> ## Documentation Index > Fetch the complete documentation index at: https://www.cashfree.com/docs/llms.txt > Use this file to discover all available pages before exploring further. # Initiate OAuth > Use this API to initiate the OAuth process by passing the necessary credentials to obtain the session details, which will be used to initiate the SDK. **Notes**: * The session ID generated by this API is valid for 1 hour. * Get the X Client ID and X Client Secret from the [Merchant Dashboard](https://merchant.cashfree.com/verificationsuite/1-click-onboarding) when you create the app under the 1-Click section. ## OpenAPI ````yaml post /oauth2/session openapi: 3.0.0 info: license: name: Apache 2.0 url: https://www.apache.org/licenses/LICENSE-2.0.html contact: email: developers@cashfree.com name: API Support url: https://discord.com/invite/QdZkNSxXsB title: Cashfree Verification API's. version: '2023-12-18' description: >- Cashfree's Verification APIs provide different types of verification to our merchants. servers: - description: Sandbox Server url: https://sandbox.cashfree.com/verification - description: Production Server url: https://api.cashfree.com/verification security: [] tags: - name: Aadhaar description: Operations related to Aadhaar verification. - name: BAV V2 description: Operations related to Bank account verification v2. - name: PAN description: Operations related to PAN verification. - name: Digilocker description: Operations related to Digilocker verification. - name: E-sign description: Operations related to E-sign verification. - name: Reverse Penny Drop description: Operations related to Reverse Penny Drop verification. - name: UPI Penny Drop description: Operations related to UPI Penny Drop verification. - name: Mobile Penny Drop description: Operations related to Mobile Penny Drop verification. - name: IP description: Operation related to IP verification. - name: UPI description: Operations related to UPI verification. - name: Passport description: Operation related to Passport verification. - name: CIN description: Operation related to CIN verification. - name: Name Match description: Operation related to Name Match verification. - name: PAN to GSTIN description: Operation related to PAN to GSTIN. - name: Face Match description: Operation related to Face Match verification. - name: Voter ID description: Operation related to Voter ID verification. - name: Reverse Geocoding description: Operation related to Reverse Geocoding. - name: Vehicle RC description: Operation related to Vehicle RC verification. - name: Driving License description: Operation related to Driving License verification. - name: GSTIN description: Operation related to GSTIN verification. - name: Account Aggregator description: Operations related to Account aggregator. - name: OTPLess description: Operations related to OTPLess Verification. - name: 1-Click description: Operations related to 1-Click. - name: Smart OCR description: Operations related to Smart OCR. - name: Geocoding description: Operations related to Geocoding. - name: Udyam description: Operation related to Udyam verification. - name: PAN to Udyam description: Operation related to PAN to Udyam. paths: /oauth2/session: post: tags: - 1-Click summary: Initiate OAuth description: >- Use this API to initiate the OAuth process by passing the necessary credentials to obtain the session details, which will be used to initiate the SDK. operationId: VrsUserVaultOauthInitiation parameters: - $ref: '#/components/parameters/global_x_api_version' requestBody: $ref: '#/components/requestBodies/InitiateOauthRequestBody' responses: '200': $ref: '#/components/responses/InitiateOauthResponse' '400': $ref: '#/components/responses/400InitiateOAuth' '401': $ref: '#/components/responses/Response401' '409': $ref: '#/components/responses/Response409DuplicateId' '422': $ref: '#/components/responses/Response422' '429': $ref: '#/components/responses/Response429' '500': $ref: '#/components/responses/Response500V2' security: - UVXClientID: [] UVXClientSecret: [] components: parameters: global_x_api_version: description: API version to be used. Format is in YYYY-MM-DD. name: x-api-version in: header required: true schema: type: string default: '2024-12-01' example: '2024-12-01' example: '2024-12-01' requestBodies: InitiateOauthRequestBody: description: Find the request parameters to initiate Oauth. required: true content: application/json: schema: $ref: '#/components/schemas/InitiateOauthRequestSchema' responses: InitiateOauthResponse: description: Initiate Oauth Response Body. content: application/json: schema: $ref: '#/components/schemas/InitiateOauthResponseSchema' examples: SUCCESS: value: reference_id: 3123123 verification_id: '123456' user: - identifier_type: MOBILE identifier_value: '9988123456' expiry: '2024-12-31T23:59:59Z' session_id: session_id_value 400InitiateOAuth: description: Validation Errors Initiate OAuth. content: application/json: schema: $ref: '#/components/schemas/ErrorResponseSchema' examples: Verification ID Missing: $ref: '#/components/examples/VerificationIdMissing' Verification ID With Special Chars: $ref: '#/components/examples/VerificationIdWithSpecialCharacter' Verification Id character limit exceeded: $ref: '#/components/examples/VerificationIDCharacterLimitExceeded' Identifier Type Missing: value: type: validation_error code: identifier_type_missing message: identifier_type is missing in the request. Identifier Value Missing: value: type: validation_error code: identifier_value_missing message: