SHEKHAR-SAHU-JAIPUR
commented
3 years ago It is not working because i am using test server api and test api-key ,, do i have to choose production api and ask developers for production api-key ???
Open SHEKHAR-SAHU-JAIPUR opened 3 years ago
SHEKHAR-SAHU-JAIPUR
commented
3 years ago It is not working because i am using test server api and test api-key ,, do i have to choose production api and ask developers for production api-key ???
siddhesh1770
commented
3 years ago You have to post mobile in Json
siddhesh1770
commented
3 years ago import json
import requests
mobo = {'mobile':'9999999999'}
headers = {# your client headers}
url = # post url
data = json.dumps(mobo)
r = requests.post(url , data = data, headers = headers)
parjanyaacoder
commented
3 years ago How to get API Key for production APIs ?
siddhesh1770
commented
3 years ago I tried applying for one but I received this response
parjanyaacoder
commented
3 years ago @siddhesh1770 They just told you that you require API key but did not gave you one.
siddhesh1770
commented
3 years ago As you can see in email, it says API to book appointments have NOT been made for private entities
maniteja
commented
3 years ago I tried applying for one but I received this response
hi can u send me email
kichappa
commented
3 years ago 'x-api-key': '3sjOr2rmM52GzhpMHjDEE1kpQeRxwFDr4YcBEimi'} myobj = { "mobile": "8387xxxxxx" } x = requests.post(url, json = myobj, headers=browser_header)
@SHEKHAR-SAHU-JAIPUR, not sure about the test server, but for the production server, you need to add a secret in your json.
myobj = {
"mobile": "9876543210",
"secret": <some token>
}
alokas
commented
3 years ago I am developing a subsystem in my company with the COWIN API's, after looking at the documentation, I found that, the following things are possible with the public API today
If you are trying to do anything different (book appointments), we need an API key, which they are not providing currently.
Now, if you are trying to the above, here is how you can do it.
Step 1: Generate an OTP
Given below is a curl request
curl --location --request POST 'https://cdn-api.co-vin.in/api/v2/auth/public/generateOTP' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data-raw '{"mobile":"9888812345"}'You will get a transaction ID in the request (Sample output)
{
"txnId": "2c009b5e-d218-47a9-992c-0e10531fcf1a"
}You would have received an OTP on the mobile.
Step 1b. Convert the OTP (6 digits) into a SHA 256 digest. You can write the code to do so in your language, but if you want to quickly test it, you can use the following website https://emn178.github.io/online-tools/sha256.html
I am converting a OTP of 111111
The output comes out to bcb15f821479b4d5772bd0ca866c00ad5f926e3580720659cc80d39c9d09802a
Step 2: Authenticate the OTP, Please pass the transaction ID and the SHA-256 hash of the OTP
curl --location --request POST 'https://cdn-api.co-vin.in/api/v2/auth/public/confirmOTP' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--data-raw '{
"otp": "bcb15f821479b4d5772bd0ca866c00ad5f926e3580720659cc80d39c9d09802a",
"txnId": "2c009b5e-d218-47a9-992c-0e10531fcf1a"
}'This will give you a JWT token as output, please use that for bearer. in any other queries (The certificate download one). For others we need an API key, but its not given out. I hope this helps
kichappa
commented
3 years ago @alokas use the Protected APIs if OTP authentication is being done anyway. It is better and responds with real-time data.
siddhesh1770
commented
3 years ago I tried applying for one but I received this response
hi can u send me email
[partners@digitallocker.gov.in]()
viksharma1987
commented
3 years ago How long can we use the same bearer token? @alokas
siddhesh1770
commented
3 years ago How long can we use the same bearer token? @alokas
15 minutes
kichappa
commented
3 years ago @dineshmenon could you describe your process of accessing the API and where you are running the script at?
Nevermind. Add these to your headers and see if the issue persists.
"origin": "https://selfregistration.cowin.gov.in",
"referer": "https://selfregistration.cowin.gov.in/"@dineshmenon Okay, this might be silly, but...
validateMobileOTP
Are you using https://cdn-api.co-vin.in/api/v2/auth/validateMobileOtp or https://cdn-api.co-vin.in/api/v2/auth/validateMobileOTP?.
