documents from Digital Locker in various online application and admission forms.
Benefits for State Education Institution/ Board:
- Issuing digital marks sheets and certificates
- Forgery proof verification of mark sheets/certificates
Benefit to Students:
- Anytime, anywhere access to mark sheet & certificate
Council for the Indian School Certificate Examinations (CISCE) will start giving digital marksheet and certificates to those who had appeared in class 10th and 12th board examination from this year 2017
What is Digital Signature, Digital Signature FAQ - eMudhraeMudhra dsc
eMudhra is one of the leading provider of Digital Signature Certificates and is a Licensed Certifying Authority(CA) authorized by the Controller of Certifying Authorities (CCA) and Ministry of Information Technology to issue digital signature Certificates in India.
CIS13: Taking the Hyperspace Bypass: Controlling User Access to Other WorldsCloudIDSummit
Dale Olds, Senior Staff Engineer, VMware
If identity is the new perimeter, then users must be able to access applications anywhere: on premise, in the cloud or on partner sites. To enable this access we must take identity information into other worlds, and there is no Babel Fish. This session will explain how to enable access to distributed applications without making users feel like Marvin the Paranoid Android. We will cover topics like federated authentication, browser single sign-on and delegated authorization for cloud APIs. Standards in this area are essential, but SAML, OAuth2, SCIM and OpenID can sound like Vogon poetry. We'll touch on the standards, but keep the Vogon poetry to a minimum.
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATIONPankaj Rane
Public Key Infrastructure is a widely deployed security technology for handling key distribution and validation in computer security. Despite PKI’s popularity as a security solution, Phishing and other Man-in-the-Middle related attacks are accomplished with ease throughout our computer networks. The major problems with PKI come down to trust, and largely, how much faith we must place in cryptographic keys alone to establish authenticity and identity.
In this paper, we look at a novel biometric solution that mitigates this problem at both the user and certificate authority levels. More importantly, we examine the trouble with the application of unprotected biometric features directly into PKI, and propose the integration of a secure, revocable biometric template protection technology that supports transactional key release. A detailed explanation of this new Biometric application is provided, including composition, enrollment, authentication, and revocation details. The Biometric provides a new paradigm for blending elements of physical and virtual security to address pesky network attacks that more conventional approaches have not been able to stop.
This IDentities of Things Discussion Group (IDoT DG) presentation discusses the challenges of performing "discover" in the identity management layer of IoT.
Digital signature certificate provider in delhieSign DSC
E-sign DSC has gained the reputation of being the certified digital signature certificate distributor and service provider in Delhi. The significance of DSC can be understood where we can see that there are many government application form in which DSC is mandatory. Get digital signature certificate instantly within 30 minutes after the documents get approved by the certifying controller authority.
In the EXISTING SYSTEM, Ballot
based Voting is present, but still there is no system to
avoid Proxy Casting and Recasting is implemented.
We do not have an option to see our casted Vote also.
There is no security in this current application. In the
PROPOSED SYSTEM, a novel electronic voting
system based on Blockchain that addresses some of
the limitations in existing systems and evaluates some
of the popular blockchain frameworks for the purpose
of constructing a blockchain-based e-voting system.
In the MODIFICATION part of the project, we
integrate Aadhaar card linked mobile number for
OTP generation, only then the voter can cast the vote,
this system prevents casting and re-casting of proxies.
Advanced mechanism for single sign on for distributed computer networkseSAT Journals
Abstract A distributed computer networks could be a special form of the network that facilitates the purchasers to use completely different network services that is provided by the service suppliers. Within the distributed computer networks, user verification is a crucial method for the protection. Within the verification, the choice is taken whether the user is legal or not and then enabled the users to access the service. In general users are using multiple usernames and passwords for to access different applications on a distributed computer network. This increase the burden of the user and organization administrator as each and every account of the organization is going to be handled with their explicit username and credential. A new certification plan that is named as single sign-on mechanism that facilitates the users with one identity token to be verified by multiple service suppliers. Single sign-on is one of user authentication method that allows a user to enter one name and identity token so as to access multiple applications. The method authenticates the user for all the applications they have been offered access to and eliminates additional prompts after they switch applications throughout a specific session. However, existing approaches which are utilizing single sign-on scheme have some drawbacks relating to security needs. Thus, through this paper, we will discuss regarding the event of security from earlier stage to present stage. And clearly discuss regarding the authentication steps between user and service supplier. Keywords — single sign-on, authentication token , mutual authentication
IDoT: Challenges from the IDentities of Things Landscapekantarainitiative
This is a presentation from the Kantara Initiative Identities of the Things (IDoT) Discussion Group. The presentations summarizes the findings to date of the DG for next steps and industry discussion and innovation.
Automated E-Pin Generator in Banking Sectordbpublications
For the purpose of saving and securing money, to get loans, employers to get wages, to pay bill online, etc., every human being require a bank account. Either it can be savings account or checking account, each one has its own functionalities. In earlier days the person needs to go for bank for account opening or any other transactions, but now through online any functionality can be handled. If a user can able to access the privileges of bank he must have an account. So the initial step of banking is account opening. To open an account in any bank it undergoes several steps. First the user walk in to any bank or he can visit to any bank website then he needs pick up an account opening application and then has to fill his valid personal details in the application, mention the type of account he is going to open and finally provide nominee for his account. After all these process a unique account number is provided to user in a couple of days. Our project is implemented based on the banking system which is going to resolve the delay in providing an account number by the bank that takes a couple of days to process. To avoid this delay we are implementing a banking application that will process the user application day by day with a short period of time the user will get his bank account number more efficiently.
