Introduction Last updated: 2021-07-23
Security module as a software service (SMAASS) is what we are bringing to the software world. In that arena Keyless authentication is the heart of our SDK vis-a-vis APIs. It also addresses password-less access and personal token usage. Personal token makes password and username obsolete. Our aim is to introduce a new direction in API security: This respects the use of biometric, verifiable credentials, primary authentication device and factors of advanced authentication.
The infrastructure is not held so specific as well as the operation system: Our instructions could be embedded anywhere you choose for the protection of your privacy and security of your information. Thus we say it is plat-from agnostic.
There are three small apps located in APIS folder on our node to demonstrate these functionality. We also have two environments for development/testing and production.
- Commonauth: This is fundamentally for authentications
- Lokdon: This simply a communication solution
- Rasbita: This is risk assessment score by impact and threat analysis
Instructions:
a) All APIs follow HTTP request type POST/GET
b) JSON format support only irrespective to HTTP request type
c) After login you will get api key
d) api_key may be passed in header or in body as
parameter
d) Response code: 0-Success, otherwise.
f) If api_key pass in header then simply
pass as a Authorization
g) Date format : YYYY-MM-DD
URL Structure
URL Structure URL endpoints should be well formed and should be easily understandable.
Lokdon Base URL:
New (url with Fully qualified domain name):
http://apilokdon.com/api/v1/lokdon
Rasbita Base URL :
New (url with Fully qualified domain name)
http://apilokdon.com/api/v2/rasbita
Common Auth Base URL :
New (url with Fully qualified domain name)
http://apilokdon.com/api/auth
LOKDON APIs
Register
Purpose: to register a user on lokdon app. Creates a profile in database and
inserts a record for authentication in common-auth database.
URL:
New (url with Fully qualified domain name)
http://apilokdon.com/api/v1/lokdon/register/
Request Format : {
"email": "{Ľt1&đGèLh83hÝ+ĕxŁ!1ĽāZĝįĠ",
"password": "O¿¦ćH1ËĆSÒĮd-bkf/Čmò1îæxþ@1ļ",
"phone_number": "ËĆSÒĮd-bkf/Č",
"imei": "70x1234",
"dob": "2011-12-05",
"username": "{Ľt1&đGèLh83hÝ+ĕxŁ!1ĽāZĝįĠ",
"first_name": "{Ľt1&đGèLh83hÝ+ĕxŁ!1ĽāZĝįĠ",
"last_name": "{Ľt1&đGèLh83hÝ+ĕxŁ!1ĽāZĝįĠ",
"address": "{Ľt1&đGèLh83hÝ+ĕxŁ!1ĽāZĝįĠ",
}
Response: {
"message": "User Registered with Lokdon",
"response_code": "1",
"data": "",
}
SetPIN
Purpose: To set a pin for accessing data/ transactions/password updations in app.
Inserts MPIN for registered users to database, updates user profile and adds two
types of security pin in profile viz. m3pin and m3pinStripped.
#last 8 chars of pin are M3 stripped off and KT3 is saved with MPIN as M2+K1+K2+K3
# total 19 chars should be in lockpin (8charsM2+ 3char M3M2M1+ chars M3)
URL : New (url with Fully qualified domain name)
http://apilokdon.com/api/v1/lokon/setpin/
Request Format : {
"apikey": "ywajl0o3ds9r78t2vupcqz1gkenmx5ib",
"email": "fĨ;øĊ®Æğî%I÷ö¶ă¿î[<;",
"mpin": "fĨ;2ìμð3.ú¶ü=it5727ut8",
}
(Note: You will get API KEY after login in response.)
Response: {
"message": "User with this email is not
registered",
"response_code": "1",
"data": "",
}
Response: {
"message": "Security PIN added for your profile",
"response_code": "0",
"data": "",
}
CheckPIN
Purpose: user can supply guess mpin after encrypting it from any device loaded with
lokdon app. if someone losses it from device, he/she will hit this api for retrieval
of his/her pin. This can be done by app outer pages without login.
