mahi/Goa-gel-fullstack
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
435889ee798a32877f23854a9a2d6148d3c48cb8
Goa-gel-fullstack/Documentation/developers/authentication.md
Mahi 435889ee79 docs: Rebuild documentation as enterprise-grade TLAS platform 
- Migrate from custom HTTP server to VitePress framework
- Rename project to Tokenized License Approval System (TLAS)
- Add comprehensive documentation for all stakeholders:
  - Business: Executive summary, value proposition, governance
  - Operations: Infrastructure, installation, monitoring, backup
  - Departments: User guide, workflows, verification, issuance
  - Developers: API reference, authentication, webhooks, SDKs
  - Compliance: OWASP, DPDP Act, IT Act, audit framework
- Add modern theme with dark mode and full-text search
- Update Dockerfile for VitePress build process

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-10 00:05:20 -04:00

82 lines
1.7 KiB
Markdown
Raw Blame History

# Authentication
## Overview
TLAS uses OAuth 2.0 with JWT tokens for API authentication.
## Obtaining Credentials
Contact your administrator to receive:
- Client ID
- Client Secret
- Authorized scopes
## Token Request
```http
POST /auth/token HTTP/1.1
Host: api.tlas.gov.in
Content-Type: application/x-www-form-urlencoded
grant_type=client_credentials&
client_id=YOUR_CLIENT_ID&
client_secret=YOUR_CLIENT_SECRET&
scope=applications:read applications:write
```
### Response
```json
{
"access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...",
"token_type": "Bearer",
"expires_in": 3600,
"scope": "applications:read applications:write"
}
```
## Using the Token
Include token in Authorization header:
```http
GET /applications/APP-2026-00001 HTTP/1.1
Host: api.tlas.gov.in
Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...
```
## Token Refresh
Tokens expire after 1 hour. Request new token before expiry.
## Available Scopes
| Scope | Access |
|-------|--------|
| `applications:read` | View applications |
| `applications:write` | Submit and update applications |
| `documents:read` | View documents |
| `documents:write` | Upload documents |
| `verification:read` | Verify certificates |
## DigiLocker OAuth
For citizen authentication via DigiLocker:
```http
GET /auth/digilocker/authorize?
redirect_uri=https://yourapp.com/callback&
state=random_state_value
```
User is redirected to DigiLocker. After consent, user returns with authorization code.
## Error Codes
| Code | Description |
|------|-------------|
| `invalid_client` | Unknown client ID |
| `invalid_grant` | Invalid credentials |
| `invalid_scope` | Requested scope not authorized |
| `expired_token` | Token has expired |
Reference in New Issue View Git Blame Copy Permalink