Digital signatures are like electronic “fingerprints.” In the form of a coded message, the digital signature securely associates a signer with a document in a recorded transaction.
Council for the Indian School Certificate Examinations (CISCE) will start giving digital marksheet and certificates to those who had appeared in class 10th and 12th board examination from this year 2017
What is Digital Signature, Digital Signature FAQ - eMudhraeMudhra dsc
eMudhra is one of the leading provider of Digital Signature Certificates and is a Licensed Certifying Authority(CA) authorized by the Controller of Certifying Authorities (CCA) and Ministry of Information Technology to issue digital signature Certificates in India.
CIS13: Taking the Hyperspace Bypass: Controlling User Access to Other WorldsCloudIDSummit
Dale Olds, Senior Staff Engineer, VMware
If identity is the new perimeter, then users must be able to access applications anywhere: on premise, in the cloud or on partner sites. To enable this access we must take identity information into other worlds, and there is no Babel Fish. This session will explain how to enable access to distributed applications without making users feel like Marvin the Paranoid Android. We will cover topics like federated authentication, browser single sign-on and delegated authorization for cloud APIs. Standards in this area are essential, but SAML, OAuth2, SCIM and OpenID can sound like Vogon poetry. We'll touch on the standards, but keep the Vogon poetry to a minimum.
CASE STUDY ON PKI & BIOMETRIC BASED APPLICATIONPankaj Rane
Public Key Infrastructure is a widely deployed security technology for handling key distribution and validation in computer security. Despite PKI’s popularity as a security solution, Phishing and other Man-in-the-Middle related attacks are accomplished with ease throughout our computer networks. The major problems with PKI come down to trust, and largely, how much faith we must place in cryptographic keys alone to establish authenticity and identity.
In this paper, we look at a novel biometric solution that mitigates this problem at both the user and certificate authority levels. More importantly, we examine the trouble with the application of unprotected biometric features directly into PKI, and propose the integration of a secure, revocable biometric template protection technology that supports transactional key release. A detailed explanation of this new Biometric application is provided, including composition, enrollment, authentication, and revocation details. The Biometric provides a new paradigm for blending elements of physical and virtual security to address pesky network attacks that more conventional approaches have not been able to stop.
This IDentities of Things Discussion Group (IDoT DG) presentation discusses the challenges of performing "discover" in the identity management layer of IoT.
Digital signature certificate provider in delhieSign DSC
E-sign DSC has gained the reputation of being the certified digital signature certificate distributor and service provider in Delhi. The significance of DSC can be understood where we can see that there are many government application form in which DSC is mandatory. Get digital signature certificate instantly within 30 minutes after the documents get approved by the certifying controller authority.
In the EXISTING SYSTEM, Ballot
based Voting is present, but still there is no system to
avoid Proxy Casting and Recasting is implemented.
We do not have an option to see our casted Vote also.
There is no security in this current application. In the
PROPOSED SYSTEM, a novel electronic voting
system based on Blockchain that addresses some of
the limitations in existing systems and evaluates some
of the popular blockchain frameworks for the purpose
of constructing a blockchain-based e-voting system.
In the MODIFICATION part of the project, we
integrate Aadhaar card linked mobile number for
OTP generation, only then the voter can cast the vote,
this system prevents casting and re-casting of proxies.
Advanced mechanism for single sign on for distributed computer networkseSAT Journals
Abstract A distributed computer networks could be a special form of the network that facilitates the purchasers to use completely different network services that is provided by the service suppliers. Within the distributed computer networks, user verification is a crucial method for the protection. Within the verification, the choice is taken whether the user is legal or not and then enabled the users to access the service. In general users are using multiple usernames and passwords for to access different applications on a distributed computer network. This increase the burden of the user and organization administrator as each and every account of the organization is going to be handled with their explicit username and credential. A new certification plan that is named as single sign-on mechanism that facilitates the users with one identity token to be verified by multiple service suppliers. Single sign-on is one of user authentication method that allows a user to enter one name and identity token so as to access multiple applications. The method authenticates the user for all the applications they have been offered access to and eliminates additional prompts after they switch applications throughout a specific session. However, existing approaches which are utilizing single sign-on scheme have some drawbacks relating to security needs. Thus, through this paper, we will discuss regarding the event of security from earlier stage to present stage. And clearly discuss regarding the authentication steps between user and service supplier. Keywords — single sign-on, authentication token , mutual authentication
IDoT: Challenges from the IDentities of Things Landscapekantarainitiative
This is a presentation from the Kantara Initiative Identities of the Things (IDoT) Discussion Group. The presentations summarizes the findings to date of the DG for next steps and industry discussion and innovation.