URL:New (url with Fully qualified domain name)
http://apilokdon.com/api/v1/lokdon/checkpin/
Request Format : {
"apikey": "ywajl0o3ds9r78t2vupcqz1gkenmx5ib",
"encryptedmpin": "ZWčeē3ZWTē",
"email": "fĨ;øĊ®Æğî%I÷ö¶ă¿î[<;",
}
Response: {
"message": "Perhaps you have not set MPIN
yet",
"response_code": "1",
"data": "",
}
Response: {
"message": "Here is your MPIN",
"response_code": "0",
"data": "7765",
}
Update Profile
Purpose: To update basic details as of now only DOB.
URL :
Request Format : {
"first_name": "Ô'2A©d",
"last_name": "ÐąČP§Ēģμ/",
"username": " ́«'±2ÌÈ",
"email": "i8ğ£·I,=ĵČijÓċĺGÛμÑ",
"phone_number": "ß:4U/|!S2ďïd",
"address": "ĉOÌÉ)+Ĭ3ðI< ́i@|ĵĤÇïEÄuÀçįs&ÚÉ£wĸ",
"dob": "Ħ,Ñ*iIdĩ%ö¬à",
"apikey": "2fxa5t0sv1h8gkym4oeuiz9wbdjrqpc7",
}
Response: {
"message": "Your Details Updated Successfully",
"response_code": "0",
"data": "complete JSON object of
request",
}
Create Wallet
Purpose: Each user when registered on lokdon app , automatically gets a wallet . Upon
succesfull registration, the api is hit back to back. The default amount in wallet
is $.25. Creates a unique wallet with IMEI and name of lokdon user. This wallet will
be unique so, it will be created with fingerprint and name later.
URL:
New (url with Fully qualified domain name)
http://apilokdon.com/api/v1/lokdon/createwallet/
Request Format : {
"email": "3l·ÜċK ̧f·ĶóWÐĨģĮĊ",
"apikey": "4bi8zdqv376m1yxrhtfckap5uwe0s2jg",
"imei": "8510835960991199",
}
Response: {
"message": "Wallet created
successfully",
"response_code": "0",
"data": "
{
'wallet_hash' : ‘12331dqwecsdfwrq144%612`78*4--#’,
'balance' : '.25',
'currency_type': '0' (USD)
} ",
}
Response: {
"message": "User with this email is not registered",
"response_code": "1",
"data": "",
}
Get Wallet Information
Purpose: get Wallet Details for the lokdon user. Input is encrypted email id and api
key
New (url with Fully qualified domain name)
http://apilokdon.com/api/v1/lokdon/getwalletinfo/
Request Format : {
"email": "3l·ÜċK ̧f·ĶóWÐĨģĮĊ",
"apikey": "4bi8zdqv376m1yxrhtfckap5uwe0s2jg",
}
Response: {
"message": "Your Wallet details",
"response_code": "0",
"data": "
{
‘wallet_hash’ : ‘glxIfDtjdMxKPCvjg2NjY3NjAzMTkxNzg2NzE1MzA2OTgzMTY=’,
‘balance’ : 50100.00
‘currency_type’: 0
} ",
}
Response: {
"message": "Invalid or Blank mail id Given",
"response_code": "1",
"data": "", ig,
}
Get M3 PIN
Purpose: Payment Receiver asks for M3 PIN stripped , of sender from server.
input : email or phone number of sender, api_key of requester
output: M3 encrypt stripped off, of sender
New (url with Fully qualified domain name)
http://apilokdon.com/api/v1/lokdon/getm3pin/
Request Format : {
"sender_email": "¥ąÛpc3aû0ā*Ýð5é8ģĹĉ",
"sender_phone": "ß:4U/|!S2ďïd",
"my_api_key": "9rincs4568kvodqzp7eg1bhuj32tmlwf",
}
Response: {
"message": "Sender M3 Pin Stripped off",
"response_code": "0",
"data": "
{
'm3encrypt' : m3pin
}",
}
Response: {
"message": "Either provide email or mobile number of sender",
"response_code": "1",
"data": "",
}
Response: {
"message": "You are not registered with Lokdon",
"response_code": "1",
"data": "",
}
Normal Transaction Within Network
a) A fills the details of transactions viz. amount, currency_type (lokcoins),
receiver email/phone
b) Session is initailized from A's device and request encrypt is sent to server.
c) Server checks wallet details of A.
d) If wallet has sufficient amount and no pending outstanding payment in queue (sent
earlier to any user), server accepts the request.
e) Server sends encrypted notification SMS/email to B about details of payment
f) Once B validates that he/she is valid recipient, the amount would be credit to
B's wallet.
