mahi/Goa-gel-fullstack
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
435889ee798a32877f23854a9a2d6148d3c48cb8
Goa-gel-fullstack/Documentation/developers/authentication.md
Mahi 435889ee79 docs: Rebuild documentation as enterprise-grade TLAS platform 
- Migrate from custom HTTP server to VitePress framework
- Rename project to Tokenized License Approval System (TLAS)
- Add comprehensive documentation for all stakeholders:
  - Business: Executive summary, value proposition, governance
  - Operations: Infrastructure, installation, monitoring, backup
  - Departments: User guide, workflows, verification, issuance
  - Developers: API reference, authentication, webhooks, SDKs
  - Compliance: OWASP, DPDP Act, IT Act, audit framework
- Add modern theme with dark mode and full-text search
- Update Dockerfile for VitePress build process

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-10 00:05:20 -04:00

1.7 KiB
Raw Blame History

Authentication

Overview

TLAS uses OAuth 2.0 with JWT tokens for API authentication.

Obtaining Credentials

Contact your administrator to receive:

  • Client ID
  • Client Secret
  • Authorized scopes

Token Request

POST /auth/token HTTP/1.1
Host: api.tlas.gov.in
Content-Type: application/x-www-form-urlencoded

grant_type=client_credentials&
client_id=YOUR_CLIENT_ID&
client_secret=YOUR_CLIENT_SECRET&
scope=applications:read applications:write

Response

{
  "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...",
  "token_type": "Bearer",
  "expires_in": 3600,
  "scope": "applications:read applications:write"
}

Using the Token

Include token in Authorization header:

GET /applications/APP-2026-00001 HTTP/1.1
Host: api.tlas.gov.in
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...

Token Refresh

Tokens expire after 1 hour. Request new token before expiry.

Available Scopes

Scope Access
applications:read View applications
applications:write Submit and update applications
documents:read View documents
documents:write Upload documents
verification:read Verify certificates

DigiLocker OAuth

For citizen authentication via DigiLocker:

GET /auth/digilocker/authorize?
  redirect_uri=https://yourapp.com/callback&
  state=random_state_value

User is redirected to DigiLocker. After consent, user returns with authorization code.

Error Codes

Code Description
invalid_client Unknown client ID
invalid_grant Invalid credentials
invalid_scope Requested scope not authorized
expired_token Token has expired
Reference in New Issue View Git Blame Copy Permalink