PramaanDPDP Live
Log inGet Verified
Sandbox-first API

PRAMAAN technical docs

Use fixture data first, then move to production only after consent, logging, support, and DSR routes are reviewed.

Fixture data onlyNo real PIIIdempotencyConsent purposeProduction review
QuickstartUse fixture sandboxView changelog
3-call sandbox pattern
curl -X POST https://sandbox.pramaan.online/v1/verify \
  -H "Authorization: Bearer $PRAMAAN_SANDBOX_KEY" \
  -H "Idempotency-Key: demo-fixture-001" \
  -H "Content-Type: application/json" \
  -d '{
    "subject": {
      "name": "Sandbox Worker",
      "phone": "+910000000000"
    },
    "purpose": "household_help_verification_demo",
    "checks": ["identity", "address"],
    "fixture": "fixture_green_domestic_help"
  }'
Technical status

Current, planned, and roadmap are separated.

Production behavior is current only where the page clearly marks it current.

Current

Verifications

Create sandbox verification requests with a purpose string, consent context, and idempotency key.

Current

Consent

Model notice, data categories, channel, timestamp, language, retention, and withdrawal route.

Planned

Webhooks

Use signed event examples as integration guidance until production delivery behavior is confirmed.

Current

Badges

Verify sample badge payloads and explain expiry, revocation, and public-key handling.

Current

DSR

Route access, correction, erasure, grievance, nomination, and withdrawal requests.

Roadmap

Audit export

Procurement-grade export remains roadmap unless enabled for a specific enterprise account.

Keep sandbox keys and production API keys separate.

Sandbox keys are for fixture payloads only. Production keys are issued only after purpose, consent, logging, DSR, and support routes are reviewed.

Never paste real API keys, Aadhaar, PAN, OTPs, raw documents, or private keys into examples, screenshots, tickets, or chat.

Launch checklist

Production readiness before real data.

  • Purpose string approved
  • Consent copy reviewed
  • Callback URL configured
  • PII-safe logging
  • DSR route linked
  • Support escalation owner
  • Security contact
  • DPA path for enterprise

Build consent-first verification carefully.

Start in sandbox with fixture data, then move to production only after purpose, consent copy, logging, DSR, and support routes are reviewed.

Open sandboxRead API docs