Also, your code seems fine to me, and a similar code is working for me right now.
kichappa
commented
3 years ago I hope this is the right one, isn't it?
Yeah, the Otp is the right one for validation but OTP is the correct one while generation. Odd.
clinomaniacop
commented
3 years ago @alokas For the vaccination certificate API , where should we send the API key? And if we need a API key why is it ;listed in public APIs?
alokas
commented
3 years ago @alokas For the vaccination certificate API , where should we send the API key? And if we need a API key why is it ;listed in public APIs?
Anurag, for the public API, we don't need the API key. But we do need the mobile OTP
Once this is done, then you will get a bearer token.
You will also need to know the beneficiary ID in advance.
GET /v2/registration/certificate/public/download
This one will accept the bearer token generated above.
There are no public APIs for getting the list of beneficiary's associated with the mobile number.
alokas
commented
3 years ago Please let me know if you need a code sample for download of the the certificate.
clinomaniacop
commented
3 years ago @alokas I have got all the things sorted till the vaccine certificate generation snippet. I have generated the top ( without the key ) , validated it, and used the bearer token in the header for the vaccination certificate download. And the certificate is also downloading. However, the certificate reads " Unauthenticated access ". When I return the status code of the response it reads 401. I have even copy-pasted my code in issue #386. Could you please look into it once? Thank you
alokas
commented
3 years ago Here is the code that I just tested, and I was able to download my. certificate. Please replace the phone number in line 11 and beneficiary id in line 50
`import requests import hashlib from pathlib import Path
print ("Running Generate OTP");
URL = "https://cdn-api.co-vin.in/api/v2/auth/public/generateOTP" response = requests.post(URL, json={ "mobile": "9876543210" }, headers={ "accept": "application/json", "content-type": "application/json", "User-Agent" : "PostmanRuntime/7.28.0", "Accept-Encoding" : "gzip, deflate, br", "Host": "cdn-api.co-vin.in" })
print (response.text)
otp=str(input("Enter the recieved OTP: "))
otpHash=hashlib.sha256(otp.encode()).hexdigest()
print("Running Confirm OTP Call");
URL = "https://cdn-api.co-vin.in/api/v2/auth/public/confirmOTP" response = requests.post(URL, json={ "otp": otpHash, "txnId": response.json()['txnId'] }, headers={ "accept": "application/json", "content-type": "application/json", "User-Agent" : "PostmanRuntime/7.28.0", "Accept-Encoding" : "gzip, deflate, br", "Host": "cdn-api.co-vin.in" })
print (response.json());
bearer_token=response.json()['token']
ben_id="12345678912340";
URL = "https://cdn-api.co-vin.in/api/v2/registration/certificate/public/download?beneficiary_reference_id=" + str(ben_id)
response = requests.get(URL, headers={ "accept": "application/pdf", "content-type": "application/json", "User-Agent" : "PostmanRuntime/7.28.0", "Accept-Encoding" : "gzip, deflate, br", "Host": "cdn-api.co-vin.in", "authorization": "Bearer {}".format(bearer_token) })
filename = ben_id + ".pdf" filehandle = Path(filename) filehandle.write_bytes(response.content)
`
klpradeepkl
commented
3 years ago I am developing a subsystem in my company with the COWIN API's, after looking at the documentation, I found that, the following things are possible with the public API today
- Authenticate a mobile number using an OTP
- Download the certificate (provisional)
- Look for slots (cached information for 30 mins) based on Lat/Long / District and PinCode
If you are trying to do anything different (book appointments), we need an API key, which they are not providing currently.
Now, if you are trying to the above, here is how you can do it.
Step 1: Generate an OTP
Given below is a curl request
curl --location --request POST 'https://cdn-api.co-vin.in/api/v2/auth/public/generateOTP' \ --header 'Accept: application/json' \ --header 'Content-Type: application/json' \ --data-raw '{"mobile":"9888812345"}'You will get a transaction ID in the request (Sample output)
{ "txnId": "2c009b5e-d218-47a9-992c-0e10531fcf1a" }You would have received an OTP on the mobile.
