BrandKwikID Documentation
API SuitePAN & ITR

Get ITR Data

Fetch the latest ITR filing data for a PAN after the income tax portal session is active. Server-side POST with Bearer and ITR AccessToken header.

API reference

Try itLoading playground…
Loading…

Authorization

AuthorizationBearer <token>

JWT Bearer token authentication. Obtain a token from the KwikID dashboard.

In: header

Header Parameters

AccessTokenstring

ITR session token from the income tax portal flow after the user completes OTP and login steps your integration drives.

Formatstring

Request Body

pan?string

Pan number

Formatstring
otp?string

ITR aadhaar OTP

Formatstring

Response Body

curl -X POST "https://__mock__/verification/v2/itr/get_data" \  -H "AccessToken: string" \  -H "Content-Type: application/json" \  -d '{}'
{
  "itr_data": {}
}
{
  "detail": {},
  "message": "string"
}
{
  "detail": {},
  "message": "string"
}
{
  "error": "string"
}

Overview

Call POST /verification/v2/itr/get_data from your backend after the user has completed the Get OTP step and your integration holds a valid ITR session token. You send:

  1. Authorization: Bearer <token> for the Verification API.
  2. AccessToken header with the ITR portal session token for this user (not the DigiLocker token).
  3. JSON body with pan and otp when your flow requires them, as described in OpenAPI.

On 200 OK, the body includes itr_data (object). Treat the payload as sensitive tax information and store it under your compliance controls.

Key features

  • Latest filing snapshot: Returns current ITR data available for the session.
  • Server-side only: Keep the Bearer token and AccessToken off public clients.
  • Pairs with OTP flow: Use after Get OTP succeeds for the same PAN.

Implementation

Prerequisites

  1. Valid Verification API Bearer token.
  2. Active ITR AccessToken from the portal flow driven by Get OTP.

Step 1: Call from your backend

HeaderRequiredPurpose
AuthorizationYesBearer <token>.
AccessTokenYesITR portal session token for this user.
POST /verification/v2/itr/get_data HTTP/1.1
Host: <verification-api-base-url>
Authorization: Bearer <token>
AccessToken: <itr-session-token>
Content-Type: application/json

{
  "pan": "ABCDE1234F",
  "otp": "<otp-if-required>"
}

Step 2: Use the response

Read itr_data and map fields into your product. Do not log full JSON in plain text.

Step 3: End the session when done

Call Logout ITR session when the user is finished so the portal session is cleared.

Error handling

HTTP statusWhen
400Validation error. See OpenAPI ValidationError.
401Missing or invalid Bearer token. See AuthenticationError.
500Server error. Retry with backoff; contact KwikID if persistent.

Security notes

  • Never send the Verification API Bearer token from a browser or untrusted app.
  • Treat AccessToken and itr_data as highly sensitive.

Benefits

  • Automates ITR retrieval for onboarding or underwriting after user consent.
  • Clear pairing with the OTP and logout endpoints for a full session lifecycle.

Next steps

PAN Aadhaar Link Status POST

Check whether a PAN is linked to an Aadhaar for the pair you submit. Server-side POST with Bearer auth and consent.

Get ITR Data for Assessment Year POST

Fetch ITR filing data for a specific assessment year. Server-side POST with Bearer auth; supply PAN and year in the JSON body.