Ques: How will B validate here that he/she is actual recipient? Ans: ZKP
g) The same amount from A's wallet would be deducted and confirmation sms would be
sent.
h) Verification of receiver would not be required , if both parties has done
transactions for at least once.
i) If user B doesn’t validated him/herself within 24 hrs, the transaction would be
cancelled and both parties Would be notified. A's wallet would be refilled with the
amount of that transaction.
j) All details for any transaction would be encrypted and saved.
Confirm payment
Purpose: Receiver acknowledges the sender and sender also acknowledges the receiver
using this API.
New (url with Fully qualified domain name)
http://apilokdon.com/api/v1/lokdon/confirmpayment/
POST Request : {
"amount": "$UĒ0ú~",
"from_phone": "¦ĥĬVvʶÇĪġasÿĪ·ĭ",
"payment_leg": "B",
"session": "XhKpWnYwZCE4WMK8",
"to_mobile": "<}ÀĖÈ%7l·}ÜRU!Hćð",
}
Payment Legs only would be A and B, for sender and receiver respectively. If A is confirming payments, then payment_leg would be B and if B is confirming , the payment leg would be A.
Response: {
"message": "Sender is not registered with Lokdon",
"response_code": "1",
"data": "",
}
OR
Response: {
"message": "sender is having low balance than required",
"response_code": "0",
"data": "",
}
OR
Response: {
"message": "Payment processed successfully",
"response_code": "0",
"data": "{
'transaction_type' : '1' ,
'status' : '1' ,
'trans_id' :“exdPpyco01@!,
'currency' : '0'
}",
}
OR
Response: {
"message": "No Pending Payments for you",
"response_code": "1",
"data": " ",
}
Create Session
Initiating a payment from sender to receiver. check users balance, if balance is
there, system will return a transaction Id. Server puts the details in transaction
queue. Each time, a user initiate a transaction, it is validated with previous
queued transactions.
input: sender email, sender apikey, amount, receiver phone number OR receiver email
(encrypted)
Output: {
"data": "{
transaction Id : 0x123456
receiver profile_type: 0 or internal, 1 for external
}",
}
POST Request : {
"amount": "μY¶!đé",
"apikey": "1fhy4u7mwtrke0loz36vgxijqbps8c2d",
"recv_email": "öî£CĴ$ĕô,C¥. ̄¥á+ĺ",
"recv_mobile": "ÖDqx6ü®×ĺ·±Lú:ċm",
"sender_email": "Ùâħ2ąýĪÿĊĞĩÜĕĕ ́ĦüA«5",
}
All parameters are necessary.
OR
Response: {
"message": "You have insufficient balance",
"response_code": "1",
"data": "",
}
OR
Response: {
"message": "User is inside Lokdon network",
"response_code": "0",
"data": "{
'sessionid': sessionId,
'profile' : '0'
}",
}
OR
Response: {
"message": "User is external to Lokdon network",
"response_code": "1",
"data": "data",
}
List of Transactions
Fetch Details of a user transactions, it would be received or sent if transaction is
successful. We show temporary transactions too, those transactions which are
pending.
Input: email of user, api_key of user, phone number of user
Output: transactionId and its details Listing of all transactions done by a user.
