OTP Service
Overview
OTP Service is a core service that is available on the DIGIT platform. The service is used to authenticate the user in the platform. The functionality is exposed via REST API.
Pre-requisites
Before you proceed with the documentation, make sure the following pre-requisites are met -
Java 17
Key Functionalities
egov-otp is called internally by the user-otp service that fetches the mobile number and feeds to egov-otp to generate the 'n' DIGIT OTP.
Configuration Details
The below properties define the OTP configurations -
a) egov.otp.length
: Number of digits in the OTP
b) egov.otp.ttl
: Controls the validity time frame of the OTP. The default value is 900 seconds. Another OTP generated within this time frame is also allowed.
c) egov.otp.encrypt
: Controls if the OTP is encrypted and stored in the table.
Deployment Details
Deploy the latest version of egov-otp service.
Add role-action mapping for APIs.
Integration Details
Integration Scope
The egov-otp service is used to authenticate the user in the platform.
Integration Benefits
Can perform user authentication without impacting the other module.
In the future, this application can be used in a standalone manner in any other platforms that require a user authentication system.
Integration Steps
To integrate, the host of egov-otp module should be overwritten in the helm chart.
/otp/v1/_create
should be added as the create endpoint. Create OTP configuration API is an internal call from v1/_send endpoint. This endpoint is present in the user-otp service and removes the need for explicit calls./otp/v1/_validate
should be added as the validate endpoint. The OTP configuration end point validates the OTP with respect to the mobile number./otp/v1/_search
should be added as the search endpoint. This API searches the mobile number and OTP using uuid - mapping uuid to OTP reference number.
Reference Docs
Play around with the API's : DIGIT-Playground
Doc Links
API Swagger Documentation
API Details
BasePath
/egov-otp/v1
Egov-otp service APIs - contains create, validate and search endpoints
a) POST /otp/v1/_create
- create OTP configuration this API is an internal call from v1/_send endpoint. This endpoint present in the user-otp service removes the need for explicit calls.
b) POST /otp/v1/_validate
- validate OTP configuration this endpoint is to validate the OTP with respect to the mobile number
c) POST /otp/v1/_search
- Search the mobile number and OTP using uuid, uuid using the OTP reference number
Last updated