Udyam OTP Async

Overview

The Udyam OTP Async category provides a complete, asynchronous OTP-based verification flow for validating Udyam MSME registrations. Designed for businesses that need to confirm the legitimacy of MSME entities as part of KYC, onboarding, or compliance workflows, this category enables secure, consent-driven verification against India's official Udyam registration database — without blocking your application while the process completes.

By leveraging asynchronous processing with webhook and polling support, the Udyam OTP Async APIs allow you to initiate OTP dispatch, track delivery, submit the user-entered code, and retrieve the final verified Udyam registration data through a clean, four-step flow. The result is a fully verified MSME profile — including enterprise details, financial data, employment figures, bank information, and an official registration certificate — delivered programmatically on successful verification.

Category Details

Parent Category: Corporate
Child Categories: Udyam OTP Async
APIs in this category: Send OTP, Send OTP Status, Submit OTP, Submit OTP Status

Key Capabilities

Main Functionality

The Udyam OTP Async APIs enable end-to-end, OTP-based verification of Udyam-registered MSME entities. The category covers the complete verification lifecycle — from initiating OTP dispatch to retrieving the final verified registration data — using an asynchronous architecture that supports both webhook callbacks and polling for maximum integration flexibility. On successful verification, the APIs return a comprehensive MSME data payload sourced directly from the Udyam registry, including enterprise classification, financial history, employment details, official address, NIC codes, bank details, and a time-limited certificate link.

Asynchronous OTP Dispatch & Delivery Tracking

Initiate OTP delivery to the MSME entity's registered mobile or email using the Send OTP API, then track delivery progress in real time via the Send OTP Status API. The status endpoint returns granular delivery states — pending, otp_sent, and failed — enabling your application to respond precisely at each stage and avoid prompting users before the OTP has been confirmed as delivered.

Secure OTP Submission & Verification

Submit the OTP entered by the user via the Submit OTP API, which links the code to the original session using the client_id without re-transmitting sensitive registration details. The API handles verification asynchronously, returning an immediate pending acknowledgement while the OTP is validated against the Udyam registry in the background.

Verified MSME Data Retrieval

Poll the Submit OTP Status API to retrieve the final verification outcome and — on completed status — the full Udyam registration dataset. This includes enterprise type, major activity, owner identity, PAN, financial year-wise investment and turnover data, employment breakdown, official and unit addresses, NIC classification codes, portal interest flags, and a pre-signed certificate URL. Seven distinct status values (not_started, pending, completed, failed, update_required, otp_expired, invalid_otp) provide granular control over every possible outcome, enabling tailored application logic and user-facing messaging for each scenario.

Common Use Cases

Fintech & Lending

Government & Compliance

B2B Marketplaces

Verify MSME borrower identities during loan onboarding by confirming Udyam registration via OTP-based consent, then use the returned investment and turnover data to support automated credit underwriting decisions.

Integrate the full async OTP flow into digital lending pipelines to ensure only verified, Udyam-registered businesses can access MSME-specific loan products without manual document collection.

Integration Considerations

Best Practices

Always confirm OTP delivery before prompting users: Use the Send OTP Status API to verify otp_sent before displaying the OTP input field in your UI. Prompting users before delivery is confirmed leads to failed submission attempts and poor user experience.

Handle all seven Submit OTP Status values explicitly: Each of the seven data.status values (not_started, pending, completed, failed, update_required, otp_expired, invalid_otp) requires a distinct application response. Map each to a specific user-facing message and next action rather than treating non-completed responses as a single generic failure state.

Use webhooks where possible, polling as a fallback: Configure a webhook_url in the Send OTP request to receive asynchronous status updates without polling. Reserve the Send OTP Status and Submit OTP Status polling endpoints for environments where inbound webhooks are unavailable, and implement exponential backoff with a polling cap to avoid overloading the API.

Archive the certificate_link immediately on completed: The pre-signed certificate URL is time-limited. Fetch and store the certificate document in your own secure storage as soon as a completed status is received. Do not persist the URL itself for future use.