Automated E-Pin Generator in Banking Sectordbpublications
For the purpose of saving and securing money, to get loans, employers to get wages, to pay bill online, etc., every human being require a bank account. Either it can be savings account or checking account, each one has its own functionalities. In earlier days the person needs to go for bank for account opening or any other transactions, but now through online any functionality can be handled. If a user can able to access the privileges of bank he must have an account. So the initial step of banking is account opening. To open an account in any bank it undergoes several steps. First the user walk in to any bank or he can visit to any bank website then he needs pick up an account opening application and then has to fill his valid personal details in the application, mention the type of account he is going to open and finally provide nominee for his account. After all these process a unique account number is provided to user in a couple of days. Our project is implemented based on the banking system which is going to resolve the delay in providing an account number by the bank that takes a couple of days to process. To avoid this delay we are implementing a banking application that will process the user application day by day with a short period of time the user will get his bank account number more efficiently.
Digital signatures are like electronic “fingerprints.” In the form of a coded message, the digital signature securely associates a signer with a document in a recorded transaction.
This presentation gives an overview on the work that is going on at OpenID Foundation in Liaison with Decentralized Identity Foundation to enable SSI applications based on OpenID Connect.
OpenID for Verifiable Credentials is a family of protocols supporting implementation of applications with Verifiable Credentials, i.e. verifiable credential issuance, credential presentation, and pseudonyms authentication.
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...Torsten Lodderstedt
This deck gives an overview of OpenID 4 Verifiable Credentials and shows how the specs can be tailored to the needs of a certain category of projects/ecosystems.
Enterprise & Web based Federated Identity Management & Data Access Controls Kingsley Uyi Idehen
This presentation breaks down issues associated with federated identity management and protected resource access controls (policies). Specifically, it uses Virtuoso and RDF to demonstrate how this longstanding issue has been addressed using the combination of RDF based entity relationship semantics and Linked Open Data.
OpenID Connect 4 SSI aims at specifying a set of protocols based on OpenID Connect to enable SSI applications. The initiative is conducted at OpenID Foundation in liaison with the Decentralized Identity Foundation (DIF). One of the specifications is built up on DID-SIOP in DIDAuth WG in DIF and SIOP v1 in OIDC Core.
Scalable Data Management: Automation and the Modern Research Data PortalGlobus
Globus is an established service from the University of Chicago that is widely used for managing research data in national laboratories, campus computing centers, and HPC facilities. While its interactive web browser interface addresses simple file transfer and sharing scenarios, large scale automation typically requires integration of the research data management platform it provides into bespoke applications.
We will describe one such example, the Petrel data portal (https://petreldata.net), used by researchers to manage data in diverse fields including materials science, cosmology, machine learning, and serial crystallography. The portal facilitates automated ingest of data, extraction and addition of metadata for creating search indexes, assignment of persistent identifiers faceted search for rapid data discovery, and point-and-click downloading of datasets by authorized users. As security and privacy are often critical requirements, the portal employs fine-grained permissions that control both visibility of metadata and access to the datasets themselves. It is based on the Modern Research Data Portal design pattern, jointly developed by the ESnet and Globus teams, and leverages capabilities such as the Science DMZ for enhanced performance and to streamline the user experience.
Identity for IoT: An Authentication Framework for the IoTAllSeen Alliance
John Bradley, Ping Identity, gave this presentation at the AllSeen Alliance's Partner Programme at Mobile World Congress 2015.
About Ping Identity: Ping Identity provides next-generation identity security solutions. With more than 1,200 enterprise customers worldwide, including half of the Fortune 100, Ping Identity delivers professional-grade identity security solutions that meet the needs of organizations managing workforce, customer, and partner identities. Identity at Internet scale is a concept that will be required as the industry builds services that encompass billions of connected devices and identities.
The Federation for Identity and Cross-Credentialing Systems (FiXs) is a coalition of commercial companies, government contractors, and not-for-profit organizations who have established and maintain a worldwide, interoperable identity and cross-credentialing network built on security, privacy, trust, standard operating rules, policies, and technical standards. Founded and incorporated as a not for profit in 2004 and based in Fairfax, Virginia, FiXs was formed to pilot a federated identity transaction model.
FiXs provides a trusted mechanism for federated identity infrastructure within and between public and private sector organizations with accuracy and trust through the application of a Federated Trust Model. The FiXs network capabilities can be accessed worldwide, in remote or fixed environments, wired or wirelessly, and in real-time.
Modeled after the financial industry’s highly-secure and widely-accepted ATM (Automated Teller Machine) approach, the FiXs network is a secure, scalable system that provides trusted, interoperable identity verification and credential authentication for network users accessing a range of government and commercial facilities. The FiXs network meets federally-mandated requirements, supports physical and logical access applications and integrates with an organization’s existing personnel system, while leveraging the network’s economies of scale.
The Federation includes more than 20 members, including systems integrators, financial institutions, and organizations focused on promoting improved workforce protection and systems security for critical infrastructure. The U.S. Department of Defense (DoD) and the General Services Administration (GSA) are participating government organizations. FiXs members contribute ideas, technologies, and best practices for implementing a secure identity cross-credentialing network based on open standards, sound business processes, and proven technologies and security.
The FiXs network uses available identity credential technology in conjunction with biometric identification. FiXs can be used within and between public and private sector organizations and promotes a trusted mechanism for federated identity infrastructures. It is important to note that FiXs does not grant or deny physical or logical access for any credential bearer. Rather, it delivers a trusted infrastructure that provides participating members with an assured means to authenticate the actual identity of individuals presenting FiXs-certified credentials for access to facilities and systems.
