Overview#
The CKYC (Central Know Your Customer) APIs provide secure access to India's centralized KYC registry maintained by CERSAI. Search, verify, and download customer KYC records - for both individuals and legal entities - through real-time API calls or high-volume bulk operations via SFTP.Parent Category: Root
Sub-categories: API Flow (Realtime), SFTP Flow (Bulk)
Sub-Categories#
API Flow (Realtime)
Real-time, single-record operations. Search for a customer by identity document, verify via OTP, and download their complete KYC profile. Supports both individuals and legal entities.APIs: CKYC Search, Generate OTP, Download, Download LegalSFTP Flow (Bulk)
High-volume batch operations via CERSAI's SFTP infrastructure. Upload new records, update existing ones, or download multiple records in a single request. Surepass handles file building, encryption, SFTP transfer, and response parsing.Sub-categories: Individual Entity, Legal EntityHow It Works#
API Flow (Realtime)#
Individual: Search ──▶ Generate OTP ──▶ Download
Legal Entity: Search ──▶ Download Legal
Search by PAN, Aadhaar, Voter ID, Driving License, Passport, NREGA, CKYC Number, or more
Individual downloads require OTP verification; legal entity downloads use date of incorporation or pincode
SFTP Flow (Bulk)#
Initialize ──▶ Poll Status
Submit multiple records per request, processed asynchronously
Surepass abstracts away file building, encryption, SFTP upload, and response parsing
Billed per record in the batch
Common Use Cases#
Customer onboarding with pre-verified KYC data
Loan processing with verified borrower profiles
High-value transaction identity verification
Corporate due diligence via legal entity KYC
Integration Considerations#
Best Practices
Register your FI code and private key before starting integration
Implement proper error handling - a failed search should not proceed to download
Implement customer consent mechanisms before accessing their CKYC information
Maintain audit logs of all searches and downloads for compliance
Only CERSAI-registered regulated entities can access these APIs
Your organization must have a valid FI code issued by CERSAI
API usage is subject to CERSAI's terms, conditions, and rate limits
Downloaded KYC data must be handled in compliance with data protection regulations (IT Act, PMLA, RBI guidelines)
