Login to PHR App
Functionality Overview
PHR App should allow the user to log in to the PHR application with any of the Auth methods.
It can also save the refresh token and extend the user session to reduce the number of times the user has to keep logging in.
A single PHR app can manage multiple user profiles by offering a sign in-sign out
More information: Every PHR Applicationi user needs to have an ABHA Address (also reffered to as PHR Address). The address looks like “username@hie-cm”. Currently ABDM manages 2 HIE-CMs. The Sandbox HIE-CM @sbx and the production HIE-CM @abdm. PHR Apps use APIs provided by the HIE-CM to create a new ABHA address for users. The user chosen ABHA address has to be alphanumeric. The only numeric address allowed is 14 digits and that must be a valid ABHA number.
To Use Login APIs (PHR id is required under request body), the user need to setup his/her own PHR id
Test Cases
S.No | Functionality | Test Case | Steps To Be Executed |
---|---|---|---|
1. | Mandatory Login with mobile number flow | Enter mobile number linked with ABHA address | |
2. | Mandatory Login with mobile number flow | Validate mobile number via mobile OTP | Check if an individual receives mobile OTP and able to login with mobile number |
3. | Mandatory Login with mobile number flow | Resend Mobile OTP after 60 seconds post clicking on “Resend OTP”. | |
4. | Mandatory Login with mobile number flow | Display ABHA addresses linked with entered validated mobile number. So that an individul can select an ABHA address in which one wishes to login. | |
5. | Mandatory Login with e-mail ID flow | Enter e-mail ID linked with ABHA address | |
6. | Mandatory Login with e-mail ID flow | Validate e-mail ID via e-mail OTP | Check if an individual receive email OTP and login with e-mail OTP |
7. | Mandatory Login with e-mail ID flow | Resend e-mail OTP after 60 seconds post clicking on “Resend OTP | Check if an individual receive email OTP after 60 seconds and login with e-mail OTP |
8. | Mandatory Login with e-mail ID flow | Display ABHA addresses linked with entered validated e-mail ID. So that an individul can select an ABHA address in which one wishes to login. | Check if all ABHA addresses linked with entered email ID are displayed and an individual is able to login in selected ABHA address |
9. | Mandatory Login with easy to remember ABHA address (name@abdm) flow | Enter easy to remember ABHA address - name@abdm | |
10. | Mandatory Login with easy to remember ABHA address (name@abdm) flow | Validate ABHA address via password / mobile OTP / e-mail OTP / aadhar OTP as per auth mode | Check if an individual is able to login with easy to remember ABHA address via password |
11. | Mandatory Login with easy to remember ABHA address (name@abdm) flow | Validate ABHA address via password / mobile OTP / e-mail OTP / aadhar OTP as per auth mode | Check if an individual is able to login with easy to remember ABHA address via mobile OTP / e-mail OTP / aadhar OTP as per auth mode |
12. | Mandatory Login with easy to remember ABHA address (name@abdm) flow | Resend aadhar OTP / mobile OTP / e-mail OTP after clicking on “Resend OTP | Check if an individual receive aadhar OTP / mobile OTP/e-mail OTP after 60 seconds and an individual is able to login post validation of ABHA address |
13. | Mandatory Login with default ABHA address (14-digit@abdm) flow | Enter default ABHA address such as 14-digit@abdm | |
14. | Mandatory Login with default ABHA address (14-digit@abdm) flow | Validate ABHA address via mobile OTP / aadhar OTP | Check if aadhar OTP / mobile OTP is received and post validation of ABHA number, an individual is able to successfully login |
15. | Mandatory Login with default ABHA address (14-digit@abdm) flow | Resend aadhar OTP / mobile OTP after clicking on “Resend OTP” | Check if an individual receive aadhar OTP / mobile OTP after 60 seconds and an individual is able to login post validation of ABHA address |
16. | Mandatory Login with ABHA number flow | Enter 14 digit ABHA number | |
17. | Mandatory Login with ABHA number flow | Validate ABHA number via aadhar OTP / mobile OTP | Check if aadhar OTP / mobile OTP is received and post validation of ABHA number, an individual is able to successfully login |
18. | Mandatory Login with ABHA number flow | Resend aadhar OTP / mobile OTP after clicking on “Resend OTP | Check if an individual receive aadhar OTP / mobile OTP after 60 seconds and an individual is able to login post validation of ABHA number |
19. | Mandatory Reset Password | Login with any mode - mobile number / email ID / default ABHA address / easy to remember ABHA address / ABHA number | Check if password can be updated by an individual post login with any mode |
20. | Mandatory Reset Password | Post successful login, click on reset password withing setting of the menu bar | |
21. | Mandatory Reset Password | Create password as per password policy. Password policy: 8 characters or longer, one A-Z, one a-z, one 0-9, atleast one symbol, no space and not more than 2 consecutive characters or keyboard keys. | Check if password is created as per password policy |
22. | Mandatory Reset Password | Confirm password | Check new password is created only after same password is confirmed again |
23. | Mandatory Reset Password | A message is displayed called “Your password is successfully changed” | Check if an individual new password is created by login with new password |
API Sequence Diagram
API Information Request Response
Utilities
For encrypting the mobileNumber/AadharNumber/otp refer the link
- To get public key for encrypting refer the link
For converting an image into Base64 string refer the link
Login Using ABHA Address
1. Initiate Login Transaction
BASE URLs: https://dev.abdm.gov.in/cm
2. Verify Login Transaction
BASE URLs: https://dev.abdm.gov.in/cm
Login Using Mobile Number/Email
3. Generate Mobile/Email OTP
Generate Mobile/Email OTP to start Login transaction
BASE URLs: https://dev.abdm.gov.in/cm
4. Verify Mobile/Email OTP
BASE URLs: https://dev.abdm.gov.in/cm
5. Get User Token
Get the User Token in the mobile/email login flow
BASE URLs: https://dev.abdm.gov.in/cm
Login Using ABHA Number
6. Search User by Health ID Number
BASE URLs: https://dev.abdm.gov.in/cm
7. Initiate Login Transaction Using HealthId Number
BASE URLs: https://dev.abdm.gov.in/cm
8. Verify Mobile OTP
BASE URLs: https://dev.abdm.gov.in/cm
9. Get the User Token
BASE URLs: https://dev.abdm.gov.in/cm