FiXs is an open membership organization. Members join to contribute to and influence the evolution and development of the FiXs network, its capabilities, and certified applications, to learn the latest technologies and strategies for robust identity management programs, and to meet and engage in dialogue with compatible business interests.
Similar to Digital Locker Dedicated Repository API Specification v1 4 (20)
Demo: How to get your Digital Aadhaar (eAadhaar) in DigiLockerAmit Ranjan
You can get a digital copy of your Aadhaar (eAadhaar issued by UIDAI, Unique Identification Authority of India) directly in your DigiLocker account. All you have to do is to sign up for a DigiLocker account and sync it with Aadhaar - the digital Aadhaar automatically shows up in your issued documents section.
Government of India Gazette Notification - The Information Technology (Preser...Amit Ranjan
In exercise of the powers conferred by sub section (1) of section 87 and clause (wa) of subsection
(2) of section 87 read with section 6A and section 67C of the Information Technology Act, 2000 (21 of 2000) the
Central Government of India hereby makes the following rules for the preservation and retention of information by intermediaries
providing Digital Locker Facilities, namely:–– the Information Technology (Preservation
and Retention of Information by Intermediaries Providing Digital Locker Facilities) Rules, 2016.
India needs highly scalable solutions and ‘public goods’ should act as a key enabler for building such solutions. IndiaStack is one such emerging system, which entrepreneurs and startups should embrace.
Presence-less, paperless, cashless Service Delivery for a Billion people is a very big task. The large-scale systems needed to cost-effectively deliver such a solution would only be built with the combined participation of all parties, including government bodies and private companies or startups. The government systems will enable critical capabilities made available to entrepreneurs who could build diverse set of Apps useful in reaching the services to a wide mass of people through mobile phones.
Digital India - Govt of India's flagship program for digital empowerment of I...Amit Ranjan
Digital India is the Indian Government's flagship program aimed at transforming India into a digitally empowered society and knowledge economy.
Source : https://negp.gov.in/pdfs/DigitalIndia.pdf
This session provides a comprehensive overview of the latest updates to the Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (commonly known as the Uniform Guidance) outlined in the 2 CFR 200.
With a focus on the 2024 revisions issued by the Office of Management and Budget (OMB), participants will gain insight into the key changes affecting federal grant recipients. The session will delve into critical regulatory updates, providing attendees with the knowledge and tools necessary to navigate and comply with the evolving landscape of federal grant management.
Learning Objectives:
- Understand the rationale behind the 2024 updates to the Uniform Guidance outlined in 2 CFR 200, and their implications for federal grant recipients.
- Identify the key changes and revisions introduced by the Office of Management and Budget (OMB) in the 2024 edition of 2 CFR 200.
- Gain proficiency in applying the updated regulations to ensure compliance with federal grant requirements and avoid potential audit findings.
- Develop strategies for effectively implementing the new guidelines within the grant management processes of their respective organizations, fostering efficiency and accountability in federal grant administration.
ZGB - The Role of Generative AI in Government transformation.pdfSaeed Al Dhaheri
This keynote was presented during the the 7th edition of the UAE Hackathon 2024. It highlights the role of AI and Generative AI in addressing government transformation to achieve zero government bureaucracy
Canadian Immigration Tracker March 2024 - Key SlidesAndrew Griffith
Highlights
Permanent Residents decrease along with percentage of TR2PR decline to 52 percent of all Permanent Residents.
March asylum claim data not issued as of May 27 (unusually late). Irregular arrivals remain very small.
Study permit applications experiencing sharp decrease as a result of announced caps over 50 percent compared to February.
Citizenship numbers remain stable.
Slide 3 has the overall numbers and change.
Russian anarchist and anti-war movement in the third year of full-scale warAntti Rautiainen
Anarchist group ANA Regensburg hosted my online-presentation on 16th of May 2024, in which I discussed tactics of anti-war activism in Russia, and reasons why the anti-war movement has not been able to make an impact to change the course of events yet. Cases of anarchists repressed for anti-war activities are presented, as well as strategies of support for political prisoners, and modest successes in supporting their struggles.
Thumbnail picture is by MediaZona, you may read their report on anti-war arson attacks in Russia here: https://en.zona.media/article/2022/10/13/burn-map
Links:
Autonomous Action
http://Avtonom.org
Anarchist Black Cross Moscow
http://Avtonom.org/abc
Solidarity Zone
https://t.me/solidarity_zone
Memorial
https://memopzk.org/, https://t.me/pzk_memorial
OVD-Info
https://en.ovdinfo.org/antiwar-ovd-info-guide
RosUznik
https://rosuznik.org/
Uznik Online
http://uznikonline.tilda.ws/
Russian Reader
https://therussianreader.com/
ABC Irkutsk
https://abc38.noblogs.org/
Send mail to prisoners from abroad:
http://Prisonmail.online
YouTube: https://youtu.be/c5nSOdU48O8
Spotify: https://podcasters.spotify.com/pod/show/libertarianlifecoach/episodes/Russian-anarchist-and-anti-war-movement-in-the-third-year-of-full-scale-war-e2k8ai4
A process server is a authorized person for delivering legal documents, such as summons, complaints, subpoenas, and other court papers, to peoples involved in legal proceedings.
