search

Sunbird-RC / community

Repo to enable discussions, issue tracking & documentation for the Sunbird-RC projects
MIT License
12 stars 23 forks source link

Integrate Aadhar eKYC for new user registration #588

Open varadeth opened 1 year ago

varadeth commented 1 year ago

As a new user, I should be able to register using my digilocker credentials to EER

Following things need to be ensured on completion of this story

User should be able to login using digilocker credentials If a user is not present, the system should create a user User should be asked for more details which are not available through KYC User should be registered in the registry When logged in, the user should be able to see the VCs issued to him

varadeth commented 1 year ago

@rhwarrier, We need the api information to perform kyc operations. Aadhaar developer section has given out few sample data for the kyc. they also have a public AUA (Authentication User Agency). For the otp to be sent out, we need digital signature of a AUA. to get this, we need to send out an email to authsupport@uidai.net.in. Could you get this digital signature for public AUA?

For reference, I am following their developer section, ekyc_docs, otp_request_docs

Do you have anyone whom we can connect for the API information?

We are thinking to setup and test their APIs first. After that we might need to register as a AUA so that we start developing this

rhwarrier commented 1 year ago

In this specific case, we're using eKYC to register new users - i.e., the Name, DoB and Gender can be passed from Aadhaar linked DigiLocker, when the user carries out SSO using DigiLocker for the first time. Is the OTP required for providing user consent to share these details? It'll help if these needs can be articulated specifically, so that we have some pointed questions to take to the team.

@parthlawate would Nirmit be able to help you think ?

varadeth commented 1 year ago

Hi @rhwarrier, could you please add here the user flows where the aadhaar ekyc needs to be integrated?

parthlawate commented 1 year ago

@rhwarrier AFAIK once the user logins using SSO, we can make it part of that flow that consent is provided since the API would return this data.. And login would have an OTP already..

Are you saying additional consent needs to be taken ?

@snehal0904 are you handling this case in ULP ?

cc @surendrasinghs

tejash-jl commented 1 year ago

new user w/o credential -> sso login -> consent -> registration screen (ekyc + additional data) -> landing page (No VCs)

new user with credential -> sso login -> consent -> registration screen (ekyc + additional data) -> landing page (No VCs)

existing user with sso linkage -> sso login -> landing page (No VCs)

new user -> register -> registration screen -> login page -> landing page (No VCs)