New (url with Fully qualified domain name)
http://apilokdon.com/api/v1/lokdon/transactions/
POST Request: {
"email": "¥ąÛpc3aû0ā*Ýð5é8ģĹĉ",
"mobile": "ß:4U/|!S2ďïd",
"api_key": "9rincs4568kvodqzp7eg1bhuj32tmlwf",
}
Response: {
"message": "List of transactions for you",
"response_code": "0",
"data": "[
{
“transactionid” : “0x1234”,
“date: “2018-12-12 34:46:13”,
“remote_mobile” : “9818418090”,
“amount” : “34.00”,
“from” : “9911990190”,
“transaction_type”: “debit”,
“sessionid” : “235644758653csfet23”,
“status” : “Success”
},
{
“transactionid” : “12363314”,
“date: “2017-12-04 34:46:13”,
“from” : “9818418090”,
“amount” : “300.00”,
“remote_mobile” : “9911990190”,
“transaction_type”: “credit”,
“currency_type”: “$”,
“sessionid” : “6735644758653csfet23”,
“status” : “Success”
} ] ",
}
Login
New (url with Fully qualified domain name)
http://apilokdon.com/api/auth/login/
Request Body
JSON: {
"email": "ÚČ`ç!ñµÐĠÆÅĖ¢$?ĖCĔ2Ł",
"password": "®ÿÜĠjâø°±:Ãί<óÚ:¡yüĘļ",
"appid": "102",
"imei": "357574096682607",
}
Response: {
"message": "Authentication Sucessfull",
"response_code": "0",
"data": "{ "email" : "olayinka@gmail.com"
, "fullname" : "Olayinka Adeyemi" ,
"username" : "olayinka" ,
"dateofbirth": "2019-12-03" ,
"phone" : "+2349091131695" ,
"address" : "Garki, Abuja",
"api-key" : "fptw0h7lax4s1z56nryevq9mkoji38gu" ,
"photo" : "http://apilokdon.com/media/FB_IMG_15727927160677461_0WEZ0oc.jpg" ,
"mpin" : "À ¿õ¾ô4ĘĚå=" “uwa”:”À ¿õ¾ô4ĘĚå=”
} ",
}
Password Updating
POST Request for Password Updating
New (url with Fully qualified domain name)
http://apilokdon.com/api/auth/changepass/
Request Body
Request JSON: {
"email": "ÚČ`ç!ñµÐĠÆÅĖ¢$?ĖCĔ2Ł",
"password": "®ÿÜĠjâø°±:Ãί<óÚ:¡yüĘļ",
"appid": "102",
}
Response: {
"message": "User doesnot exist",
"response_code": "1",
"data": " ",
}
Update Balance
URL: http://apilokdon.com/api/v1/lokdon/update_balance/
Request: {
"email": "< encrypted email >, (REQUIRED)",
"amount": "< encrypted amount >, (REQUIRED)",
"currency": "currency if other than USD,(Optional)",
"amount": "< encrypted amount >, (REQUIRED)",
"transaction_reference": "txref encrypted,(REQUIRED)",
}
Response: {
Success : {
"message": "Licence Registered Successfully",
"response_code": "0",
"data": " " ,
}
Error:[
1. {'response_code': '1', 'message' : f'Unable to Create License <{error message}>', 'data': ""}
2. {'response_code': '1', 'message' : 'User Not Found', 'data': ""}
3. {'response_code': '1', 'message' : cannot be Null or an empty String', 'data': ""}
4. {'response_code': '1', 'message' : 'Licence Data matching User already exists', 'data': ''}
5. {'response_code': '1', 'message' : f'Error connecting to pyj4: {e}', 'data': ""}
6. {'response_code': '1', 'message' : 'Unable to decode Data...Make sure data is in Json Format, add
application/json in header and try again', 'data': ""}
]
}
Add User Licence
URL: http://apilokdon.com/api/v1/lokdon/add_user_licence/
Request: {
"email": "< encrypted email >, (REQUIRED)",
"amount_paid": "< encrypted amount >, (REQUIRED)",
"number_of_users": "< encrpted >, (REQUIRED)",
"user_category": " < encrypted amount >, (REQUIRED)",
"no_of_paid_users": " encrypted,(REQUIRED)",
"no_of_default_users": " encrypted,(REQUIRED)",
"sub_end_date": " encrypted,(REQUIRED)",
"sub_start_date": " encrypted,(REQUIRED)",
}
Response: {
Success : {
"message": "Licence Registered Successfully",
"response_code": "0",
"data": " " ,
}
Error:[
1. {'response_code': '1', 'message' : f'Unable to Create License <{error message}>', 'data': ""}
2. {'response_code': '1', 'message' : cannot be Null or an empty String', 'data': ""}
3. {'response_code': '1', 'message' : 'User Not Found', 'data': ""}
4. {'response_code': '1', 'message' : 'Licence Data matching User already exists', 'data': ''}
5. {'response_code': '1', 'message' : f'Error connecting to pyj4: {e}', 'data': ""}