What is the point of small housing associations.pptxPaul Smith
Given the small scale of housing associations and their relative high cost per home what is the point of them and how do we justify their continued existance
Jennifer Schaus and Associates hosts a complimentary webinar series on The FAR in 2024. Join the webinars on Wednesdays and Fridays at noon, eastern.
Recordings are on YouTube and the company website.
https://www.youtube.com/@jenniferschaus/videos
2. Dedicated Repository API Specification
1
Revision History
Version Date Author Comments
1.2 15/07/2015 Amit Jain (NeGD) New release of Digital Locker. Added
CSV support for uploading URIs.
1.3 30/07/2015 Amit Savant (NeGD) Removed two attributes from Pull
URI API Response - file_name,
Aadhaar name.
1.4 08/08/2015 Amit Savant (NeGD) Specified the date format for CSV
data.
3. Dedicated Repository API Specification
2
Table of Contents
Revision History.......................................................................................................................................................1
Introduction...............................................................................................................................................................3
Digital Locker System Overview .......................................................................................................................3
Key Terminology .....................................................................................................................................................3
On-Boarding Flow...................................................................................................................................................5
Document Codification Scheme.........................................................................................................................5
Unique Document URI ......................................................................................................................................5
Issuer ID (mandatory)......................................................................................................................................6
Document Type (mandatory)........................................................................................................................6
Document ID (mandatory)..............................................................................................................................6
Document Issuance Flow .....................................................................................................................................7
E-Document Specifications..................................................................................................................................7
Document URI......................................................................................................................................................7
Document Owner................................................................................................................................................8
Document Format...............................................................................................................................................8
Issuer Interfaces ......................................................................................................................................................8
PUSH URI to Digital Locker.............................................................................................................................9
Pull URI Request API......................................................................................................................................10
Pull URI Request API elements..............................................................................................................10
Pull URI API Response...............................................................................................................................11
Pull URI API Response elements...........................................................................................................12
Pull Doc Request API......................................................................................................................................13
Pull Doc Request API elements..............................................................................................................13
Pull Doc API Response ..............................................................................................................................13
Pull Doc API Response elements...........................................................................................................14
4. Dedicated Repository API Specification
3
Digital Locker API Specification
Introduction
This document provides detailed specification of the Digital Locker APIs. These APIs will be
used by various issuer departments to push their documents to the Digital Locker
repository. This document assumes that the reader is aware of the Digital Locker
application functionality and has read the Digital Locker Technical Specification (DLTS).
Digital Locker System Overview
The proposed architecture of the Digital Locker system is described in “Digital Locker
Technical Specifications (DLTS)” document. Digital Locker system consists of e-Documents
repositories and access gateways for providing an online mechanism for issuers to store
and requesters to access a Digital Document in a uniform way in real-time.
Key Terminology
1. Electronic Document or E-Document – A digitally signed electronic document in
XML format issued to one or more individuals (Aadhaar holders) in appropriate
format compliant to DLTS specifications. Examples:
• Degree certificate issued to a student by a university.
• Caste certificate issued to an individual by a state government department.
• Marriage certificate issued to two individuals by a state government
department.
5. Dedicated Repository API Specification
4
2. Digital Repository – A software application complying with DLTS specifications,
hosting a collection (database) of e-documents and exposing a standard API for
secure real-time access.
• While architecture does not restrict the number of repository providers, it is
recommended that few highly available and resilient repositories be setup
and encourage everyone to use that instead of having lots of repositories.
3. Digital Locker – A dedicated storage space assigned to each resident, to store
authenticated documents. The digital locker would be accessible via web portal or
mobile application.
4. Issuer – An entity/organization/department issuing e-documents to individuals in
DLTS compliant format and making them electronically available within a repository
of their choice.
5. Requester – An entity/organization/department requesting secure access to a
particular e-document stored within a repository. Examples:
• A university wanting to access 10th standard certificate for admissions
• A government department wanting to access BPL certificate
• Passport department wanting to access marriage certificate
6. Access Gateway – A software application complying with DLTS specifications
providing an online mechanism for requesters to access an e-document in a uniform
way from various repositories in real-time.
• Gateway services can be offered by repository providers themselves.
• While architecture does not restrict the number of repository providers, it is
suggested that few resilient and highly available central gateway systems be
setup and requesters can signup with any one of the gateways for accessing
documents in the Digital repositories.
7. Document URI – A unique document URI mandatory for every document. This
unique URI can be resolved to a full URL to access the actual document in
appropriate repository.
• Document URI is a persistent, location independent, repository independent,
issuer independent representation of the ID of the document.
• The existence of such a URI does not imply availability of the identified
resource, but such URIs are required to remain globally unique and
persistent, even when the resource ceases to exist or becomes unavailable.
• While document URI itself is not a secret, access to the actual document is
secure and authenticated.
6. Dedicated Repository API Specification
5
On-Boarding Flow
Document Codification Scheme
Unique Document URI
Every document that is issued and made accessible via e-Locker system must have a unique
way to resolve to the correct repository without conflict. This is critical to eliminate the
need for all documents reference to be in one system. Federated repositories storing
documents issued by various departments/agencies must be “reachable” via the gateway in
a unique fashion.
