eSign - How it works

ASP sends the request xml for electronic signature with the required inputs (via Option: 1 or Option: 2) and obtains the response from eMudhra eSign Service.

Option: 1eSign API Model

In this scenario:
  • Step 1 ASP prepares / receives the document to be signed
  • Step 1A ASP performs eKYC with UIDAI using Aadhaar and authentication factor (OTP/Biometric) and receives the eKYC data
  • Step 2 ASP with the consent of the Aadhaar holder sends hash of the document and eKYC data to ESP to generate an electronic signature
  • Step 2A eMudhra ESP receives/validates the request and generates a key-pair for given user, obtains certificate (DSC) from eMudhra CA, then signs the document hash, and responds to ASP.
  • Step 2B eMudhra CA provides a short-term certificate (DSC) to eMudhra ESP, as per the request received (Form C).
  • Step 3 ASP receives the document signature and attaches the signature to the document.

Option: 2eSign Gateway Model

In this scenario:
  • Step 1 ASP prepares / receives the document to be signed and with the consent of the Aadhaar holder sends hash of the document and Aadhaar Number to ESP.
  • Step 2 eMudhra (ESP) receives/validates the request, provides user (Aadhaar Holder) to ‘Get OTP’ / ‘Capture Biometric’, performs KYC of user with UIDAI, obtains certificate (DSC) from eMudhra CA, then signs the document hash, and responds to ASP.
  • Step 2A UIDAI receives the request from eMudhra, validates it, and then provides the KYC data of requested Aadhaar Holder.
  • Step 2B eMudhra CA provides a short-term certificate (DSC) to eMudhra ESP, as per the request received (Form C).
  • Step 3 ASP receives the document signature and attaches the signature to the document.

More information can be obtained from the following document.
Download eSign API Specifications