I am getting OTP but , I am not able to verify it using /confirmOTP api, it always says invalid otp.

cowinapi / developer.cowin

This group is created to facilitate technical and integration discussions related to cowin platform. API related contents can be obtained at API setu portal https://apisetu.gov.in/public/marketplace/api/cowin

115 stars 30 forks source link

I am getting OTP but , I am not able to verify it using /confirmOTP api, it always says invalid otp. #155

Open Vmit2 opened 3 years ago

Vmit2 commented 3 years ago

I am getting OTP but , I am not able to verify it using /confirmOTP api, it always says invalid otp. Also the OTP I received is 6 digit number. but the OTP given in Docs for /confirmOTP API is alphanumeric encoded string. I am passing correct transaction Id. Please suggest what is wrong.

Sanket1306 commented 3 years ago

use SHA 256 encryption for it

Vmit2 commented 3 years ago

@sanket1306 It worked thanks, One more query, for how much time this token is valid?

lyveng commented 3 years ago

Short answer: 15 minutes You can decode the token at https://www.jsonwebtoken.io/. Then convert the exp timestamp to see the expiry time.

anmolkhemuka commented 3 years ago

I have a follow-up question. As you are verifying the OTP using API, are you also booking the slots using API, so is the process fully automated?

Vmit2 commented 3 years ago

I have a follow-up question. As you are verifying the OTP using API, are you also booking the slots using API, so is the process fully automated?

I didn't tried it, I thought captcha will not allow us to programmatically Book Slots. What do you think? Is it possible ?

meera-qa03 commented 3 years ago

@Sanket1306 use SHA 256 encryption for it - how to do this?

dondsouza commented 3 years ago

@meera-qa03 SHA256 is a hashing scheme and not an encryption scheme. You'll find many online converter or Opensource libraries.

siddhesh1770 commented 3 years ago

I have a follow-up question. As you are verifying the OTP using API, are you also booking the slots using API, so is the process fully automated?

yes it is possible but it's protected for Government organizations like Arogya Setu, Umang etc. only and not to Public

siddhesh1770 commented 3 years ago

@Sanket1306 use SHA 256 encryption for it - how to do this?

Use hashlib for Python

siddhesh1770 commented 3 years ago


import hashlib
str = "Follow siddhesh1770 on GitHub"
result = hashlib.sha256(str.encode())
print("The hexadecimal equivalent of SHA256 is : ")
print(result.hexdigest())

shekharkumar86 commented 3 years ago

@Sanket1306 It worked thanks, One more query, for how much time this token is valid?

i am doing the same thing but i am getting the error

https://cdndemo-api.co-vin.in/api/v2/auth/public/confirmOTP

{ "otp": "EF52974EEF36A035D5C42F958BBE51C1AE2749B1A8CD4AB98B92D96587F8F480", "txnId": "4372ab34-1728-43ca-a031-05257ca69c77" }

resp : { "errorCode": "USRAUT0014", "error": "Invalid OTP" }

please help me. where i am wrong here.

siddhesh1770 commented 3 years ago

@Sanket1306 It worked thanks, One more query, for how much time this token is valid?

i am doing the same thing but i am getting the error

https://cdndemo-api.co-vin.in/api/v2/auth/public/confirmOTP

{ "otp": "EF52974EEF36A035D5C42F958BBE51C1AE2749B1A8CD4AB98B92D96587F8F480", "txnId": "4372ab34-1728-43ca-a031-05257ca69c77" }

resp : { "errorCode": "USRAUT0014", "error": "Invalid OTP" }

please help me. where i am wrong here.

That hash is incorrect

shekharkumar86 commented 3 years ago

@Sanket1306 It worked thanks, One more query, for how much time this token is valid?

i am doing the same thing but i am getting the error https://cdndemo-api.co-vin.in/api/v2/auth/public/confirmOTP { "otp": "EF52974EEF36A035D5C42F958BBE51C1AE2749B1A8CD4AB98B92D96587F8F480", "txnId": "4372ab34-1728-43ca-a031-05257ca69c77" } resp : { "errorCode": "USRAUT0014", "error": "Invalid OTP" } please help me. where i am wrong here.

That hash is incorrect

i am converting my otp into SHA256 from this link

https://www.convertstring.com/Hash/SHA256

what should i use, please suggest.

siddhesh1770 commented 3 years ago

@Sanket1306 It worked thanks, One more query, for how much time this token is valid?

i am doing the same thing but i am getting the error https://cdndemo-api.co-vin.in/api/v2/auth/public/confirmOTP { "otp": "EF52974EEF36A035D5C42F958BBE51C1AE2749B1A8CD4AB98B92D96587F8F480", "txnId": "4372ab34-1728-43ca-a031-05257ca69c77" } resp : { "errorCode": "USRAUT0014", "error": "Invalid OTP" } please help me. where i am wrong here.

That hash is incorrect

i am converting my otp into SHA256 from this link

https://www.convertstring.com/Hash/SHA256

what should i use, please suggest.

Use this https://md5decrypt.net/en/Sha256/

shekharkumar86 commented 3 years ago

still i am facing the same issue https://cdndemo-api.co-vin.in/api/v2/auth/public/confirmOTP

OTP: 115202 {"otp":"3e9de9db35f87fbcfca4eff8bc42eae44cfed4a9e88820e84169e3ac922e5221","txnId":"79f3c8e5-5d29-4a32-a0b0-ca834ad5b3a0"}

{"errorCode":"USRAUT0024", "error":"Beneficiary Not Registered"}

please let me know where i am wrong here

Souravgithub1999 commented 3 years ago

Search SHA-256 representation JavaScript Codepen you get the solution