Route all API calls server-side: All four APIs require a JWT Bearer token and handle sensitive data including PAN, bank account numbers, and OTP codes. Never expose the token or make these calls from client-side code.

Important Limitations

OTP expiry: OTPs are time-limited. If the user does not submit the OTP within the valid window, the Submit OTP Status endpoint will return otp_expired. Always implement a resend flow and communicate the time constraint clearly in your UI.

update_required cannot be resolved by your application: When this status is returned, the MSME entity must update their registration information directly on the official Udyam portal (udyam.gov.in). Your application cannot modify or bypass this requirement — guide users to complete the update before retrying.

Registration data is only returned on completed: All Udyam registration fields in the Submit OTP Status response are only populated when data.status is completed. Do not attempt to read enterprise, financial, or address fields for any other status value.

client_id is session-scoped: Each client_id is tied to a single OTP verification session. Do not reuse a client_id across multiple verification attempts; initiate a new Send OTP request for each fresh verification.

Environment token separation: Sandbox and production environments use separate JWT tokens. Always verify you are using the correct token for the target base URL before making API calls.

How APIs in this Category Work Together

The four APIs in the Udyam OTP Async category form a strict sequential flow where each step depends on the output of the previous one. The client_id returned by Send OTP is the shared session identifier that links all subsequent calls — Send OTP Status, Submit OTP, and Submit OTP Status — into a single coherent verification transaction.

Key Integration Patterns:

Send OTP + Send OTP Status: Initiate OTP dispatch and confirm delivery before surfacing the OTP input field to the user. Polling Send OTP Status ensures your UI transitions to the entry screen only after otp_sent is confirmed, preventing premature submission attempts.

Submit OTP + Submit OTP Status: Submit the user-entered OTP and poll for the verification result. Since Submit OTP always returns pending, Submit OTP Status is the definitive source of truth for the verification outcome — including the full Udyam registration data on completed.

Send OTP + Submit OTP Status (via webhook): Configure a webhook_url in the Send OTP request to receive both OTP delivery and final verification status callbacks passively, eliminating the need for active polling of both status endpoints in webhook-capable environments.

A complete end-to-end workflow proceeds as follows: call Send OTP with the Udyam registration number and mobile or email, then poll Send OTP Status until otp_sent is returned. Present the OTP input to the user, then call Submit OTP with the entered code and client_id. Finally, poll Submit OTP Status — handling all seven possible outcomes — and on completed, extract the full Udyam registration data and archive the certificate. This four-API chain provides a fully automated, consent-driven MSME verification pipeline with no manual steps required.

The Udyam OTP Async category sits within the broader Corporate parent category, which groups APIs designed for business entity verification, compliance, and organizational data enrichment. Other categories in this group complement Udyam OTP Async by addressing adjacent verification needs — such as GST compliance, company registration checks, and director identity validation — that are commonly required alongside MSME verification in KYC and onboarding workflows.

Related Categories include:

Udyam (Non-OTP): Provides direct, non-consent-based Udyam registration verification for internal compliance checks and bulk MSME validation use cases where user-initiated OTP consent is not required.

GST Verification: Validates GSTIN registration and returns GST filing status and business details. Commonly used alongside Udyam OTP Async to build comprehensive MSME KYC flows that verify both Udyam registration and tax compliance in a single onboarding pipeline.

Company & Director Verification: Provides MCA-sourced verification of company registrations, directorships, and authorized signatories. Used in conjunction with Udyam OTP Async when verifying Private Limited or LLP MSME entities that require both Udyam and MCA-level identity confirmation.

Together, these related categories enable developers to build layered, multi-source MSME verification pipelines. A typical enterprise onboarding flow might combine Udyam OTP Async for consent-based MSME identity verification, GST Verification for tax compliance confirmation, and Company & Director Verification for legal entity validation — providing a comprehensive, regulatory-aligned view of a business entity from a single integrated API platform.

Overview#

Key Capabilities#

Common Use Cases#

Integration Considerations#

How APIs in this Category Work Together#

Related Categories#

Overview

Key Capabilities

Common Use Cases

Integration Considerations

How APIs in this Category Work Together

Related Categories