Step 1b. Convert the OTP (6 digits) into a SHA 256 digest. You can write the code to do so in your language, but if you want to quickly test it, you can use the following website https://emn178.github.io/online-tools/sha256.html
I am converting a OTP of 111111
The output comes out to bcb15f821479b4d5772bd0ca866c00ad5f926e3580720659cc80d39c9d09802a
Step 2: Authenticate the OTP, Please pass the transaction ID and the SHA-256 hash of the OTP
curl --location --request POST 'https://cdn-api.co-vin.in/api/v2/auth/public/confirmOTP' \ --header 'Content-Type: application/json' \ --header 'Accept: application/json' \ --data-raw '{ "otp": "bcb15f821479b4d5772bd0ca866c00ad5f926e3580720659cc80d39c9d09802a", "txnId": "2c009b5e-d218-47a9-992c-0e10531fcf1a" }'This will give you a JWT token as output, please use that for bearer. in any other queries (The certificate download one). For others we need an API key, but its not given out. I hope this helps
With & without authentication public/protected endpoints for certificate i am getting 401 unauthorized error. Are you still able to generate certificate ?
alokas
commented
3 years ago I am developing a subsystem in my company with the COWIN API's, after looking at the documentation, I found that, the following things are possible with the public API today
- Authenticate a mobile number using an OTP
- Download the certificate (provisional)
- Look for slots (cached information for 30 mins) based on Lat/Long / District and PinCode
If you are trying to do anything different (book appointments), we need an API key, which they are not providing currently. Now, if you are trying to the above, here is how you can do it. Step 1: Generate an OTP Given below is a curl request
curl --location --request POST 'https://cdn-api.co-vin.in/api/v2/auth/public/generateOTP' \ --header 'Accept: application/json' \ --header 'Content-Type: application/json' \ --data-raw '{"mobile":"9888812345"}'You will get a transaction ID in the request (Sample output)
{ "txnId": "2c009b5e-d218-47a9-992c-0e10531fcf1a" }You would have received an OTP on the mobile. Step 1b. Convert the OTP (6 digits) into a SHA 256 digest. You can write the code to do so in your language, but if you want to quickly test it, you can use the following website https://emn178.github.io/online-tools/sha256.html I am converting a OTP of 111111 The output comes out to bcb15f821479b4d5772bd0ca866c00ad5f926e3580720659cc80d39c9d09802a Step 2: Authenticate the OTP, Please pass the transaction ID and the SHA-256 hash of the OTP
curl --location --request POST 'https://cdn-api.co-vin.in/api/v2/auth/public/confirmOTP' \ --header 'Content-Type: application/json' \ --header 'Accept: application/json' \ --data-raw '{ "otp": "bcb15f821479b4d5772bd0ca866c00ad5f926e3580720659cc80d39c9d09802a", "txnId": "2c009b5e-d218-47a9-992c-0e10531fcf1a" }'This will give you a JWT token as output, please use that for bearer. in any other queries (The certificate download one). For others we need an API key, but its not given out. I hope this helps
With & without authentication public/protected endpoints for certificate i am getting 401 unauthorized error. Are you still able to generate certificate ?
I have sent the sample code, on top. Please see if that is working. You will need to pass additional headers lie the connection and the Host header.
import requests
url = "https://api.demo.co-vin.in/api/v2/auth/generateOTP"
browser_header = {'User-Agent': 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36', 'x-api-key': '3sjOr2rmM52GzhpMHjDEE1kpQeRxwFDr4YcBEimi'}
myobj = { "mobile": "8387xxxxxx" }
x = requests.post(url, json = myobj, headers=browser_header)
txnid = x.text[10:-2] print(txnid)
url2 = "https://api.demo.co-vin.in/api/v2/appointment/sessions/findByDistrict?district_id=512&date=31-03-2021&vaccine=COVISHIELD"
browser_header2 = {'User-Agent': 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36', 'Authorization': f'Bearer {txnid}'}
print(browser_header2)
y = requests.get(url2, headers=browser_header2)
print(y.text)