identifier_value is missing in the request. Invalid Identifier Type: value: type: validation_error code: identifier_type_value_invalid message: identifier_type should be valid. Invalid Identifier Value: value: type: validation_error code: identifier_value_value_invalid message: identifier_value should be valid. Client ID in Missing: value: type: validation_error code: x-client-id_missing message: x-client-id is missing in the request. Client Secret in Missing: value: type: validation_error code: x-client-secret_missing message: x-client-secret is missing in the request. Response401: description: Invalid client ID and client secret combination. content: application/json: schema: $ref: '#/components/schemas/ErrorResponseSchema' examples: Invalid client ID and client secret combination: value: type: authentication_error code: authentication_failed message: Invalid clientId and clientSecret combination Response409DuplicateId: description: Conflict error. content: application/json: schema: $ref: '#/components/schemas/ErrorResponseSchema' examples: Conflict Error: value: type: validation_error code: verification_id_already_exists message: verification ID already exists Response422: description: >- Validation error because of insufficient balance to process this request. content: application/json: schema: $ref: '#/components/schemas/ErrorResponseSchema' examples: Insufficient balance: value: type: validation_error code: insufficient_balance message: Insufficient balance to process this request Response429: description: Rate limit exceed error. content: application/json: schema: $ref: '#/components/schemas/ErrorResponseSchema' examples: Rate limit error per operation: value: type: rate_limit_error code: too_many_requests_per_operation message: Too many requests for this operation, rate limit reached Rate limit error per IP: value: type: rate_limit_error code: too_many_requests_per_ip message: Too many requests from the IP, rate limit reached Response500V2: description: Internal error. content: application/json: schema: $ref: '#/components/schemas/ErrorResponseSchema' examples: Internal Server Error: value: type: internal_error code: verification_failed message: something went wrong schemas: InitiateOauthRequestSchema: type: object required: - user - verification_id properties: user: type: object description: It displays the list of user identifiers. required: - identifier_type - identifier_value properties: identifier_type: type: string enum: - MOBILE description: |- The type of identifier used to recognize a user. Possible values are - `MOBILE`: Mobile number of the user. identifier_value: type: string description: >- The 10-digit mobile number of the user. No prefixes or country codes are required. example: '9988776655' default: '9988776655' verification_id: type: string description: >- It is the unique ID you create to identify the user session. The maximum character limit is 50. Alphanumeric, period (.), hyphen (-), and underscore ( _ ) are allowed. example: test_verification_id InitiateOauthResponseSchema: type: object properties: verification_id: type: string description: >- It displays the unique ID you created to identify the verification request. example: test_verification_id reference_id: type: integer description: >- It displays the unique ID created by Cashfree Payments for reference purposes. format: `int64` example: 123 expiry: type: string description: >- The expiration date and time of the session, in UTC format. Format `YYYY-MM-DDTHH:mm:ssZ`. example: '2024-12-31T23:59:59Z' session_id: type: string description: A unique identifier for the session associated with the request. example: session_id_value user: type: object description: It displays the list of user identifiers provided in the request. required: - identifier_type - identifier_value properties: identifier_type: type: string enum: - MOBILE description: |- The type of identifier used to recognize a user. Possible values are - `MOBILE`: Mobile number of the user. identifier_value: type: string description: >- The 10-digit mobile number of the user. No prefixes or country codes are required. example: '9988776655' ErrorResponseSchema: type: object properties: code: type: string example: x-client-id_missing error: type: object example: ref_id: 102 message: type: string example: x-client-id is missing in the request. description: It displays the outcome of the error. type: type: string example: validation_error description: It displays the type of error. examples: VerificationIdMissing: value: type: validation_error code: verification_id_missing message: verification_id is missing in the request. VerificationIdWithSpecialCharacter: value: type: validation_error code: verification_id_value_invalid message: >- verification_id can include only alphanum, dot, hyphen and underscores. VerificationIDCharacterLimitExceeded: value: type: validation_error code: verification_id_length_exceeded message: verification_id can include a maximum of 50 characters. securitySchemes: UVXClientID: type: apiKey in: header name: x-client-id description: >- Your unique client identifier issued by Cashfree. You can find this in your [Merchant Dashboard](https://merchant.cashfree.com/verificationsuite/1-click-onboarding). UVXClientSecret: type: apiKey in: header name: x-client-secret description: >- The secret key associated with your client ID. Use this to authenticate your API requests. You can find this in your [Merchant Dashboard](https://merchant.cashfree.com/verificationsuite/1-click-onboarding). ````