6. {'response_code': '1', 'message' : 'Unable to decode Data...Make sure data is in Json Format, add
application/json in header and try again', 'data': ""}
]
}
Check User
URL: http://apilokdon.com/api/v1/lokdon/check_user/
Request: {
"email": "< encrypted email >, (REQUIRED)",
}
Response: {
Success : {
"message": "Licence data Found",
"response_code": "0",
"data": "data ",
}
Error:[
1. {'response_code': '1', 'message' : f'Unable to Create License <{error message}>', 'data': ""}
2. {'response_code': '1', 'message' : 'User Not Found', 'data': ""}
3. {'response_code': '1', 'message' : cannot be Null or an empty String', 'data': ""}
4. {'response_code': '1', 'message' : 'Licence Data matching User already exists', 'data': ''}
5. {'response_code': '1', 'message' : f'Error connecting to pyj4: {e}', 'data': ""}
6. {'response_code': '1', 'message' : 'Unable to decode Data...Make sure data is in Json Format, add
application/json in header and try again', 'data': ""}
]
}
Deactivate Licence
URL: http://apilokdon.com/api/v1/lokdon/deactivate_licence/
Request: {
"email": "< encrypted email >, (REQUIRED)",
}
Response: {
Success : {
"message": "User Updated successfully",
"response_code": "0",
"data": "data ",
}
Error:[
1. {'response_code': '1', 'message' : f'Unable to Create License <{error message}>', 'data': ""}
2. {'response_code': '1', 'message' : 'User Not Found', 'data': ""}
3. {'response_code': '1', 'message' : cannot be Null or an empty String', 'data': ""}
4. {'response_code': '1', 'message' : 'Licence Data matching User already exists', 'data': ''}
5. {'response_code': '1', 'message' : f'Error connecting to pyj4: {e}', 'data': ""}
6. {'response_code': '1', 'message' : 'Unable to decode Data...Make sure data is in Json Format, add
application/json in header and try again', 'data': ""}
]
}
Activate Licence
URL: http://apilokdon.com/api/v1/lokdon/activate_licence/
Request: {
"email": "< encrypted email >, (REQUIRED)",
"amount_paid": "< encrypted amount >, (REQUIRED)",
"number_of_users": "< encrpted >, (REQUIRED)",
"user_category": " < encrypted amount >, (REQUIRED)",
"no_of_paid_users": " encrypted,(REQUIRED)",
"no_of_default_users": " encrypted,(REQUIRED)",
"sub_end_date": " encrypted,(REQUIRED)",
"sub_start_date": " encrypted,(REQUIRED)",
}
Response: {
Success : {
"message": "Licence Registered Successfully",
"response_code": "0",
"data": " " ,
}
Error:[
1. {'response_code': '1', 'message' : f'Unable to Create License <{error message}>', 'data': ""}
2. {'response_code': '1', 'message' : cannot be Null or an empty String', 'data': ""}
3. {'response_code': '1', 'message' : 'User Not Found', 'data': ""}
4. {'response_code': '1', 'message' : 'Licence Data matching User already exists', 'data': ''}
5. {'response_code': '1', 'message' : f'Error connecting to pyj4: {e}', 'data': ""}
6. {'response_code': '1', 'message' : 'Unable to decode Data...Make sure data is in Json Format, add
application/json in header and try again', 'data': ""}
]
}
Check Licence
URL: http://apilokdon.com/api/v1/lokdon/check_license/
Request: {
"email": "< encrypted email >, (REQUIRED)",
}
Response: {
Success :[
{
"message": "license is active",
"response_code": "0",
"data": "" ,
},
{
"message": "license has expired",
"response_code": "0",
"data": "" ,
}
]
Error:[
1. {'response_code': '1', 'message' : f'Unable to Create License <{error message}>', 'data': ""}
2. {'response_code': '1', 'message' : 'User Not Found', 'data': ""}
3. {'response_code': '1', 'message' : cannot be Null or an empty String', 'data': ""}
4. {'response_code': '1', 'message' : User matching User already exists', 'data': ''}
5. {'response_code': '1', 'message' : f'Error connecting to pyj4: {e}', 'data': ""}
