Identity & Access Management

Members are onboarded to SahamatiNet by creating a entity profile, with at least one user designated to manage the member or entity profile and secret.

Here are the steps for a member to onboard.

Member & User Registration
Account Activation
- User
- Member

User Account Activation:

During onboarding, the designated user will receive an email with a link to verify their email address. Once verified, the user will be prompted to set up a password, finalizing the account activation process. Here are the main steps for activating a user account:

Verify email address
Set a password for the user account

Member (Entity) Activation:

To fully activate a member on SahamatiNet, at least one associated user must be activated. This user will then begin the process of generating a secret, which is crucial for future API interactions. The key steps for member activation are as follows:

Activate the user account associated with the member.
Generate a secret for the member (entity).

Once the member onboarded on SahamatiNet, the below APIs can be used by the associated user to manage the secret.

Scenario: Member Secret Management

Generate User Access Token: Use the User Token Generate API by providing email and password to get the access token. The access token should be used as the Authorization token for the steps below.
Reset Member Secret: Use the Secret Reset API by providing the entityId and Authorization token.
Read Member Secret: Use the Secreate Read API by providing the entityId and Authorization token to fetch the latest secret to use.

Below are the Base URL of each environment to use IAM APIs.

Environment	Base URL
Production	https://api.sahamati.org.in/iam
UAT	https://api.uat.sahamati.org.in/iam
Sandbox	https://api.sandbox.sahamati.org.in/iam

Environment

Base URL

Production

https://api.sahamati.org.in/iam

UAT

https://api.uat.sahamati.org.in/iam

Sandbox

https://api.sandbox.sahamati.org.in/iam

Token Generation APIs:

User Token Generate API

To generate a User Access Token, the user must provide their username (email) and the password configured during the account activation process. This access token is necessary for interacting with the member's secret management APIs. The access token has an expiry of 24 hrs. Below is the API specification.

POSThttps://api.sahamati.org.in/iam/v1/user/token/generate

Body

username*string

User email.

password*string

The password associated with the user.

Response

Successful response

Body

verstring

Example: "1.0.0"

timestampstring (date-time)

Example: "2024-07-16T11:33:34.509Z"

txnIdstring

Example: "f35761ac-4a18-11e8-96ff-0277a9fbfedc"

accessTokenstring

Example: ""

expiresIninteger

Example: 86400

tokenTypestring

Example: "Bearer"

Request

const response = await fetch('https://api.sahamati.org.in/iam/v1/user/token/generate', {
    method: 'POST',
    headers: {
      "Content-Type": "application/x-www-form-urlencoded"
    },
    body: JSON.stringify({
      "username": "text",
      "password": "text"
    }),
});
const data = await response.json();

Response

{
  "ver": "1.0.0",
  "timestamp": "2024-07-16T11:33:34.509Z",
  "txnId": "f35761ac-4a18-11e8-96ff-0277a9fbfedc",
  "accessToken": "",
  "expiresIn": 86400,
  "tokenType": "Bearer"
}

Entity Token Generate API

The generation of a Member (Entity) Access Token requires the ID (client ID) and the Secret. This token is used for the interaction with other members. The access token has an expiry of 24 hrs. Below is the API specification.

POSThttps://api.sahamati.org.in/iam/v1/entity/token/generate

Body

id*string

The entity ID.

secret*string

The secret associated with the entity.

Response

Successful response

Body

verstring

Example: "1.0.0"

timestampstring (date-time)

Example: "2024-07-16T11:33:34.509Z"

txnIdstring

Example: "f35761ac-4a18-11e8-96ff-0277a9fbfedc"

accessTokenstring

Example: ""

expiresIninteger

Example: 86400

tokenTypestring

Example: "Bearer"

Request

const response = await fetch('https://api.sahamati.org.in/iam/v1/entity/token/generate', {
    method: 'POST',
    headers: {
      "Content-Type": "application/x-www-form-urlencoded"
    },
    body: JSON.stringify({
      "id": "text",
      "secret": "text"
    }),
});
const data = await response.json();

Response

{
  "ver": "1.0.0",
  "timestamp": "2024-07-16T11:33:34.509Z",
  "txnId": "f35761ac-4a18-11e8-96ff-0277a9fbfedc",
  "accessToken": "",
  "expiresIn": 86400,
  "tokenType": "Bearer"
}

Member Secret Management APIs

Secret Reset API

The Secret Reset API is designed to allow an admin to reset a member's secret. To perform this action, an access token with administrative privileges for the specified member is required. Once reset, the newly generated secret will have a validity period of 60 days, after which it will need to be renewed or reset again. Below is the API specification.

POSThttps://api.sahamati.org.in/iam/v1/entity/secret/reset

Header parameters

Body

Information of the entity to reset its secret

ver*string

Example: "1.0.0"

timestamp*string (date-time)

Example: "2024-07-16T11:33:34.509Z"

txnId*string

Example: "f35761ac-4a18-11e8-96ff-0277a9fbfedc"

entityId*string

Example: "aa-1"

Response

Successful response

Body

verstring

Example: "1.0.0"

timestampstring (date-time)

Example: "2024-07-16T11:33:34.509Z"

txnIdstring

Example: "f35761ac-4a18-11e8-96ff-0277a9fbfedc"

entityIdstring

Example: "aa-1"

secretstring

Example: "xxxxxxxxxxxxxxxxxxxxx"

expiresOnnumber

Example: 1725010763

Request

Response

Secret Read API

The Secret Read API enables admin to retrieve the current secret for a specific member. To access this information, an user access token with administrative rights must be provided. Below is the API specification.

POSThttps://api.sahamati.org.in/iam/v1/entity/secret/read

Header parameters

Body

Information of the entity to read its secret

ver*string

Example: "1.0.0"

timestamp*string (date-time)

Example: "2024-07-16T11:33:34.509Z"

txnId*string

Example: "f35761ac-4a18-11e8-96ff-0277a9fbfedc"

entityId*string

Example: "aa-1"

Response

Successful response

Body

verstring

Example: "1.0.0"

timestampstring (date-time)

Example: "2024-07-16T11:33:34.509Z"

txnIdstring

Example: "f35761ac-4a18-11e8-96ff-0277a9fbfedc"

entityIdstring

Example: "aa-1"

secretstring

Example: "xxxxxxxxxxxxxxxxxxxxx"

expiresOnnumber

Example: 1725010763

Request

const response = await fetch('https://api.sahamati.org.in/iam/v1/entity/secret/read', {
    method: 'POST',
    headers: {
      "Authorization": "text",
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "ver": "1.0.0",
      "timestamp": "2024-07-16T11:33:34.509Z",
      "txnId": "f35761ac-4a18-11e8-96ff-0277a9fbfedc",
      "entityId": "aa-1"
    }),
});
const data = await response.json();

Response

{
  "ver": "1.0.0",
  "timestamp": "2024-07-16T11:33:34.509Z",
  "txnId": "f35761ac-4a18-11e8-96ff-0277a9fbfedc",
  "entityId": "aa-1",
  "secret": "xxxxxxxxxxxxxxxxxxxxx",
  "expiresOn": 1725010763
}

PreviousNetwork Telemetry Specs NextCentral Registry

Last updated 6 hours ago