DigiLocker Integration

What is DigiLocker?

DigiLocker is a secure cloud-based platform for the issuance and verification of government documents. It is operated by the Ministry of Electronics and Information Technology (MeitY), Government of India. Over 250 crore documents issued by central and state government agencies are available via DigiLocker.

Documents in DigiLocker are legally valid under the IT Act 2000 and the DigiLocker Rules 2016. They carry a digital signature from the issuing authority, making them equivalent to physical originals for most purposes.

MeitY-approved integration

Teravu's DigiLocker integration uses the DigiLocker Partner API, which is granted by MeitY after a review of the intended use case, data handling practices, and compliance posture. We are an approved DigiLocker partner operating under the terms of the DigiLocker Partner Agreement.

The integration uses OAuth 2.0 — you authorise Teravu to read your DigiLocker vault using your DigiLocker credentials. Teravu never sees or stores your DigiLocker username or password.

Documents we can import

You choose which documents to import at the time of connection. Teravu only pulls documents you explicitly select.

Read-only ingestion

Teravu accesses DigiLocker in read-only mode. We:

• Pull documents you authorise into your Vault.
• Store a reference to the DigiLocker URI alongside the document so provenance is preserved.
• Never write to your DigiLocker (we cannot add, delete, or modify documents in your DigiLocker vault).
• Never share DigiLocker documents with third parties.
• Surface a verification badge on pulled documents indicating they are DigiLocker-sourced and verifiable.

Provenance and verification

Each document imported from DigiLocker carries:

• source: 'digilocker' — visible in Vault document metadata
• digilockerUri — the original document reference on DigiLocker's servers
• Issuing authority name and document ID (from the DigiLocker response)
• Verification badge in Vault UI indicating DigiLocker provenance

DigiLocker-sourced documents are read-only inside Teravu. You cannot edit them. This preserves the integrity of the original government-issued document.

Aadhaar — special handling

Aadhaar documents pulled from DigiLocker are masked copies only. The full 12-digit Aadhaar number is never stored by Teravu. The masked version (e.g., XXXX XXXX 1234) is stored alongside the DigiLocker reference for identity verification purposes.

Teravu does not use Aadhaar for authentication. Aadhaar is stored as an identity document in Vault only. Authentication uses Clerk (email/phone OTP) and, where applicable, Aadhaar eSign (handled separately via a CCA-authorised flow — see the Aadhaar eSign compliance page).

Revoking access

You can disconnect DigiLocker from Teravu at any time via /dashboard/platform/vault/digilocker. Disconnecting:

• Revokes the OAuth token (future pulls stop immediately).
• Does not delete documents already pulled into your Vault (these are now your copies).
• You can delete individual Vault documents separately if you wish.

Compliance references