Udyog Aadhaar Verification - Initialize

Endpoint Overview

POST /api/v1/corporate/udyog-aadhaar/initialize

Description

The Udyog Aadhaar Verification Initialize API enables businesses to verify and retrieve detailed information about Micro, Small, and Medium Enterprises (MSMEs) registered under the Udyog Aadhaar scheme in India. This endpoint initiates an asynchronous verification process that validates the authenticity of a Udyog Aadhaar registration number and retrieves associated business details.

Udyog Aadhaar (now known as Udyam Registration) is a government-issued unique identification number for MSMEs in India. This API helps businesses verify the legitimacy of their partners, suppliers, or clients by confirming their MSME registration status. The endpoint supports optional certificate retrieval and webhook notifications for seamless integration into your workflow.

Key Benefits

Instant MSME Verification: Validate Udyog Aadhaar numbers in real-time to ensure business authenticity

Certificate Retrieval: Optionally obtain the official Udyog Aadhaar certificate for record-keeping and compliance

Asynchronous Processing: Non-blocking verification process that returns a client ID for tracking request status

Webhook Integration: Receive automated notifications when verification is complete, eliminating the need for polling

Use Cases

Financial Services

B2B Marketplaces

Corporate Procurement

Loan Processing: Banks and NBFCs can verify MSME credentials during loan applications to validate business authenticity and eligibility for MSME-specific schemes

Credit Assessment: Financial institutions can confirm registered business details as part of their credit underwriting process

Vendor Financing: Enable supply chain financing by verifying supplier MSME status for preferential terms

Technical Implementation

Authentication

All API requests require authentication using a JWT Bearer token. Authentication follows these steps:

Obtain API Credentials: Register with Surepass to receive your API key.

Generate JWT Token: Use your API key to generate a JWT token.

Include in Requests: Add the token to the Authorization header as Bearer TOKEN.

Different authentication tokens are used for sandbox and production environments:

Sandbox: https://sandbox.surepass.app

Production: https://kyc-api.surepass.app

Request Parameters

Request Headers

Header	Required	Description
Authorization	Yes	Bearer token for API authentication. Format: `Bearer YOUR_JWT_TOKEN`
Content-Type	Yes	Must be set to `application/json`

Request Body

Parameter	Type	Required	Description
id_number	string	Yes	The Udyog Aadhaar (Udyam) registration number to verify. Format: UDYAM-XX-##-#######, where XX is state code, ## is district code, and ####### is a unique identifier
get_certificate	boolean	No	Set to `true` to receive the Udyog Aadhaar certificate URL in the response. Default: `false`
webhook_url	string	No	Your callback URL where the verification results will be sent asynchronously. If not provided, you'll need to poll the status using the returned client_id

Example Request

{
    "id_number": "UDYAM-TN-03-0001234",
    "get_certificate": true,
    "webhook_url": "https://your-domain.com/webhook/udyog-aadhaar"
}

Process Response

Response Parameters

Parameter	Type	Description
data	object	Contains the verification request details
data.client_id	string	Unique identifier for this verification request. Use this to check status or retrieve results
data.status	string	Current status of the verification request. Initially returns "pending"
status_code	integer	HTTP status code of the response
success	boolean	Indicates whether the API request was successful
message	string	Human-readable message describing the result
message_code	string	Machine-readable code for the message

Example Successful Response

{
    "data": {
        "client_id": "udyog_aadhaar_GaopvJdtrbTbMgFVoFDK",
        "status": "pending"
    },
    "status_code": 200,
    "success": true,
    "message": "Success",
    "message_code": "success"
}

Possible Error Responses

Invalid Authentication

Invalid Request

Rate Limit Exceeded

{
    "status_code": 401,
    "success": false,
    "message": "Unauthorized access. Invalid or expired token",
    "message_code": "unauthorized"
}

This error occurs when the Bearer token is missing, invalid, or expired. Verify your JWT token and ensure it's correctly included in the Authorization header.

Integration Best Practices

Security Recommendations

Token Management: Store JWT tokens securely using environment variables or secure vault solutions. Never expose tokens in client-side code or version control

HTTPS Only: Always use HTTPS endpoints for both sandbox and production environments to ensure data encryption in transit

Webhook Validation: Implement signature verification for webhook callbacks to ensure requests originate from Surepass

Rate Limiting: Implement client-side rate limiting and exponential backoff to handle API limits gracefully

Error Handling: Never expose detailed error messages to end users; log them securely for debugging purposes

User Experience Guidelines

Progress Indicators: Display loading states while waiting for asynchronous verification to complete

Status Updates: If using webhooks, provide real-time notifications to users when verification is complete

Clear Error Messages: Translate technical error codes into user-friendly messages that guide users on corrective actions

Input Validation: Validate Udyog Aadhaar number format on the client side before submission to reduce failed requests

Timeout Handling: Set appropriate timeout values (recommended: 30-60 seconds for initial request) and provide fallback mechanisms

Code Samples

cURL

Python

Node.js

Related APIs

Udyog Aadhaar Verification - Retrieve Results: Use this endpoint with the client_id returned from the initialize endpoint to fetch the complete verification results including business details and certificate URL if requested.

Bulk Udyog Aadhaar Verification: Process multiple Udyog Aadhaar verifications in a single batch request for high-volume use cases.

GSTIN Verification API: Cross-verify business credentials by validating GST identification numbers alongside Udyog Aadhaar details.

Compliance and Legal Considerations

Data Privacy: Handle all retrieved business information in compliance with India's data protection regulations. Do not store or share sensitive business data without proper consent.

Purpose Limitation: Use this API only for legitimate business verification purposes. Unauthorized or fraudulent use may result in legal consequences.

Record Keeping: Maintain audit logs of all verification requests for compliance and dispute resolution purposes.

MSME Definition: Be aware that MSME classification criteria may change per government notifications. Verify current investment and turnover thresholds for accurate classification.

Certificate Validity: Udyog Aadhaar certificates do not expire, but businesses should periodically update their registration details. Always verify the most recent information.

Government Source: This API fetches data directly from government databases. Ensure your use case aligns with government policies on MSME data access.

Provide your bearer token in the

Authorization

header when making requests to protected resources.

Example:

Authorization: Bearer ********************

curl --location --request POST 'https://kyc-api.surepass.app/api/v1/corporate/udyog-aadhaar/initialize' \ --header 'Authorization: Bearer <token>' \ --header 'Content-Type: application/json' \ --data-raw '{ "id_number": "UDYAM-TN-03-0001234" }'

{ "data": { "client_id": "udyog_aadhaar_GaopvJdtrbTbMgFVoFDK", "status": "pending" }, "status_code": 200, "success": true, "message": "Success", "message_code": "success" }

Initialize

Udyog Aadhaar Verification - Initialize#

Description#

Use Cases#

Technical Implementation#

Request Headers#

Request Body#

Example Request#

Response Parameters#

Example Successful Response#

Possible Error Responses#

Integration Best Practices#

Code Samples#

Request

Responses