Get Issuer ID
Create
Document type
Generate URI
Map URI with
e-Document
Create CSV File
and upload via
issuer login
Create REST
based Pull URI
Request API
Create REST
based Pull Doc
Request API
All documents issued in compliance to DLTS should have the following URI format:
IssuerId-DocType-DocId where
IssuerId is a unique issuer entity ID across the country
DocType is the document type optionally defined by the issuer
DocId is a unique document ID within the issuer system
7. Dedicated Repository API Specification
6
Issuer ID (mandatory)
All departments/agencies within government issuing citizen documents, termed as “Issuers”
must have a unique identification to ensure all documents issued by them are accessible via
DLTS gateway.
Examples of issuer Ids are “maharashtra.gov.in” (Maharashtra State Government),
“kseeb.kar.nic.in” (Karnataka School Board”, “cbse.nic.in” (CBSE School Board), “UDEL”
(Delhi University), etc. These codes MUST BE unique across India and published as part of
standard e-governance codification list.
Document Type (mandatory)
Issuers can freely define a list of document types for their internal classification. For
example, CBSE may classify certificates into “MSTN” (10th mark sheet), “KVPY” (certificate
issued to KVPY scholarship fellows), etc. There are no requirements for publishing these via
any central registry.
Classifying documents into various types allows issuers to choose different repositories for
different types. This is to future proof the design without making assumption that all
certificates issued by the issuer are available in same repository. This also allows migration
from one repository to another in a gradual way. Issuers are free to define their document
types without worrying any collaboration across other issuers. Keeping the length minimal
allows manual entry of document URI without making it too long. Hence it is recommended
to keep length to be only up to 5.
Document ID (mandatory)
A document ID determined by the department/agency (issuer) should be assigned to every
document. It MUST BE unique either within the document types of that issuer or it can be
unique across all document types of that issuer.
It is recommended that issuers define document types either using pure alpha
case-insensitive strings of length up to 5. These document types MUST BE unique
WITHIN the issuer system. This classification within the issuer system also allows
versioning of documents making future documents to be of different formats and in
different repositories without having the need to have all documents in one repository.
If need arises in future to go beyond length 5, maximum length of doc type can
easily use increased without breaking compatibility any existing systems and
documents.
It is recommended that list of unique issuer codes be derived via their domain URL
whenever available and be published as part of e-governance standard codification
scheme with ability to add new issuers on need basis. When URL is not available for a
department, a unique (alpha) code may be assigned.
8. Dedicated Repository API Specification
7
Document Issuance Flow
Document issuance flow is given below:
1. Create a digitally signed e-document complying to DLTS specification with a unique
URI .
a. Issuer entity uses the unique code for itself (obtain a new one if not already
listed) that is available in common DLTS Issuer Codification e-governance
standards. This is a country wide “Unique Issuer ID.
b. Document type codification is done by the Digital Locker system administrator.
Issuers may choose an available document type or if a new type of document is
being issued then request Digital Locker team to create the required document
type.
2. Issuer should create a document repository for storing documents and making it
available online. This could be an existing database or document management
system where the issued documents are stored.
3. Issue the printed document to the individual(s) for whom the document is issued to
with a human readable document URI.
a. Issuer should also offer an option to people to push the document URI to the
digital lockers of the resident for whom the document was issued.
E-Document Specifications
Document URI
All documents issued in compliance to DLTS should have the following URI format:
<IssuerId>[-DocType]-<DocId>
Where,
IssuerId (mandatory) - is a unique issuer entity ID. This is a unique pure alpha
case-insensitive string. To easily make it unique, department’s domain URL can be
used whenever available. The list of issuer Ids must be published and should have a
mechanism to add new ones as required. Unique list of Issuer IDs MUST BE
unique and published via central e-governance codification scheme.
Document ID is an alpha-numeric string with maximum length of 10. It is
recommended that issuers define document IDs either using pure alpha case-
insensitive string using a RANDOM number/string generator. Document IDs MUST
BE unique WITHIN the issuer system within a document type. If need arises in
future to go beyond length 10, maximum length of doc ID can easily use increased
without breaking compatibility any existing systems and documents.
Using random string eliminates the possibility of “guessing” next sequence number and
accessing a list of documents in a sequential way. This is critical to ensure security of
documents and ensures document can be accessed ONLY IF the requester “knows” the
actual document ID (instead of guessing sequential numbers).
It is highly recommended that issuer needing to issue a total of n documents within a
document type use at least 10n random space from which the strings/numbers are
chosen to randomly allocate. Notice that since document types allow further
classification, it is suggested to keep the length minimal. Since issuers can easily add a
new document type without any collaboration and approvals across other issuers, if
more numbers are required, a new document type may be introduced.
9. Dedicated Repository API Specification
8
DocType (mandatory) - is the document type optionally defined by the issuer. This
is highly recommended for document classification and versioning purposes. Issuers
may decide their own classification mechanism. This is a 5 char pure alpha string
which can be expanded in future as needed.
DocId (mandatory) - is a unique document ID of length up to 10 within the issuer
system. It is highly recommended that this is either purely numeric or alpha to avoid
confusion with “0” with “o” etc. Also, it is highly recommended to use random strings
to avoid guessing the sequence of document IDs.
Document Owner
For avoiding document misuse, it is critical that all documents are “attached” to one or more
Aadhaar holders. For example, a caste certificate may be attached to one Aadhaar holder
while a marriage certificate is attached to two Aadhaar holders. Proposed DLTS solution
offers a mechanism for issuers to secure access via Aadhaar authentication of any of the
owners.
