ABDM M1 - harikrushnav/fhir_document GitHub Wiki

ABDM M1

M1 Test Cases mapping by Role

Creation of ABHA Number

Applicable To Private Application Government Application
Using Aadhaar OTP Mandatory Mandatory
Using Aadhaar Biometrics Optional Mandatory
Using Aadhaar Demographics (Offline) NA Mandatory
Using Driving License Optional Optional
Create ABHA Address Mandatory Mandatory
Download ABHA Card Mandatory Mandatory
Profile Update Optional Optional

Verification of ABHA Address

Applicable To Private Application Government Application
Scan Health Facility QR Mandatory Mandatory
Scan User ABHA QR Optional Optional
By OTP Mandatory Mandatory
New vs Returning Patients Mandatory Mandatory

Creation of ABHA Number using Aadhaar OTP

This guide outlines the step-by-step API calls required to create an ABHA number via Aadhaar OTP authentication.

1. Generate Session Token

Endpoint:

POST https://dev.abdm.gov.in/api/hiecm/gateway/v3/sessions

Headers:

  • REQUEST-ID: Unique UUID
  • TIMESTAMP: ISO 8601 format
  • X-CM-ID: sbx or abdm (based on environment)

Body:

{
  "clientId": "{{ClientId}}",
  "clientSecret": "{{ClientSecret}}",
  "grantType": "client_credentials"
}

Response:
Returns accessToken.

2. Encrypt Aadhaar Number

Public Key API:

GET https://abhasbx.abdm.gov.in/abha/api/v3/profile/public/certificate

Use the received publicKey and the algorithm RSA/ECB/OAEPWithSHA-1AndMGF1Padding to encrypt the Aadhaar number. You may use an external tool such as [DevGlan RSA Encryptor](https://www.devglan.com/online-tools/rsa-encrypt).

3. Login via Aadhaar OTP

Endpoint:

POST {{base_url}}/v3/enrollment/request/otp

Headers:

  • Authorization: Bearer {{accessToken}}
  • REQUEST-ID, TIMESTAMP

Body:

{
  "txnId": "",
  "scope": ["abha-enrol"],
  "loginHint": "aadhaar",
  "loginId": "{{Encrypted Aadhaar}}",
  "otpSystem": "aadhaar"
}

Response:
Returns a txnId.

4. (Optional) Resend Aadhaar OTP

Endpoint:

POST {{base_url}}/v3/enrollment/request/otp

Use the same payload as the previous step.

5. Enrol ABHA (Submit OTP and Mobile)

Endpoint:

POST {{base_url}}/v3/enrollment/enrol/byAadhar

Headers:

  • Authorization: Bearer {{accessToken}}
  • REQUEST-ID, TIMESTAMP

Body:

{
  "authData": {
    "authMethods": ["otp"],
    "otp": {
      "txnId": "{{txnId}}",
      "otpValue": "{{Encrypted OTP}}",
      "mobile": "{{MobileNumber}}"
    }
  },
  "consent": {
    "code": "abha-enrollment",
    "version": "1.4"
  }
}

Response:

  • ABHA profile details including ABHANumber, phrAddress, and tokens.

ABHA Created Successfully!

You now have an ABHA number created using Aadhaar OTP.

Create ABHA Address

Prerequisites

  • Valid ABHA Number
  • Mobile number linked with ABHA account
  • API authentication credentials

API Flow

Step 1: Generate Session Token

POST https://dev.abdm.gov.in/api/hiecm/gateway/v3/sessions

Headers:

  • REQUEST-ID: Unique UUID
  • TIMESTAMP: ISO 8601 format
  • X-CM-ID: sbx or abdm (based on environment)

Body:

{
  "clientId": "{{ClientId}}",
  "clientSecret": "{{ClientSecret}}",
  "grantType": "client_credentials"
}

Response: Returns accessToken.

