UIN or VID not available in database for Authentication
Problem
After MOSIP deployment, we were able to create a packet and generate an UIN. But when we try to perform authentication we getting an error stating that UIN or VID not available for authentication.
Probable reasons due to which this issue might arise,
Online Verification Partner is not available (i.e. the IDA instance in partner database)
There is no data share policy for Online Verification Partner to send credentials via. data share URL
The policy is not configured properly for performing biometric extraction
The partner id is not mapped properly in the IDA instance
The policy id is not mapped properly in ID Repository
Websub is not working properly as we are not able to send or receive events
Data Share URL is not accessible by IDA as there are some issue encrypting and decrypting the data as keys are not properly set between the instances.
Solution
Steps to make sure these issues doesn’t arise,
Salt generator for ID Repo should be run.
The
mpartner-default-auth
partner to be inserted in partner management as Online_verification_Partner.The
mpolicy-default-auth
policy to be inserted for the above partner as DataShare policy.In the configurations for the ID Repository and IDA instance, the Partner ID and Policy ID need to be set properly.
ida-auth-partner-id=mpartner-default-auth
in id-authentication-mz.propertiescredentialType.policyid.AUTH=mpolicy-default-auth
in id-repository-mz.properties
The extractors mentioned in the policy should be available and mapped to the policy & partner.
Data Share should be running.
Credential Issuance should be running and credential request should be created when a record gets created or updated in ID Repository.
Key generation jobs should have run for Kernel Key Manager and IDA.
Certificate should be uploaded for IDA:PUBLIC_KEY in Kernel Key Manager (Upload other domain certificate API), by getting IDA:CRED_SERVICE key from IDA Internal Key Manager Service.
Certificate should be uploaded for IDA:mpartner-default-auth using the Upload Partner Certificate API (in Partner Management), by getting IDA:mpartner-default-auth key from IDA Internal Key Manager Service. The respective parent ROOT & IDA certificates should be inserted before uploading the above partner certificate, by getting the certificate from IDA Internal Key Manager Service (use Upload CA Certificate API in Partner Management).
Websub service is running.
Once the above listed items are verified credential request should have created in the credential tables and the records should get populated in IDA database.