ITR API Specification Doc

(Confidential)
(ITRAPI:NoGUI)

Version Date Author Description

1.0 29-Oct-2019 Justin(digiverifier.com) Initialdraft
2.0 04-08-2021 Sri ram eswar Version2-ITR
with no captcha

Disclaimer: The information contained in document may contain confidential or privileged information. If you are not the intended
recipient,anydissemination,use,review,distribution,printingorcopyingoftheinformationcontainedinthise-mailmessageand/orattachmentstoitare strictly
prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately andpermanently delete the
messageand any attachments.Thankyou
 Contents
1. Obtaintransactionidofuser

1.1) Generate(POST)accesstoken

1.2) Generate(POST)transactionid

2. POSTlogininfo/credentials

3. GETreport

Disclaimer: The information contained in document may contain confidential or privileged information. If you are not the intended
recipient,anydissemination,use,review,distribution,printingorcopyingoftheinformationcontainedinthise-mailmessageand/orattachmentstoitare strictly
prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately andpermanently delete the
messageand any attachments.Thankyou
 Methods
1. Obtain transaction id of user

1.1) Generate accesstoken

With provided“client_id”and“client_secret”,make a post request to generate “access_token”.

Request
Method https://api-oauth2.digiverifier.com/itr/generate-post/
POST

Type Params Values

POST client_idclie string
POST nt_secret string

Curlcode(Linuxcommandline):
curl-XPOST"https://api-oauth2.digiverifier.com/itr/generate-post/"\
-H"Content-Type:application/json"\
-d '{"client_id": "be436b05-8358-4917-b34d-
3880aadd1b9a","client_secret":"tvJSDzyodgyDcfbI7sQ76kE2K"}'

Disclaimer: The information contained in document may contain confidential or privileged information. If you are not the intended
recipient,anydissemination,use,review,distribution,printingorcopyingoftheinformationcontainedinthise-mailmessageand/orattachmentstoitare strictly
prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately andpermanently delete the
messageand any attachments.Thankyou
Below is the response that generates the accesstoken.

SamplePythoncode(Generateaccesstoken):
importrequests
response=requests.post("thttps://api-oauth2.digiverifier.com/itr/generate-post/",json={'client_id:'af5cc093-26d6
'client_secret':’31VegAwOG2iLr1wBeR72mTEvn'})
print(response.json())

>>>{'message':{'access_token':'c343b46e-94c1-41d5-a4fd-154b16efba21',
'client_id': 'be436b05-8358-4917-b34d-
3880aadd1b9a','expires_in': 900,
'created_time':
1562754835},'code': 'success',
'success':True}

Success  Code   message 

true  Sucess  { 
'access_token': access_token ,
‘'client_id': client_id, 'expires_in':
SECONDS, 
'created_time': TIME 
} 
false  Internal_error  Client id is not correct 
false  Internal_error  Client id is not reqistered 
false  Internal_error   
client id and client secret is not
provided 
 

Disclaimer: The information contained in document may contain confidential or privileged information. If you are not the intended
recipient,anydissemination,use,review,distribution,printingorcopyingoftheinformationcontainedinthise-mailmessageand/orattachmentstoitare strictly
prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately andpermanently delete the
messageand any attachments.Thankyou
 1.2) Generate transaction id
We now use the generated“access_token”in the previou step as “Authorization”header.
Other than this header, there is no other post parameter. Make a get request to generate thetransactionid.

Request
Method https://api-oauth2.digiverifier.com/itr/transaction-get/
GET

Type Header Values

POST c343b46e-94c1-41d5-a4fd-154b16efba21 string

Status Response
200 {
'message':
string,‘success’:
Boolean,‘code’:stri
ng
}

Curlcode(Linuxcommandline):

curl-XGET"https://api-oauth2.digiverifier.com/itr/transaction-get/"\
-H" Bearer :c343b46e-94c1-41d5-a4fd-154b16efba21"