Document Format
All e-documents must be represented in PDF or XML format complying to DLTS
specifications. This ensures that a standardized XML structure is used to capture common
attributes of all documents.
Issuer Interfaces
Each issuer organization will have to consume or implement 3 interfaces to fully integrate
with the Digital Locker system. These 3 interfaces are:
1. Push URI to Digital Locker: This web based interface is provided to the issuers by
Digital Locker system to push the URI’s of all the documents available in their
repositories so that the same can be displayed to the residents. This will be a way if
notifying the resident that a particular issuers has following documents linked to the
user’s Aadhaar number.
2. Pull URI Request API: This REST based pull interface has to be implemented by the
issuer organization to allow a resident to query the issuer repository by providing
his/her Aadhaar number or any other identifier applicable to issuer organization
(such as Roll number + Year + Class for CBSE). This way the issuer may provide the
URI’s of all the documents that are linked to the Aadhaar number or other identifiers
provided by the resident.
3. Pull Doc Request API: This REST based pull interface has to be implemented by the
issuer organization to allow a resident to fetch a document from the issuer
repository by providing the URI of the document.
These 3 interfaces are defined in greater details below.
10. Dedicated Repository API Specification
2
Table of Contents
Revision History.......................................................................................................................................................1
Introduction...............................................................................................................................................................3
Digital Locker System Overview .......................................................................................................................3
Key Terminology .....................................................................................................................................................3
On-Boarding Flow...................................................................................................................................................5
Document Codification Scheme.........................................................................................................................5
Unique Document URI ......................................................................................................................................5
Issuer ID (mandatory)......................................................................................................................................6
Document Type (mandatory)........................................................................................................................6
Document ID (mandatory)..............................................................................................................................6
Document Issuance Flow .....................................................................................................................................7
E-Document Specifications..................................................................................................................................7
Document URI......................................................................................................................................................7
Document Owner................................................................................................................................................8
Document Format...............................................................................................................................................8
Issuer Interfaces ......................................................................................................................................................8
PUSH URI to Digital Locker.............................................................................................................................9
Pull URI Request API......................................................................................................................................10
Pull URI Request API elements..............................................................................................................10
Pull URI API Response...............................................................................................................................11
Pull URI API Response elements...........................................................................................................12
Pull Doc Request API......................................................................................................................................13
Pull Doc Request API elements..............................................................................................................13
Pull Doc API Response ..............................................................................................................................13
Pull Doc API Response elements...........................................................................................................14
11. Dedicated Repository API Specification
2
Table of Contents
Revision History.......................................................................................................................................................1
Introduction...............................................................................................................................................................3
Digital Locker System Overview .......................................................................................................................3
Key Terminology .....................................................................................................................................................3
On-Boarding Flow...................................................................................................................................................5
Document Codification Scheme.........................................................................................................................5
Unique Document URI ......................................................................................................................................5
Issuer ID (mandatory)......................................................................................................................................6
Document Type (mandatory)........................................................................................................................6
Document ID (mandatory)..............................................................................................................................6
Document Issuance Flow .....................................................................................................................................7
E-Document Specifications..................................................................................................................................7
Document URI......................................................................................................................................................7
Document Owner................................................................................................................................................8
Document Format...............................................................................................................................................8
Issuer Interfaces ......................................................................................................................................................8
PUSH URI to Digital Locker.............................................................................................................................9
Pull URI Request API......................................................................................................................................10
Pull URI Request API elements..............................................................................................................10
Pull URI API Response...............................................................................................................................11
Pull URI API Response elements...........................................................................................................12
Pull Doc Request API......................................................................................................................................13
Pull Doc Request API elements..............................................................................................................13
Pull Doc API Response ..............................................................................................................................13
Pull Doc API Response elements...........................................................................................................14
12. Dedicated Repository API Specification
11
UDF1 (Optional): User Defined Field
UDF2 (Optional): User Defined Field
UDF3 (Optional): User Defined Field
Pull URI API Response
The response to the PULL URI request will include the URI of any documents linked to the
given Aadhaar number in the request as well as additional meta data of the document. The
issuer will provide the response back to the Digital Locker system synchronously.
The following is the XML response template for the PULL URI Response API.
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<PullURIResponse xmlns:ns2="http://tempuri.org/">
<ResponseStatus StatusCode="" Status="1" ts=” YYYY-MM-DDThh:mm:ss+/-
nn:nn” txn=""> //1-Success //0-Failure
</ResponseStatus>
<EDocList URICount="2" IssuerCode="">
<Edoc>
<Meta uri="testt.in.gov.kerala.edistrict-A001116301471-420"
doc_type="Main" doc_name="ABCD" app_id="4200"
issueDateTime="05/02/2015" issuedToUID="221723431724">
<Owners>
<Aadhaar uid="221723431724"/>
</Owners>
<UDF1></UDF1> //User Defined Field
<UDF2></UDF2> //User Defined Field
<UDF3></UDF3> //User Defined Field
<Print format="" highResUrl="" lowResUrl=""/>
</Meta>
<Signature/>
</Edoc>
<Edoc>
<Meta uri="testt.in.gov.kerala.edistrict-A001116301471-421"
doc_type="Main" doc_name="ABCD" app_id="4200"
issueDateTime="05/02/2015" issuedToUID="221723431724">
<Owners>
<Aadhaar uid="221723431724"/>
</Owners>
<UDF1></UDF1> //User Defined Field
<UDF2></UDF2> //User Defined Field
<UDF3></UDF3> //User Defined Field
<Print format="" highResUrl="" lowResUrl=""/>
</Meta>
<Signature/>
</Edoc>
</EDocList>
</PullURIResponse>
13. Dedicated Repository API Specification
12
Pull URI API Response elements
ts (mandatory) = timestamp
txn (mandatory): Transaction id (same as the one received in the request)
uri (mandatory): URI identifies the document uniquely. Please refer to the Document
Codification Scheme to create the URI.
