Documentation

cURL

curl --request POST \
  --url https://api.eka.care/abdm/v1/ecdh/encrypt \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "plain_text_data": "<string>",
  "receiver_nonce": "<string>",
  "receiver_public_key": "<string>",
  "sender_nonce": "<string>",
  "sender_private_key": "<string>",
  "sender_public_key": "<string>"
}
'

{
  "encrypted_data": "<string>",
  "key_to_share": "<string>"
}

Encryption

Encrypt Data

Encrypt data using ECDH key exchange.

This API encrypts plaintext health data using ECDH shared secret derivation. A shared secret is derived from the sender’s private key and the receiver’s public key. The IV and salt are computed from the XOR of sender and receiver nonces, and the data is encrypted using AES-256-GCM.

Algorithm details:

Key Agreement: ECDH on Curve25519 (Weierstrass form)
Key Derivation: HKDF-SHA256
Symmetric Encryption: AES-256-GCM
Nonce Handling: IV and salt are derived from XOR of sender and receiver nonces

The response includes the base64-encoded encrypted data and the public key material to share with the receiver.

For more details, refer to the ABDM Encryption and Decryption Guide.

POST

abdm

ecdh

encrypt

cURL

curl --request POST \
  --url https://api.eka.care/abdm/v1/ecdh/encrypt \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "plain_text_data": "<string>",
  "receiver_nonce": "<string>",
  "receiver_public_key": "<string>",
  "sender_nonce": "<string>",
  "sender_private_key": "<string>",
  "sender_public_key": "<string>"
}
'

{
  "encrypted_data": "<string>",
  "key_to_share": "<string>"
}

Authorizations

Authorization

string

header

required

The API requires a Bearer token (JWT) for authentication.

Body

application/json

plain_text_data

string

Plaintext data to encrypt

receiver_nonce

string

Nonce associated with the receiver's key pair

receiver_public_key

string

Base64-encoded public key of the receiver

sender_nonce

string

Nonce associated with the sender's key pair

sender_private_key

string

Base64-encoded private key of the sender

sender_public_key

string

Base64-encoded public key of the sender

Response

encrypted_data

string

Base64-encoded encrypted data

Public key material to share with the receiver

Generate ECDH Key Pair Decrypt Data

⌘I

Authorization

End-to-End Encryption

Connect

HealthAI

Medical Database

General Tools

Doctor Tool

ABDM Connect

Medical Knowledge-bases

Medical Records

User App

Encrypt Data

Authorizations

Body

Response