Disclaimer: The information contained in document may contain confidential or privileged information. If you are not the intended
recipient,anydissemination,use,review,distribution,printingorcopyingoftheinformationcontainedinthise-mailmessageand/orattachmentstoitare strictly
prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately andpermanently delete the
messageand any attachments.Thankyou
SamplePythoncode(Generatetransactionid):
response=requests.get("https://api-oauth2.digiverifier.com/itr/transaction-get/",headers={'bearer':c343b46e-94c1

print(response.json())

>>>{

'message':'ITR7811700726184311586316488845698508838',
‘success’:
true,‘code’:‘succ
ess’
}

Response

successcode message

truesuccess transactionid

falseinvalid_token tokenisinvalidfortheclient

falseexpired_token tokengetsexpired

Disclaimer: The information contained in document may contain confidential or privileged information. If you are not the intended
recipient,anydissemination,use,review,distribution,printingorcopyingoftheinformationcontainedinthise-mailmessageand/orattachmentstoitare strictly
prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately andpermanently delete the
messageand any attachments.Thankyou
 2. POSTlogininfo/credentials
Using credentials and login parameters from previous request,make a post request to trigger report fetch
a the AP Ibackend.

Method https://api-oauth2.digiverifier.com/itr/submit-post/?
txnid=<transactionid>
POST <transactionid>

Type Params Values

POST itr-user string
itr-pwd string

Curlcode(Linuxcommandline):Getreportinjsonformat

curl -X POST "https://api-oauth2.digiverifier.com/itr/submit-post/?txnid=ITR17413725984618017870066096764126689754

Disclaimer: The information contained in document may contain confidential or privileged information. If you are not the intended
recipient,anydissemination,use,review,distribution,printingorcopyingoftheinformationcontainedinthise-mailmessageand/orattachmentstoitare strictly
prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately andpermanently delete the
messageand any attachments.Thankyou
 SamplePythoncode(Trigger report fetch):
Response=requests.post("https://api-oauth2.digiverifier.com/itr/submit-post/?
txnid=<tnxid>",headers={'accept':'application/json',

'Bearer:c343b46e-94c1-41d5-a4fd-154b16efba21,'txnid':<tnxid>},

json={'itr-user':username,'itr-wd':username_pwd})
print(response.json())

3. GETreport
It takes around 60 seconds to complete report generation at the backend after previous step ofsubmitting
credentials. A simple get request along with access token and transactionid informationcan be used to obtain
the report. We can obtain the report in either ‘json’ or ‘xml’ format by usingtwopossibleURL’s.See python
sample code below toobtain the report.

By default,the transactionid and json report associated with it expires in 20 minutes.

Request
Method Get report in ‘json’ format:
http:/https://api-oauth2.digiverifier.com/itr/report-get/?
format=json&txnid=<txnid>

Or,to get the report in ‘xml’ format:

http://1http:/https://api-oauth2.digiverifier.com/itr/report-get/?
format=xml&txnid=<txnid>

GET

Curlcode(Linuxcommandline):Getreportinjsonformat
curl -X GET "https://api-oauth2.digiverifier.com/itr/report-get/?format=json&txnid=ITR7811700726184311586316488845
-H"Content-Type:application/json"-H"Bearer: 61328750-ec99-485a-a58f-
85b72a46082a"

SamplePythoncode:Getreportinjsonformat
Disclaimer: The information contained in document may contain confidential or privileged information. If you are not the intended
response=requests.get('/itr/report-get/?txnid=<tnxid>&format=json',headers={'accept':'application/json',
recipient,anydissemination,use,review,distribution,printingorcopyingoftheinformationcontainedinthise-mailmessageand/orattachmentstoitare strictly
'Bearer':c343b46e-94c1-41d5-a4fd-154b16efba21)
prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately andpermanently delete the
messageand any attachments.Thankyou
Curlcode(Linuxcommandline):Getreportinxmlformat
curl -X GET "https://api-oauth2.digiverifier.com/itr/report-get/?format=xml&txnid=ITR78117007261843115863164888456
-H"Content-Type:application/json"-H"Authorization:Bearer 61328750-ec99-485a-a58f-
85b72a46082a"

SamplePythoncode:Getreportin xml format

response=requests.get('/itr/report-get/?txnid=<tnxid>&format=xml',headers={'accept':'application/json',
'Bearer':c343b46e-94c1-41d5-a4fd-154b16efba21)

