Using Protected APIs by using getOTP and confirmOTP to generate tokens

[rishabhj1717]

Could you provide with more details @abizerlokhandwala ?

[abizerlokhandwala]

Hey @rishabhj1717 ! We would want to use the Cowin protected APIs (https://apisetu.gov.in/public/marketplace/api/cowin/cowin-protected-v2#/) as:

1. Do not have cached responses.
2. Have no rate limiting.

The protected APIs do not work unless we pass an Authorization Bearer token. We can receive this token after receiving an OTP for a number, and successfully confirming it, through their OTP APIs. Though, the session lifetime for a token is ~15min. To have a scalable solution to use their APIs, we would need to:

1. Find a way of receiving OTPs by code (reading SMS through an API or so).
2. Be able to do this every 15min to avoid session expired errors.

We would need to see how we can make 1. possible. https://receive-smss.com/sms/917428730894/ is a website where you can use temporary numbers to send an SMS to, though there is no trivial way to receive the SMS data from there currently.