doc_type (mandatory): Defined by the Issuers. By default it is “MAIN”. It is for future use,
say in case a Supporting Document Type is added to the repository.
doc_name (mandatory): This is name of the document. This meta data will be used while
displaying the document in the User Digital Locker/ Requestor interface to identify the
document
app_id (mandatory): Unique id of the issuers application which generated the document.
This will be helpful in keeping the audit trail of source of the generated document.
issueDateTime(mandatory): Issued date and Time of the document to the user. Incase of
batch submission of the document to the repository, this can be a past date/time value.
issuedToUID (mandatory): Aadhaar Number of the Issuee.
Aadhaar UID (mandatory): Aadhaar Number of the owner of the document.
Print format (mandatory): Print Format specifies the document format type to be adopted
while printing. At present the value is APPLICATION/PDF only. It will provide the rendering
information to the REQUESTOR.
highResUrl (Optional): This stores the URL of the high resolution document available with
the ISSUER. This can be left blank at present.
lowResUrl (Optional): This stores the URL of the low resolution document available with
the ISSUER. This can be left blank at present.
docBody (Optional): issuer can add meta content specific to doc here. e.g.
<taluka>Borivali</taluka>in this tag.
Signature (Mandatory): The ISSUER has to sign the PUSH request with its Digital
Signature.
UDF1 (Optional): User Defined Field
UDF2 (Optional): User Defined Field
UDF3 (Optional): User Defined Field
14. Dedicated Repository API Specification
13
Pull Doc Request API
The REST based Pull Doc Request API has to be implemented by the issuers and will be
consumed by Digital Locker system. This API will be invoked when the resident clicks on
the URI displayed in the Govt. Issued documents section of the Digital locker portal. At the
time of the click the Digital Locker system will query the issuer repository to fetch the
document linked to the URI being clicked.
The following is the XML request template for the PULL Doc Request API.
The User details will be issued by the issuer to the Digital Locker system. This would consist
of Username and User Key.
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<PullDocRequest xmlns:ns2="http://tempuri.org/" ver=”1.0” ts=” YYYY-
MM-DDThh:mm:ss+/-nn:nn” txn=”” orgId=”” keyhash="sha256(key+ts)">
<DocDetails txn="">
<URI>testt.in.gov.kerala.edistrict-A001116301471-420</URI>
<UDF1></UDF1> //User Defined Field
<UDF2></UDF2> //User Defined Field
<UDF3></UDF3> //User Defined Field
</DocDetails>
</PullDocRequest>
Pull Doc Request API elements
ts (mandatory) = timestamp
txn (Mandatory) = transaction id
orgId (mandatory): Org Id is the id issued to Digital locker system by the issuer system as
part of allowing access to the Issuer APIs.
keyHash (mandatory): Key hash is SHA-256(API-key+ts). API key is provided to the
Digital Locker system by issuer system to access the issuer APIs.
uri (mandatory): URI identifies the document uniquely
UDF1 (Optional): User Defined Field
UDF2 (Optional): User Defined Field
UDF3 (Optional): User Defined Field
Pull Doc API Response
The response to the PULL Doc request will include the Doc content of any documents linked
to the given URI in the request. The issuer will provide the response back to the Digital
Locker system synchronously.
The following is the XML response template for the PULL Doc Response API.
15. Dedicated Repository API Specification
14
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<PullDocResponse xmlns:ns2="http://tempuri.org/">
<ResponseStatus StatusCode="" Status="1" ts=” YYYY-MM-
DDThh:mm:ss+/-nn:nn” txn=""> //1-Success //0-Failure
</ResponseStatus>
<DocDetails>
<docContent>
//Bytes encoded with Base64 in string format
</docContent>
<UDF1></UDF1> //User Defined Field
<UDF2></UDF2> //User Defined Field
<UDF3></UDF3> //User Defined Field
</DocDetails>
</PullDocResponse>
Pull Doc API Response elements
ts (mandatory) = timestamp
txn (mandatory): Transaction id (same as the one received in the request)
statusCode (mandatory): URI identifies the document uniquely. Please refer to the
Document Codification Scheme to create the URI.
status (mandatory): Defined by the Issuers. By default it is “MAIN”. It is for future use, say
in case a Supporting Document Type is added to the repository.
docDetails (Mandatory): issuer can add meta content specific to doc here. e.g.
<taluka>Borivali</taluka>in this tag.
docContent (Mandatory): The ISSUER has to sign the PUSH request with its Digital
Signature.
UDF1 (Optional): User Defined Field
UDF2 (Optional): User Defined Field
UDF3 (Optional): User Defined Field