6. {'response_code': '1', 'message' : 'Unable to decode Data...Make sure data is in Json Format, add
application/json in header and try again', 'data': ""}
]
}
Add Evault User
URL:http://apilokdon.com/api/v1/lokdon/add_evault_user/
Request: {
"first_name": "< encrypted data>,",
"initial": "< encrypted data>,",
"last_name": "< encrpted data>,",
"username": "< encrypted data>,",
"email": " encrypted data",
"passport": " encrypted data",
"contract_no": " encrypted data",
"fingerprint_id": " encrypted data",
"address": " encrypted data",
"state": " encrypted data",
"country": " encrypted data",
"zip_code": " encrypted data",
}
Response: {
Success : {
"message": "f'User Registered Successfully",
"response_code": "0",
"data": " ",
}
Error: [
1. {'response_code': '1', 'message' : f'Unable to Create License <{error message}>', 'data': ""}
2. {'response_code': '1', 'message' : 'User Matching Email Already Exists', 'data': ""}
3. {'response_code': '1', 'message' : cannot be Null or an empty String', 'data': ""}
4. {'response_code': '1', 'message' : 'Licence Data matching User already exists', 'data': ''}
5. {'response_code': '1', 'message' : 'Error connecting to pyj4: {e}', 'data': ""}
6. {'response_code': '1', 'message' : 'Invalid Data: {error}', 'data': ""}
7. {'response_code': '1', 'message' : 'Unable to decode Data...Make sure data is in Json Format, add
application/json in header and try again', 'data': ""}
]
}
Create Transaction
URL: http://apilokdon.com/api/v1/lokdon/create_transaction/
Request: {
"email": "encrypted email, (REQUIRED),",
"apikey": "encrypted apikey, (REQUIRED),",
"transaction_reference": "encrypted transaction number, (REQUIRED)",
"transaction_type": "plain, (Required, expected values: DEPOSIT, WITHDRAWAL)",
"amount": " encrypted amount in original currency,(Required)",
"currency": " encrypted currency, (Required)",
"funding_method": " encrypted funding method,(OPTIONAL)",
"payment_gateway": "encrypted payment gateway,(REQUIRED)",
"datetime": "encrypted(auto generated
timestamp)",
}
Response: {
Success : {
"message": "Licence Registered Successfully",
"response_code": "0",
"data": " " ,
}
Error: [
1. {'response_code': '1', 'message' : f'Unable to Create License <{error message}>', 'data': ""}
2. {'response_code': '1', 'message' : 'User Not Found', 'data': ""}
3. {'response_code': '1', 'message' : cannot be Null or an empty String', 'data': ""}
4. {'response_code': '1', 'message' : 'Licence Data matching User already exists', 'data': ''}
5. {'response_code': '1', 'message' : f'Error connecting to pyj4: {e}', 'data': ""}
6. {'response_code': '1', 'message' : 'Unable to decode Data...Make sure data is in Json Format, add
application/json in header and try again', 'data': ""}
]
}
Update Transaction
URL: http://apilokdon.com/api/v1/lokdon/update_transaction/
Request: {
"email": "encrypted email, REQUIRED",
"transaction_reference": "encrypted txref, (REQUIRED)",
"status": "transaction status in plain text, (REQUIRED)",
}
Response: {
Success : {
"message": "f'Transaction Updated Succesfully",
"response_code": "0",
"data": " ",
}
Error: [
1. {'response_code': '1', 'message' : f'Unable to Create License <{error message}>', 'data': ""}
2. {'response_code': '1', 'message' : 'Transaction Not Found', 'data': ""}
3. {'response_code': '1', 'message' : f'No Transaction Found', 'data': ""}
4. {'response_code': '1', 'message' : f'Error Occurred {e}', 'data': ""}
5. {'response_code': '1', 'message' : cannot be Null or an empty String', 'data': ""}
6. {'response_code': '1', 'message' : User matching Email Not Found, 'data': ''}
7. {'response_code': '1', 'message' : f'Error connecting to pyj4: {e}', 'data': ""}
8. {'response_code': '1', 'message' : 'Unable to decode Data...Make sure data is in Json Format, add
application/json in header and try again', 'data': ""}
]
}