Step 2: Check ABHA Address Availability

GET https://dev.abdm.gov.in/api/v1/phr/search/isExist?phrAddress={{proposed_address}}

Headers:

  • Authorization: Bearer {{accessToken}}
  • REQUEST-ID, TIMESTAMP

Response:

{
  "status": true/false,
  "message": "PHR address is available" 
}

Step 3: Initiate ABHA Address Creation

POST https://dev.abdm.gov.in/api/v1/phr/registration/hid/init

Headers:

  • Authorization: Bearer {{accessToken}}
  • REQUEST-ID, TIMESTAMP

Body:

{
  "healthId": "{{ABHA_Number}}",
  "healthIdNumber": "{{ABHA_Number}}"
}

Response:

{
  "txnId": "a728f282-c56f-4020-a5db-5d9b2a4c7869",
  "status": "SUCCESS"
}

Step 4: Request OTP

POST https://dev.abdm.gov.in/api/v1/phr/registration/hid/confirm/init

Headers:

  • Authorization: Bearer {{accessToken}}
  • REQUEST-ID, TIMESTAMP

Body:

{
  "txnId": "a728f282-c56f-4020-a5db-5d9b2a4c7869"
}

Response:

{
  "txnId": "a728f282-c56f-4020-a5db-5d9b2a4c7869",
  "mobileLinked": true,
  "status": "SUCCESS"
}

Step 5: Verify OTP

POST https://dev.abdm.gov.in/api/v1/phr/registration/hid/confirm/credential

Headers:

  • Authorization: Bearer {{accessToken}}
  • REQUEST-ID, TIMESTAMP

Body:

{
  "txnId": "a728f282-c56f-4020-a5db-5d9b2a4c7869",
  "authCode": "{{OTP}}"
}

Response:

{
  "txnId": "a728f282-c56f-4020-a5db-5d9b2a4c7869",
  "status": "SUCCESS"
}

Step 6: Create ABHA Address

POST https://dev.abdm.gov.in/api/v1/phr/registration/hid/confirm/phrAddress

Headers:

  • Authorization: Bearer {{accessToken}}
  • REQUEST-ID, TIMESTAMP

Body:

{
  "txnId": "a728f282-c56f-4020-a5db-5d9b2a4c7869",
  "phrAddress": "{{proposed_address}}@abdm",
  "password": "Xxxx@1234",
  "scope": ["LINK_PHR_ADDRESS"]
}

Response:

{
  "phrAddress": "johndoe@abdm",
  "status": "ACTIVE",
  "token": "eyJhbGciOiJSUzI1NiIsInR5...",
  "refreshToken": "eyJhbGciOiJSUzI1NiIsInR5...",
  "tokenType": "Bearer",
  "expiresIn": 1800,
  "status": "SUCCESS"
}

Step 7: Link ABHA Number with ABHA Address

POST https://dev.abdm.gov.in/api/v1/phr/link/hid

Headers:

  • Authorization: Bearer {{accessToken}}
  • REQUEST-ID, TIMESTAMP

Body:

{
  "phrAddress": "johndoe@abdm"
}

Response:

{
  "healthId": "14-XXXX-XXXX-XXXX",
  "phrAddress": "johndoe@abdm",
  "status": "SUCCESS"
}

Error Handling

All APIs return appropriate HTTP status codes:

  • 200: Success
  • 400: Bad Request
  • 401: Unauthorized
  • 403: Forbidden
  • 404: Not Found
  • 500: Internal Server Error

Standard error response format:

{
  "error": {
    "code": "ERROR_CODE",
    "message": "Detailed error message"
  },
  "status": "ERROR"
}

Additional Notes

  1. All API calls must include authentication headers
  2. ABHA Address format follows the pattern username@abdm
  3. Password must meet the security policy requirements
  4. OTP validity is typically 10 minutes
  5. The ABHA Address must be unique in the system

Download ABHA Card

Verification of ABHA Address by scan Health Facility QR

Verification of ABHA Address By OTP

Verification of ABHA Address of New vs Returning Patients

⚠️ **GitHub.com Fallback** ⚠️