Disclaimer: The information contained in document may contain confidential or privileged information. If you are not the intended
recipient,anydissemination,use,review,distribution,printingorcopyingoftheinformationcontainedinthise-mailmessageand/orattachmentstoitare strictly
prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately andpermanently delete the
messageand any attachments.Thankyou
Response
successcode message

truesuccess

{
"Form26ASInfo":{

"PersonalDetails":[
{“$”:
{
"address":"",
"dob":"",
"email":"",
"gender":"",
"mobile":"",
"name":"",
"pan":"",
"panStatus":""
}
}
],

"TDSDetails":[

Disclaimer: The information contained in document may contain confidential or privileged information. If you are not the intended
recipient,anydissemination,use,review,distribution,printingorcopyingoftheinformationcontainedinthise-mailmessageand/orattachmentstoitare strictly
prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately andpermanently delete the
messageand any attachments.Thankyou
 {

"$": {
"ay":"",
"fy":""
},

"TDSs":[
{
"TDS":[
{
"$":{
"amount":"",
"date":"",
"deductor":"",
"section":"",
"tan":"",
"tds":""
}
},
]

}
]

}
]
}
}

true success_empty
{"Form26ASInfo":
(Empty report but Personal details l
{"TDSDetails":[{}],
obtained)
"PersonalDetails":[{“$”:
{"name":"Mr.ABC",
"address":"HOUSENO.1,STREEC,
KARNATAKA,5600XX","dob":"01/01/1990",
"email":"[email protected]","mobile":
"8000000000","gender":"Female","pan":
"AZXXX4444J","panStatus":"Active",
"proxy_ip":"13.XXX.XXX.XX"}
}
]
}
}',

Disclaimer: The information contained in document may contain confidential or privileged information. If you are not the intended
recipient,anydissemination,use,review,distribution,printingorcopyingoftheinformationcontainedinthise-mailmessageand/orattachmentstoitare strictly
prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately andpermanently delete the
messageand any attachments.Thankyou
false invalid_usr_pwd invalidusernameorpassword

false invalid_captcha invalidcaptcha"

false internal_error invalidtransactionid

false internal_error rediskeyerror

false internal_error keyerror

false internal_error serviceunavailable

false service_unavailable loginpageunavailable

false internal_error jsondecodeerror

false internal_error connectionerror

false session_expire sessionexpires

false internal_error checkboxnotvisible

false internal_error assesmentpagenotavailable

false internal_error profilesettingsnotavailable

false Internal_error othererrors

false internal_error requesttimeout

false internal_error proxyrequesttimeout

false internal_error transactionidexpires

false internal_error invalidtransactionid

Disclaimer: The information contained in document may contain confidential or privileged information. If you are not the intended
recipient,anydissemination,use,review,distribution,printingorcopyingoftheinformationcontainedinthise-mailmessageand/orattachmentstoitare strictly
prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately andpermanently delete the
messageand any attachments.Thankyou
 Glossary
Conventions
● Client-Clientapplication.
● Status-HTTPstatuscodeofresponse.
● AllresponseareinJSONformat.

StatusCodes
AllstatuscodesarestandardHTTPstatuscodes.ThebelowonesareusedinthisAPI.

2XX-Successofsomekind
4XX-Erroroccurredinclient’spart
5XX-Erroroccurredinserver’spart

Summary:
StatusCode Status Description
(inredirecturl)
200 success OK

201 success Form26ASsuccessfullyfetchedbutempty

401 invalid_usr_pwd Invalidusernameorpassword

402 invalid_captcha Invalidcaptcha

504 service_unavailable CannotfetchITRlogin page (Itmaybe down)

507 session_expires Sessionexpire(Tryagainafterfewminutes)

Disclaimer: The information contained in document may contain confidential or privileged information. If you are not the intended
recipient,anydissemination,use,review,distribution,printingorcopyingoftheinformationcontainedinthise-mailmessageand/orattachmentstoitare strictly
prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately andpermanently delete the
messageand any attachments.Thankyou